Jump to content

for TiltSF -help to remove jingermy.com

TiltSF
 Share
Go to solution Solved by Maurice Naggar,

Recommended Posts

  • Staff
TeMerc

TeMerc

Posted
  • Staff
Posted
1 hour ago, TiltSF said:

Any info on what may be causing this site to try to open when opening new tabs/pages in Chrome?

Malwarebytes successfully blocks it when it tries to open, but trying to find out if it's associated with a certain extension, etc.

Some info here: VirusTotal

Link to post
Share on other sites
TiltSF

TiltSF

Posted
  • Author
Posted

To Porthos - thanks for that link, but the instructions/information is too clunky/unclear and doesn't seem to do what it's supposed to do - here's an example of one of the blocks:

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 7/7/21
Protection Event Time: 11:32 AM
Log File: 87a9db66-df38-11eb-803c-c85b7650264d.json

-Software Information-
Version: 4.4.2.123
Components Version: 1.0.1358
Update Package Version: 1.0.42804
License: Premium

-System Information-
OS: Windows 10 (Build 19043.1052)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: Malvertising
Domain: aninding-branship.com
IP Address: 18.208.62.125
Port: 443
Type: Outbound
File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Link to post
Share on other sites
TiltSF

TiltSF

Posted
  • Author
Posted

Having same issue...

I saw someone post that "reset Chrome Sync" option too - didn't work for me (is that supposed to be some kind of catch-all solution for sites that try to open when opening tabs?)

BTW, some notes:

1) Def only happening on Chrome
2) It randomly happens when a new tab is opened or maybe a page refreshed

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Hello.  My name is Maurice.

This is not necessarily a cure-all.  However, I suggest you do all the steps listed below.

I see that Chrome browser has some involvement.  One of the first things we want to do is, to NOT have Chrome 'restore' the preceding session (s).  Especially in situations like this.  And we want to Delete the cache file & the browser history.   For now, some very basics.

[   1   ]

Use Chrome browser   to go to https://www.google.com/settings/chrome/sync and sign into your account.
Scroll down until you see the "reset sync" button and click on the button
At the prompt click on "Ok".

[   2   ]

for Chrome, while Chrome is running:
Press & hold SHIFT+CTRL+Del keys  on keyboard to get menu for clearing browsing data:

Check mark the line  "Browsing history"

Check mark the line "Download history"

Check mark the lined "Cached images and files"
and press Clear Data button  ( in blue )

[   3   ]

After that, make real sure that Chrome is "NOT" set to reload the pages from the last session

Go into the settings menu of Chrome by first clicking  the control icon of Chrome on upper right of the adress bar

Then look deeper in SETTINGS

image.png.9f59b1a99e5e32db2619eeab22b5a72f.png

Make real sure it is "NOT" set to "continue where you left off"

.

[   4   ]

See this article on our Malwarebytes Blog
https://blog.malwarebytes.com/security-world/technology/2019/01/browser-push-notifications-feature-asking-abused/

 

You want to disable the ability of each web browser on this machine from being able to allow "push ads". That means Chrome, Firefox, or Edge browser (on Windows 10), or on Opera.

Scroll down to the tips section "How do I disable them".

[   5   ]

I suggest you install the Malwarebytes Browser guard for Chrome.

To get & install the Malwarebytes Browser Guard extension for Chrome,

 

Open this link in your Chrome   browser: 

https://chrome.google.com/webstore/detail/malwarebytes/ihcjicgdanjaechkgeegckofjjedodee

 

Then proceed with the setup.

 

[   6    ]

I  would suggest to download, Save, and then run Malwarebytes ADWCLEANER.

Please close Chrome and all other open web browsers after you have saved the Adwcleaner and before you start Adwcleaner scan.

Adwcleaner  detects factory Preinstalled applications too!

 

Please download  Malwarebytes AdwCleaner  https://downloads.malwarebytes.com/file/adwcleaner
 

Be sure to Save the file first, to your system.  Saving to the Downloads folder should be the default on your system.

 

Go to the folder where you saved Adwcleaner. Double click Adwcleaner  to start it.

At the prompt for license agreement, review and then click on I agree.

 

You will then see a main screen for Adwcleaner. ( if you do not see it right away, minimized the other open windows, so you can see Adwcleaner).

Then click on Dashboard button.

Click the blue button "Scan Now".

 

allow it a few minutes to finish the Scan.   Let it remove what it finds.

NOTE:  When it comes to the section "

Pre-installed applications

 

You can skip that.

Please find and send the Adwcleaner "C" clean report.

In Adwcleaner, click the "Reports" button.  Look at the list of reports for the latest date & type "Clean".

Double Click that line & it will open in Notepad.   Save the file to your system and then Attach that with your reply.

 

That C clean report will be the one with the most recent Date and time at folder  C:\AdwCleaner\Logs

Sincerely.

Link to post
Share on other sites
  • Solution
Maurice Naggar

Maurice Naggar

Posted
  • Solution
Posted (edited)

AFTER the procedures above have been done.

  1. If the same issue persists:

The next thing I would suggest you to do is to run the cleanup tool from Chrome - https://www.google.com/chrome/cleanup-tool/
It is made specifically by Chrome to cleanup Chrome browser.

  • If running the cleanup tool for Chrome did not help the problem, then Next
  • in Chrome, press ALT-key +F-key on keyboard &  then choose Settings

Click Extensions on the left.
Closely review the browser extensions that are listed. Disable any that you are not familiar with or that you do not trust.
Matter of fact, Disable all extensions ( except for Malwarebytes Browser Guard)  
and then do a test with a search using Chrome.
See if it works normally like that.

  • Note: web-search redirects or hijacks when using Chrome, can well be due to a dodgy browser extension.

If after all this the issue persists, we will need a diagnostic report in order to review details about your specific machine.
Specifically the FRST Farbar diagnostic report.  It is safe to get & use.
https://support.malwarebytes.com/hc/en-us/articles/360039025013-Run-Farbar-Recovery-Scan-Tool-to-gather-logs

Attach FRST.txt + Addition.txt with your reply.  You may if you wish, ZIP the 2 into a zip file & then attach.
{ just please do not copy, paste their contents in main body of reply box here.)
 

Edited by Maurice Naggar
Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.