• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Browser hijacked (Edge)

C

Craig234

Lifer
A website popped up in the Edge browser which locked it up. It demands calling a phone number.

Nothing else can be done in the browser. It can only be killed in task manager.

Rebooting made no difference, as soon as Edge is re-opened, the window pops up (with beeping).

So, I ran spybot - no fix.

So, I ran Malwarebytes - no fix.

So, googling I found a guide to run 'Hitman' - no fix.

Now, here.

I saw in the similar thread, to run 'Reason Core Security' - it's running now.

Windows 10 Pro. (Using IE for posting).

Coincidence:

While this is going on I started getting about 6 of those 'Windows Support' scam calls in a row.
 
By clicking on the program I got a second copy of edge to open without the lockout while the lockout runs in the first window. By doing that I was able to clear all the browsing history thinking maybe that would help if it's re-opening the lockout window on startup. It didn't fix it.

Sometimes, starting it has a brief delay while it loads the bad site, so I tried typing something else in the browser window quickly and hitting enter to see if it wouldn't go to the site - didn't fix it.

I could try some sort of rollback but don't think I have saved checkpoints, I'll check on it.
 
I looked at bleeping computers, it's not clear - it has things for various hijacking, none of which are a match.

They have various programs to download, I'm trying the first.

Edit: Oh, it does look like they have a match, trojanhorsexxx.com scam.

I'll look at that.
 
Looks like it's fixed - the program I ran 'adware' removed a bunch of things. Then Edge popped up the hijack window, but now it was a regular website that could be closed and looked different.

I closed it, cleared browsing history, and restarted Edge - it's gone. Bleeping computers had a longer list to run several things, but that seemed to do it.
 
Good to hear you got it fixed. It says it may have been installed by something you recently installed. Any ideas on what they may have been? If so upload the file to virustotal to be scanned and check out the results. In the future if you download anything under 128MB upload it to virustotal before you run it. I go a step further and scan my downloads with hitman pro free and malwarebytes free as well as my AV (which should scan the file automatically regardless).

You may also want to go ahead and finish the bleeping computer procedure to remove any remnants.
 
balloonshark said:
Good to hear you got it fixed. It says it may have been installed by something you recently installed. Any ideas on what they may have been? If so upload the file to virustotal to be scanned and check out the results. In the future if you download anything under 128MB upload it to virustotal before you run it. I go a step further and scan my downloads with hitman pro free and malwarebytes free as well as my AV (which should scan the file automatically regardless).

You may also want to go ahead and finish the bleeping computer procedure to remove any remnants.
Click to expand...

Thanks. I saw that but don't think I'd installed anything recently - it seemed to be caused by internet browsing. I generally only install safe things.

I was a bit disappointed so many tools didn't fix or even find it until the one that did.
 
Check that your add-ons (flash, java, etc.) and all your internet facing apps (pdf readers, itunes, browsers, etc.) are all up to date. I'm assuming your OS is up to date.

The best and fastest malware removal tool is a recent and malware free system image.
 
I haven't heard of that particular malware coming from anything but installing something else, and that was injected into it.
I suppose it could be another flash exploit though, and that is how it got installed.
 
Thanks 111. No, I haven't 'reinstated Edge', but that problem has been fixed. There's a new one though, might make a thread about it.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top