Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Follow up with Launchpage.org removal.


  • Please log in to reply
5 replies to this topic

#1 uberdogmel

uberdogmel

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 10 August 2017 - 11:58 PM

Hi, I recently used the removal guide posted on this site to remove the above browser hijacker. It was pretty persistent and was resisting all other methods I had tried. The method found here seemed to do the trick though although it left me with a couple of questions.

 

The infection didn't take me to the launchpage.org page every time, occasionally it would take me to mysagagame.com or playinghome.com.

 

Was this all the same infection? Mozilla and Chrome both now seem unaffected by any browser hijack type activity, as well as Avast Safezone. Edge was always immune which is interesting.

 

Most interesting of all was that 2 different copies of the allegedly same utility downloaded from the aforementioned removal process, from the same download page, directed by this website, were flagged as Trojans by Hitman Pro, the final utility to be implemented in the removal process.

 

So I guess my question is; am I still infected? Was it just one infection to begin with? How can I tell?

 

All of the host of removal and detection tools that I now have at my disposal come up clean. Any ideas appreciated.

 

Thanks in advance. M

 

 



BC AdBot (Login to Remove)

 


#2 dbrisendine

dbrisendine

  • Malware Response Team
  • 507 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:BC, Canada
  • Local time:05:50 AM

Posted 11 August 2017 - 12:37 AM

Which two scanners were flagged by HitmanPro?  Does HItmanPro and Zemanna scans say your system is clean?


unite_blue_zpsba2e96f7.png
 
Please do not ask for Malware help via PM (Private Messages).  Please post in the forum boards instead.  Thanks.

My help is always free but if you would like to help encourage me or show your thanks -----> btn_donate_LG.gif


#3 uberdogmel

uberdogmel
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 12 August 2017 - 12:26 AM

They were listed as Rkill and iexplore.exe in the report at the end of the scan. I just tried to replicate it so I could get a screen grab and Avast wouldn't even allow me to download one of the options found at the link given in the removal guide citing it as malware. The guide states the following on why there's more than one Rkill for download:

 

"If you have problems running RKill, you can download the other renamed versions of RKill from the Rkill download page. All of the files are renamed copies of RKill, which you can try instead."

 

Why would renaming it matter? Why would having a different name on a program make a difference?

 

https://www.dropbox.com/s/dee7ct74zi0le52/Rkill%20Trojans.jpg?dl=0


Edited by uberdogmel, 12 August 2017 - 12:29 AM.


#4 dbrisendine

dbrisendine

  • Malware Response Team
  • 507 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:BC, Canada
  • Local time:05:50 AM

Posted 12 August 2017 - 12:52 AM

The renaming of some tools is because malware SOMETIMES blocks programs of certain names.

 

What AV scanner are you using now?


unite_blue_zpsba2e96f7.png
 
Please do not ask for Malware help via PM (Private Messages).  Please post in the forum boards instead.  Thanks.

My help is always free but if you would like to help encourage me or show your thanks -----> btn_donate_LG.gif


#5 uberdogmel

uberdogmel
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 12 August 2017 - 01:29 PM

Rescanned with Zemana and Hitman Pro, both come up clean except for cookies.

 

I`m using Avast, I run Ccleaner regularly, and Malwarebytes, but all of those missed launchpage, and as I said I can`t be 100% sure I`m clean although it seems so. Is there a log/logs that I could post for revioew that would confirm? What firewall would you recommend although the Windows firewall with windows 10 seems ok.



#6 dbrisendine

dbrisendine

  • Malware Response Team
  • 507 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:BC, Canada
  • Local time:05:50 AM

Posted 12 August 2017 - 11:41 PM

Win10 firewall is as good as it gets; keep it on and at least at default settings and you will be fine.

 

 

No antimalware is 100% or ever will be.  Malwarebytes and Avast should be a good combination.  I would keep the other as 'second opinion' scanners, if you like.


unite_blue_zpsba2e96f7.png
 
Please do not ask for Malware help via PM (Private Messages).  Please post in the forum boards instead.  Thanks.

My help is always free but if you would like to help encourage me or show your thanks -----> btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users