Jump to content
Jettubby

Website Blocked Due to Trojan on nearly ALL websites

Recommended Posts

I just started getting this message at 1600 lcl eastern time today and it happens for almost every website I click on, even malwarebytes.com. I did a full scan and ran Windows Malicious Software Removal Tool and no infection. FP? Change in Google Chrome? This is annoying. Thanks! 

Capture.PNG

Share this post


Link to post
Share on other sites

This is not an F/P. The threat is blocked because it is serving Adware.Revizer.

Share this post


Link to post
Share on other sites

From my previous post I indicated that nearly every website I go to I get the following popup notification. A moderator here said that's because the website is pushing the Adware.Revize virus. He locked my thread without reading it because I indicated that even this site is causing the pop up! What's the explanation please?

InkedCapture1_LI.jpg

Share this post


Link to post
Share on other sites

Hi,

What other tabs are opened on this browser?

Is that Chrome?

If on Chrome, I would suggest using Chrome  to go to https://www.google.com/settings/chrome/sync and sign into your account.
Scroll down until you see the "reset sync" button and click on the button
At the prompt click on "Ok".
.

Then Delete the Cache on the browser.

That website block notice is a courtesy one.  The web protection is keeping the pc safe.

Whatever the source triggering that notice, it is not from something on this forum.  It can be another tab on the browser.  Even possibly, some browser extension on the browser.

Share this post


Link to post
Share on other sites

Hello @Jettubby

 

 

Please run the following steps and post back the logs as an attachment when ready.

STEP 01

  • If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
  • If you don't have Malwarebytes 3 installed yet please download it from here and install it.
  • Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
  • Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply.
  • If Malwarebytes won't run then please skip to the next step and let me know on your next reply.

STEP 02

Please download AdwCleaner by Malwarebytes and save the file to your Desktop.

  • Right-click on the program and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan Now.
  • When finished, please click Clean & Repair.
  • Your PC should reboot now if any items were found.
  • After reboot, a log file will be opened. Copy its content into your next reply.

 

RESTART THE COMPUTER Before running Step 3

STEP 03
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here.
  • Please attach the Additions.txt log to your reply as well.

 

Thanks

Ron

 

Share this post


Link to post
Share on other sites
4 hours ago, Maurice Naggar said:

Hi,

What other tabs are opened on this browser?

Is that Chrome?

If on Chrome, I would suggest using Chrome  to go to https://www.google.com/settings/chrome/sync and sign into your account.
Scroll down until you see the "reset sync" button and click on the button
At the prompt click on "Ok".
.

Then Delete the Cache on the browser.

That website block notice is a courtesy one.  The web protection is keeping the pc safe.

Whatever the source triggering that notice, it is not from something on this forum.  It can be another tab on the browser.  Even possibly, some browser extension on the browser.
 

Maurice. This seems to have worked. Not getting the pop-up warning after "reset sync" in Chrome and deleting  everything in cache, cookies, etc. My computer was fine and yesterday morning I had the Paypal website open ( and nothing else) and walked away for a couple of hours. Came back and tried to log into Paypal again and these messages started popping up continuously from Malwarebytes. Strange and maybe some strage stuff with Paypal?? Hopefully it doesn't return.

Share this post


Link to post
Share on other sites

OK.  I take t that now, the Chrome browser is all in good shape.

See this article on our Malwarebytes Blog
https://blog.malwarebytes.com/security-world/technology/2019/01/browser-push-notifications-feature-asking-abused/

 

You want to disable the ability of each web browser on this machine from being able to allow "push ads". That means Chrome, Firefox, or Edge browser (on Windows 10), or on Opera.

Scroll down to the tips section "How do I disable them".

.

also, if you use Chrome or Firefox browser, install the Malwarebytes beta browser extension.  There is one for Chrome & another for Firefox.

To get & install the Malwarebytes beta Chrome extension,

Open this link in your Chrome browser: https://chrome.google.com/webstore/detail/malwarebytes/ihcjicgdanjaechkgeegckofjjedodee

Then proceed with the setup.

My best to you.   I think we can wrap this up.

Sincerely,

Maurice

 

Share this post


Link to post
Share on other sites
7 minutes ago, Maurice Naggar said:

Ok I did some testing and disabled my 1/2 dozen extensions and enabled them one by one and the only one that when enabled started the Trojan popup was "Chrome App Launcher". This to me is significant. Google themselves pushing Trojans to customers?! Knew they were evil. 

 

 

OK.  I take t that now, the Chrome browser is all in good shape.

See this article on our Malwarebytes Blog
https://blog.malwarebytes.com/security-world/technology/2019/01/browser-push-notifications-feature-asking-abused/

 

You want to disable the ability of each web browser on this machine from being able to allow "push ads". That means Chrome, Firefox, or Edge browser (on Windows 10), or on Opera.

Scroll down to the tips section "How do I disable them".

.

also, if you use Chrome or Firefox browser, install the Malwarebytes beta browser extension.  There is one for Chrome & another for Firefox.

To get & install the Malwarebytes beta Chrome extension,

Open this link in your Chrome browser: https://chrome.google.com/webstore/detail/malwarebytes/ihcjicgdanjaechkgeegckofjjedodee

Then proceed with the setup.

My best to you.   I think we can wrap this up.

Sincerely,

Maurice

 

 

Share this post


Link to post
Share on other sites

"Chrome App Launcher"   is not from Malwarebytes.

Share this post


Link to post
Share on other sites
2 minutes ago, Maurice Naggar said:

"Chrome App Launcher"   is not from Malwarebytes.

Uh yes I know. Do you understand what I"m saying?............The only time I get the warning from Malwarebytes that I posted above is when the "Chrome App Launcher" extension is enabled. This means this trojan redirect is a product of Google. 

Share this post


Link to post
Share on other sites

I've done some testing and after "Resetting Sync" on Chrome and clearing all cache, cookies, etc; I removed all extensions and brought them back one by one. It appears that the "Chrome App Browser" is the culprit as I"m receiving no Malwerebytes messages with this uninstalled. 

Share this post


Link to post
Share on other sites

OK.  So lets just be sure it is not now on the Chrome browser.

Is there anything else you need at this point?

Are you ready to wrap this case up?

Share this post


Link to post
Share on other sites

@Jettubby

You have got 2 different Topic on apparently the same issue !

Share this post


Link to post
Share on other sites

So far everything is ok. Thank you for the help. I will post again if the message resurfaces but I will not be using chrome app launcher. Not sure why this is happening with the chrome app launcher but?....... Thank you!

Share this post


Link to post
Share on other sites

Look on Windows Installed programs list.  See if perhaps Chrome app launcher is listed as an installed program.  If yes, Uninstall it.

Press and hold Windows-key on keyboard and tap the R key to get the Run option.

Then type in

appwiz.msc

and tap Enter key.    Look for Chrome app launcher.

 

also look for Chrome app launcher in case it is shown as a Chrome browser extension.

in Chrome, press ALT+F on the keyboard >>then Settings
Click Extensions on the left.
Closely review the browser extensions that are listed.  
Disable or uninstall Chrome app launcher if there.

 

Lastly, if all is ok, we should plan to wrap up this case.

Sincerely.

Share this post


Link to post
Share on other sites

Yes it's not installed on the computer but was installed as a Chrome extension. I deleted it and so far all is ok. 

Share this post


Link to post
Share on other sites

I am glad to have the good news.  You can delete the files I had you download.

Safer practices & malware prevention:
Follow best practices when browsing the Internet, especially on opening links coming from untrusted sources.
First rule of internet safety: slow down & think before you "click".
Free games & free programs are like "candy". We do not accept them from "strangers".


Never open attachments that come with unexpected ( out of the blue ) email no matter how enticing.
Never open attachments from the email itself. Do not double click in the email. Always Save first and then scan with antivirus program.

Never click links without first hovering your mouse over the link and seeing if it is going to an odd address ( one that does not fit or is odd looking or has typos).

 

Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed.
Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next".

Use a Standard user account rather than an administrator-rights account when "surfing" the web.
See more info on Corrine's SecurityGarden Blog http://securitygarden.blogspot.com/p/blog-page_7.html
Dont remove your current login. Just use the new Standard-user-level one for everyday use while on the internet.


Check in at http://windowsupdate.microsoft.com 
Windows Update and install any Important Updates offered.

Make certain that Automatic Updates is enabled.
https://support.microsoft.com/en-us/help/12373/windows-update-faq




Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware.

For other added tips, read "10 easy ways to prevent malware infection"

.

My best to you.

 

Share this post


Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.