Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Keep getting pop ups and redirects in Google Chrome


  • Please log in to reply
7 replies to this topic

#1 MsLina

MsLina

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 08 July 2017 - 04:25 AM

Hello

 

I am running Windows 10 64-bit home and when I am using Google Chrome, randomly it opens web pages by itself and pop ups appear on the browser too. I have tried to find the solution by running these programs:

 

Adwcleaner

Malwarebytes Anti Malware

Roguekiller

HitmanPro

SuperAntispyware

Spybot Search and Destroy.

 

These programs found some PUPs and I removed them, but the problem persists with the redirects and pop ups in Google Chrome

 

Thanks in advance for any help you can give me



BC AdBot (Login to Remove)

 


#2 Hareen

Hareen

  • Members
  • 157 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hyderabad, India.
  • Local time:08:27 AM

Posted 08 July 2017 - 04:31 AM

Give this a try 

 

https://www.google.com/chrome/cleanup-tool/index.html

 

Running all those tools should have cleared the crap for you.

 

So do a reset of chrome.

 

Also don't run untrusted addons for chrome.

 

Let me know what all extensions you are using for chrome.


Edited by Hareen, 08 July 2017 - 04:37 AM.


#3 MsLina

MsLina
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 08 July 2017 - 05:03 AM

Give this a try 

 

https://www.google.com/chrome/cleanup-tool/index.html

 

Running all those tools should have cleared the crap for you.

 

So do a reset of chrome.

 

Also don't run untrusted addons for chrome.

 

Let me know what all extensions you are using for chrome.

 

 

Thanks for the response. I ran the tool and it found no programs, I continued and did a reset. Unfortunately the problem is still there.

 

The only extension I installed was uBlock Origin over a year ago. Chrome also has two other built in extensions: Google Docs and Google Docs Offline.

 

After doing the reset I went to ebay.com.au and got this popup. I had to separate it into three images.

http://i.imgur.com/j46ttFT.png

http://i.imgur.com/nElrbox.png

http://i.imgur.com/fpANEPH.png



#4 Hareen

Hareen

  • Members
  • 157 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hyderabad, India.
  • Local time:08:27 AM

Posted 08 July 2017 - 06:06 AM

Are you using any free proxies for internet.

 

Mind sharing your programs list screen shot.



#5 jwoods301

jwoods301

  • Members
  • 1,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:57 PM

Posted 08 July 2017 - 04:45 PM

Do the following malware checks and post the logs...

Download and run the portable version of Zemana Anti-Malware

https://www.zemana.com/en-US/Download

 

Download and run the Sophos Virus Removal Tool -

 

https://www.sophos.com/en-us/products/free-tools/virus-removal-tool.aspx

Download and run Junkware Removal Tool -

https://www.bleepingcomputer.com/download/junkware-removal-tool/

Create a System Restore point first.
 



#6 MsLina

MsLina
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 08 July 2017 - 10:37 PM

Hello,

 

This is the log from Zemana

 

Zemana AntiMalware 2.74.2.76 (Portable)

-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2017/7/9
Operating System       : Windows 10 64-bit
Processor              : 8X Intel® Core™ i7-4790K CPU @ 4.00GHz
BIOS Mode              : Legacy
CUID                   : 12C0D933A40D529B690580
Scan Type              : System Scan
Duration               : 1m 0s
Scanned Objects        : 121106
Detected Objects       : 0
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : Enabled
Detect All Extensions  : Disabled
Scan Documents         : Disabled
Domain Info            : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

No threats detected

 

Log from Sophos:

 

2017-07-08 23:47:57.836    Sophos Virus Removal Tool version 2.6.1
2017-07-08 23:47:57.836    Copyright © 2009-2017 Sophos Limited. All rights reserved.

2017-07-08 23:47:57.836    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-07-08 23:47:57.836    Windows version 6.2 SP 0.0  build 9200 SM=0x300 PT=0x1 WOW64
2017-07-08 23:47:57.837    Checking for updates...
2017-07-08 23:47:57.857    Update progress: proxy server not available
2017-07-08 23:48:02.969    Option all = no
2017-07-08 23:48:02.969    Option recurse = yes
2017-07-08 23:48:02.969    Option archive = no
2017-07-08 23:48:02.969    Option service = yes
2017-07-08 23:48:02.969    Option confirm = yes
2017-07-08 23:48:02.969    Option sxl = yes
2017-07-08 23:48:02.970    Option max-data-age = 35
2017-07-08 23:48:02.970    Option vdl-logging = yes
2017-07-08 23:48:02.972    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2017-07-08 23:48:02.972    Machine ID:    a9fbe1062dbe443dab8ba94bb18243bf
2017-07-08 23:48:02.972    Component SVRTcli.exe version 2.6.1
2017-07-08 23:48:02.972    Component control.dll version 2.6.1
2017-07-08 23:48:02.972    Component SVRTservice.exe version 2.6.1
2017-07-08 23:48:02.972    Component engine\osdp.dll version 1.44.1.2286
2017-07-08 23:48:02.972    Component engine\veex.dll version 3.68.6.2286
2017-07-08 23:48:02.972    Component engine\savi.dll version 9.0.7.2286
2017-07-08 23:48:02.973    Component rkdisk.dll version 1.5.31.1
2017-07-08 23:48:02.973    Version info:    Product version    2.6.1
2017-07-08 23:48:02.973    Version info:    Detection engine    3.68.6
2017-07-08 23:48:02.973    Version info:    Detection data    5.40
2017-07-08 23:48:02.973    Version info:    Build date    30/05/2017
2017-07-08 23:48:02.973    Version info:    Data files added    330
2017-07-08 23:48:02.973    Version info:    Last successful update    (not yet updated)
2017-07-08 23:48:41.047    Downloading updates...
2017-07-08 23:48:41.049    Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-07-08 23:48:41.049    Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-07-08 23:48:41.049    Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-07-08 23:48:41.049    Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-07-08 23:48:41.049    Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-07-08 23:48:41.049    Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-07-08 23:48:41.049    Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-07-08 23:48:41.049    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path=
2017-07-08 23:48:41.049    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path=
2017-07-08 23:48:41.049    Update progress: [I49502] sdds.data0910.xml: found supplement IDE542 LATEST path= baseVersion= [included from product IDE541 LATEST path=]
2017-07-08 23:48:41.049    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE542 LATEST path=
2017-07-08 23:48:41.049    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE542 LATEST path=
2017-07-08 23:48:41.049    Update progress: [I49502] sdds.data0910.xml: found supplement IDE543 LATEST path= baseVersion= [included from product IDE542 LATEST path=]
2017-07-08 23:48:41.049    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE543 LATEST path=
2017-07-08 23:48:41.049    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE543 LATEST path=
2017-07-08 23:48:41.049    Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-07-08 23:48:42.174    Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-07-08 23:48:42.174    Update progress: [I19463] Product download size 166581621 bytes
2017-07-08 23:48:44.645    Update progress: [I19463] Syncing product IDE541 LATEST path=
2017-07-08 23:48:44.645    Update progress: [I19463] Product download size 2265483 bytes
2017-07-08 23:48:45.495    Update progress: [I19463] Syncing product IDE542 LATEST path=
2017-07-08 23:48:45.495    Update progress: [I19463] Product download size 2018230 bytes
2017-07-08 23:48:45.651    Update progress: [I19463] Syncing product IDE543 LATEST path=
2017-07-08 23:48:45.651    Update progress: [I19463] Product download size 886360 bytes
2017-07-08 23:48:45.692    Installing updates...
2017-07-08 23:48:46.295    Error level 1
2017-07-08 23:48:47.470    Update successful
2017-07-08 23:48:52.660    Option all = no
2017-07-08 23:48:52.660    Option recurse = yes
2017-07-08 23:48:52.660    Option archive = no
2017-07-08 23:48:52.660    Option service = yes
2017-07-08 23:48:52.660    Option confirm = yes
2017-07-08 23:48:52.660    Option sxl = yes
2017-07-08 23:48:52.661    Option max-data-age = 35
2017-07-08 23:48:52.661    Option vdl-logging = yes
2017-07-08 23:48:52.662    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2017-07-08 23:48:52.663    Machine ID:    a9fbe1062dbe443dab8ba94bb18243bf
2017-07-08 23:48:52.663    Component SVRTcli.exe version 2.6.1
2017-07-08 23:48:52.663    Component control.dll version 2.6.1
2017-07-08 23:48:52.663    Component SVRTservice.exe version 2.6.1
2017-07-08 23:48:52.663    Component engine\osdp.dll version 1.44.1.2286
2017-07-08 23:48:52.663    Component engine\veex.dll version 3.68.6.2286
2017-07-08 23:48:52.663    Component engine\savi.dll version 9.0.7.2286
2017-07-08 23:48:52.663    Component rkdisk.dll version 1.5.31.1
2017-07-08 23:48:52.663    Version info:    Product version    2.6.1
2017-07-08 23:48:52.663    Version info:    Detection engine    3.68.6
2017-07-08 23:48:52.663    Version info:    Detection data    5.40
2017-07-08 23:48:52.663    Version info:    Build date    30/05/2017
2017-07-08 23:48:52.663    Version info:    Data files added    330
2017-07-08 23:48:52.664    Version info:    Last successful update    9/07/2017 7:48:47 AM

2017-07-08 23:58:55.716    Could not open C:\pagefile.sys
2017-07-09 00:24:39.180    Could not open C:\swapfile.sys
2017-07-09 00:24:39.261    Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.262    Could not open C:\System Volume Information\{5dac0c20-63a0-11e7-9f35-8c149d73fc7f}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.262    Could not open C:\System Volume Information\{5ffe6a10-6380-11e7-9f31-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.262    Could not open C:\System Volume Information\{66e1cc8c-636b-11e7-9f2f-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.262    Could not open C:\System Volume Information\{66e1ce29-636b-11e7-9f2f-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.262    Could not open C:\System Volume Information\{66e1ce3f-636b-11e7-9f2f-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.262    Could not open C:\System Volume Information\{66e1cfbc-636b-11e7-9f2f-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.262    Could not open C:\System Volume Information\{9cdbbd1f-6437-11e7-9f38-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.262    Could not open C:\System Volume Information\{a826b784-639c-11e7-9f32-83b09beeba0e}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.263    Could not open C:\System Volume Information\{ba09cfea-6433-11e7-9f37-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.263    Could not open C:\System Volume Information\{ba09d0c8-6433-11e7-9f37-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.263    Could not open C:\System Volume Information\{d1b968c1-5fb0-11e7-9f2b-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.263    Could not open C:\System Volume Information\{d1b9693b-5fb0-11e7-9f2b-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.263    Could not open C:\System Volume Information\{d1b96a31-5fb0-11e7-9f2b-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.263    Could not open C:\System Volume Information\{d1b96aab-5fb0-11e7-9f2b-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.264    Could not open C:\System Volume Information\{d1b96b76-5fb0-11e7-9f2b-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.264    Could not open C:\System Volume Information\{d1b96b8e-5fb0-11e7-9f2b-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.264    Could not open C:\System Volume Information\{d1b96ba1-5fb0-11e7-9f2b-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.264    Could not open C:\System Volume Information\{d1b96bcd-5fb0-11e7-9f2b-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.264    Could not open C:\System Volume Information\{d1b96c1c-5fb0-11e7-9f2b-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.264    Could not open C:\System Volume Information\{d1b96c8f-5fb0-11e7-9f2b-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:24:39.264    Could not open C:\System Volume Information\{d1b96cb1-5fb0-11e7-9f2b-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-07-09 00:42:52.866    Could not open C:\Windows\System32\config\BBI
2017-07-09 00:42:52.871    Could not open C:\Windows\System32\config\DRIVERS
2017-07-09 00:42:52.874    Could not open C:\Windows\System32\config\RegBack\DEFAULT
2017-07-09 00:42:52.875    Could not open C:\Windows\System32\config\RegBack\SAM
2017-07-09 00:42:52.875    Could not open C:\Windows\System32\config\RegBack\SECURITY
2017-07-09 00:42:52.876    Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2017-07-09 00:42:52.876    Could not open C:\Windows\System32\config\RegBack\SYSTEM
2017-07-09 01:34:12.673    Could not open C:\Windows\SysWOW64\mmf.sys
2017-07-09 02:17:59.157    Could not open LOGICAL:0003:00000000
2017-07-09 02:17:59.160    Could not open D:\

Log from JRT:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Home x64
Ran by MrGrainger (Administrator) on Sun 09/07/2017 at  7:30:43.35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 5

Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\MrGrainger\AppData\Roaming\3909 (Folder)
Successfully deleted: C:\Users\MrGrainger\AppData\Roaming\alawarentertainment (Folder)
Successfully deleted: C:\Users\MrGrainger\AppData\Roaming\Mozilla\Firefox\Profiles\19i3zv2l.default\user.js (File)
Successfully deleted: C:\Users\MrGrainger\AppData\Roaming\productdata (Folder)

Deleted the following from C:\Users\MrGrainger\AppData\Roaming\Mozilla\Firefox\Profiles\19i3zv2l.default\prefs.js
user_pref(keyword.URL, hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=AU&userid=335bbefc-ed5f-4587-9b26-f96bd6781f55&searchtype=ds&q=);



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 09/07/2017 at  7:31:52.39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

I am still having the issues with chrome, I just got redirected to a weird Russian website and closed Chrome immediately.



#7 jwoods301

jwoods301

  • Members
  • 1,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:57 PM

Posted 08 July 2017 - 10:41 PM

I would suggest downloading and installing a fresh copy of Chrome...

 

https://www.google.com/chrome/browser/desktop/index.html



#8 MsLina

MsLina
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 09 July 2017 - 06:40 PM

Did a fresh install of Chrome and now the problem seems to be fixed. Thank you everyone for your help






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users