Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > Haus of Tech Support > Having trouble getting rid of a link redirect malware
 
  • Locked thread
Zenzirouj
Jun 10, 2004

What about you, thread?
You got any tricks?
Problem description: I have a tenacious link redirect malware in Chrome. It seems to be using some combination of cookies (disabling 3rd party cookies seems to stop it) and javascript (js hasn't really been working since I got the thing. I think it's trying to hijack it and failing, but is also preventing js from working correctly. For example, most of imgur doesn't work and here on SA, clicking the top left of thumbnailed pictures does nothing.). I've attached what Malwarebytes finds, removing it only lasts until I next launch Chrome.




Attempted fixes: I've run RKill, then Malwarebytes, then ADWCleaner, then JRT after restart. The only program that finds anything is Malwarebytes and it only removes what crops up after the thing regenerates itself when I run Chrome for a bit. Running Malwarebytes in Safe mode didn't turn up anything extra. I've also run Housecall and Rootkitbuster with no luck. I have a Hijackthis log if somebody wants to look at it.

Recent changes: Nothing out of the ordinary I can think of, I must have gone to a particularly sketchy site by accident and gotten something that made it past uBlock Origin and Ghostery.

--

Operating system: Win7 64bit


Location: USA

I have Googled and read the FAQ: Yes

Zenzirouj fucked around with this message at 19:08 on Jun 26, 2016

* # ? Jun 26, 2016 19:03
  • Quote
Adbot
ADBOT LOVES YOU

# ? Apr 25, 2024 19:14
  • Quote
Fruit Smoothies
Mar 28, 2004

The bat with a ZING
Use Windows Defender Offline

* # ? Jun 26, 2016 22:09
  • Quote
Grapeshot
Oct 21, 2010
 Do other browsers on the same computer have this problem as well?

If they do, you probably want to run TDSSKiller and check the DNS server you're using, some malware can even get into your router and set a custom DNS server for your entire household.

If other browsers work fine, you need to completely uninstall Chrome and also delete your profile which is stored somewhere in Application Data.

* # ? Jun 26, 2016 23:18
  • Quote
Zenzirouj
Jun 10, 2004

What about you, thread?
You got any tricks?
Thanks, I'll give that tool a try and then look into what Grapeshot said.

* # ? Jun 29, 2016 07:00
  • Quote
Trabant
Nov 26, 2011

All systems nominal.

Fruit Smoothies posted:

Use Windows Defender Offline

What if WDO fails to update after it boots? It refuses to scan without a definition update, but all the update attempts keep failing. The download/install bar keeps moving up but only produces the following errors:

code:

Virus and spyware definitions couldn't be updated.

This app couldn't check for virus and spyware definition updates. Check your Internet or network connection and try again.

Click Help for more information about this problem.

Error code: 0x80070070
Error description: this copy of this app has expired.
Your PC might be vulnerable to malware.
To continue using this app, contact your security administrator.

* # ? Jul 1, 2016 04:04
  • Quote
Zogo
Jul 29, 2003

Trabant posted:

What if WDO fails to update after it boots? It refuses to scan without a definition update, but all the update attempts keep failing. The download/install bar keeps moving up but only produces the following errors:

Try doing it from another computer. If that doesn't work it could be an MS issue.

* # ? Jul 1, 2016 04:47
  • Quote
Adbot
ADBOT LOVES YOU

# ? Apr 25, 2024 19:14
  • Quote
Trabant
Nov 26, 2011

All systems nominal.
 OK, will try on a friend's computer. My only other option -- work laptop -- is locked down hard and refuses to boot to USB. Smart money is always on "MS fuckery" though.

Zenzirouj: didn't mean to hijack the thread, but I remembered this subforum exists and your post in the Chrome thread after mine on the same topic :downs:

* # ? Jul 1, 2016 05:42
  • Quote
  • Locked thread
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > Haus of Tech Support > Having trouble getting rid of a link redirect malware