Operating System
Windows 10
Infection date and initial symptoms
04-07-2018, randomly opens a random ad tab, even if Google Chrome isn't running.
Current issues and symptoms
Randomly opens a random ad tab, even if Google Chrome isn't running.
Steps taken in order to remove the infection
I've managed to install Malwarebytes and Spybot, entered Safe Mode and performed a scan, which removed the malware that was affecting the search words and having a svchost process to take like 50% of CPU usage, but the tab opening randomly continued.

Malwarebytes and Spybot won't detect anything - I've runned CCleaner to clean up the disk and registry but the problem persists.

I tried uninstalling Chrome too and when I've done it, Malwarebytes pop-up with a "Blocked site" warning.
System logs
Yes, I've uploaded the FRST.txt logs
Yes, I've uploaded both FRST.txt and Addition.txt logs
Yes and I've also uploaded logs from other scans that I've performed

zghenzi

New Member
Hello,

Sometime ago I started having a chrome tab open randomly with a random generated ad tab. Even when chrome isn't running it opens one tab up, so I tried searching for malware problems and noticed that if I searched "malware" or "adware" words, chrome would turn off automatically.

I've managed to install Malwarebytes and Spybot, entered Safe Mode and performed a scan, which removed the malware that was affecting the search words and having a svchost process to take like 50% of CPU usage, but the tab opening randomly continued.

Malwarebytes and Spybot won't detect anything - I've runned CCleaner to clean up the disk and registry but the problem persists.

I tried uninstalling Chrome too and when I've done it, Malwarebytes pop-up with a "Blocked site" warning. This are all the leads I have to the problem, hope you guys can help me with it:

Blocked Site #1:

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Category: Malware
Domain: a616.enigma.safecart.com
IP Address: 192.230.82.38
Port: [51237]
Type: Outbound
File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Blocked Site #2:

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Category: Malware
Domain: newtab-media.com
IP Address: 108.59.81.209
Port: [50207]
Type: Outbound
File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Thanks.
 

Attachments