lastminuteoffer ; Browser Hijack(?)

Z

Zensten

New Member
Thread author
Nov 4, 2014
5
Hello, two days ago I was redirected to an unfamiliar website when I was watching a youtube video. At first I thought I accidentally clicked on an ad or something, but it happened again today so I decided to google the website it brought me to along with keywords 'adware removal' and only found fake looking sites with very vague manual removal steps.

Hopefully you guys can help me out.

thanks in advance

edit: thought it may be important to note I am using Google chrome

edit 2: This may not be an actual virus. I've run a few scans with microsoft security essentials with no detections and I also came across an article (http://www.pcworld.com/article/2833972/youtube-served-malicious-advertisements-trend-micro-says.html) about youtube ads being compromised by malicious ads and since this has only happened while watching a youtube video it may be the same thing; but I found little information about lastminuteoffer when searching so I'm not entirely sure.
 

Attachments

  • Addition.txt
    21.7 KB · Views: 41
  • FRST.txt
    34.6 KB · Views: 55
Last edited:
argus

argus

Former MalwareTips Staff
Verified
Apr 24, 2014
3,395
Hello.






adwcleaner_new.png
Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.

  • Right-click on
    adwcleaner_new.png
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[S*].txt) will open.

Please include the contents of that file in your reply.



=========== Next ==============



51a46ae42d560-malwarebytes_anti_malware.png
Scan with Malwarebytes' Anti-Malware
Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Install the progam and select update.
  • Once updated, click the Settings tab, in the left panel choose Detection & Protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • At the bottom click Export and choose Text file.
Save the file to your desktop and include its content in your next reply.
 
Z

Zensten

New Member
Thread author
Nov 4, 2014
5
Thank you for your response, Argus
 

Attachments

  • AdwCleaner[S1].txt
    1.1 KB · Views: 28
  • MWB Scan Log.txt
    1 KB · Views: 32
argus

argus

Former MalwareTips Staff
Verified
Apr 24, 2014
3,395
TDSSKiller_Kaspersky.png
Scan with TDSSKiller

Please download TDSSKiller by Kaspersky and save it to your desktop.

  • Right-click on
    TDSSKiller_Kaspersky.png
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
  • Click on Change parameters and put a checkmark beside Loaded modules. A reboot will be needed to apply the changes, allow it to do so.
  • Your machine may appear very slow and unusable after that - it's normal.
  • TDSSKiller will run automaticaly. Click on Change parameters and click OK.
  • Click the Start Scan button and wait patiently.

If anything will be found follow this guidelines:
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    If Cure is not available, please choose Skip instead.
  • Do not choose Delete unless instructed!

A report will be created in your root directory, (usually C:\ drive) in the form of TDSSKiller.[Version]_[Date]_[Time]_log.txt. Please include the contents of that file in your next post.










51a5bf3d99e8a-ComboFixlogo16.png
Scan with ComboFix

This is a very powerful tool that should be used only if advised by Malware Analyst.
Do not run ComboFix on your own!

Referring to this instruction, please download ComboFix by sUBs and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on
    51a5bf3d99e8a-ComboFixlogo16.png
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
  • Accept the disclaimer and agree if prompted to install Recovery Console.
  • Do not take any actions while ComboFix goes through your System - it may cause it to stall!
  • This scan may take some time!
  • When finished - it will display a logfile (located also on your main drive, usually C:\ComboFix.txt).

Include that log in your next reply.
icon_idea.gif
If you'll encounter any issues with internet connection after running ComboFix, please visit this link.
icon_idea.gif
If an error about operation on the key marked for deletion will appear after running the tool, please reboot your machine.
 
Z

Zensten

New Member
Thread author
Nov 4, 2014
5
No suspicious or malicious objects were detected
 

Attachments

  • TDSSKiller.3.0.0.41_05.11.2014_10.28.10_log.txt
    841.2 KB · Views: 42
  • ComboFix.txt
    16.6 KB · Views: 55
Z

Zensten

New Member
Thread author
Nov 4, 2014
5
That's good.
After reading the article from PCWorld I started using adblock plus on youtube and I haven't been redirected since.

Even though this may not be an issue on my end, I thank you very much for your time. The assistance you guys give here is absolutely awesome and you all should be commended for your work.
 
argus

argus

Former MalwareTips Staff
Verified
Apr 24, 2014
3,395
Thanks :)


Download DelFix by Xplode and save it to your desktop.
  • Run the tool by right click on the
    51a5ce45263de-delfix.png
    icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
    • Purge system restore
    • Reset system settings
  • Push Run and wait until the tool completes his work.
  • All tools we used should be gone. Tool will create an report for you (C:\DelFix.txt)
The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.
 

Similar threads

Mackiwi
Solved Chrome browser changes search results within seconds and to poorer results
Replies
10
Views
802
Windows Malware Removal Help & Support
icotonev
icotonev
IceMan7
    • Like
App Review Question about tests...
Replies
20
Views
1,228
Video Reviews - Security and Privacy
IceMan7
IceMan7
JoeN
    • Like
New Update AdLock MV3 Chrome extension
Replies
1
Views
528
Web Extensions
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top