Click hijacking (might be on my end)

Status
Not open for further replies.

ohioankev

SatelliteGuys Pro
Original poster
Jul 25, 2007
626
44
I'm only posting this since it's only seems to happen on this forum/site. When I click on a link to a post occasionally I'm hijacked to a fake flash download and my antivirus goes off and catches the malware. The strange thing it's only happening to me on Satelliteguys and no where else.
 
I have been trying to get rid of it for weeks now, but it doesn't happen at this site, it appears to happen in the first tab of Chrome. Malwarebytes does not get it or even find it, and while it keeps coming back at least my Windows Security Essentials sees it when it takes over the tab and allows me to neutralize it. It's a different internet address each time. I have uses several malware/antivirus programs but none see it on my system so far.
 
Ok, then try this, I used to use this all the time, but I haven't tried it for years. It was exceptionally good at cleaning out cooties: http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/SpywareBlaster.shtml
Thanks I use the paid version of SpywareBlaster and have for years. I have had little to no real problem till this. The only reason it isn't a huge deal is when it tries to download the fake file I am immediately told it could be fake and I have DISCARD button on the download and the Windows Defender kicks in and nulls it. But none of the malware programs actually find what is generating it. I did three deep scans with three programs and none found it.
 
Go into chrome and check your settings, particularly your add-ons and remove anything that doesn't look like it belongs there and also make sure you're not going through a proxy.
 
I believe I fixed it running adw cleaner from bleepingcomputer.com . From reading about the first virus my anti-virus detected when my click was hijacked I believe the problem was some variation of Kovter, which is a fileless infection that inserts it's code through Windows registry.

I've been back here a dozen times and clicked around for 15 to 20 minutes and haven't been attacked since deleting some registry keys that it found on my system.
 
Status
Not open for further replies.
***

Users Who Are Viewing This Thread (Total: 1, Members: 0, Guests: 1)

Who Read This Thread (Total Members: 1)