Solved Need help with "BrowserModifier:Win32/Suptab!blnk"

Miryafa · Nov 5, 2016

Hello and thanks for taking the time to read this.

I have a Windows 7 OS on a computer I assembled from parts online to play games. It has rarely had problems, but can't boot into Safe Mode (whenever I try, it gets to the startup screen and then resets).

Yesterday morning (11/4/2016), when I started up my computer, Windows Defender Alert told me about "Potentially harmful software detected." When I clicked to review, I saw 2-3x copies of "BrowserModifier:Win32/Suptab!blnk". I took the following steps:

1. Windows Defender had "Disinfect" selected, and I just hit "Apply Actions" to run the disinfect.

2. That didn't work - a few seconds later, "Potentially harmful software detected" showed up again, and it was the same 2 copies of "BrowserModifier:Win32/Suptab!blnk". So then I hit the "Clean System" button.

3. That didn't stop the warning from coming back either. I thought I should try to enable safe mode again, so I followed the steps in the MalwareTips guide "Can’t boot into Safe Mode! – Virus Removal Guide". (Option 1) That included running:
-Combofix
-RogueKiller
-Malwarebytes Anti-Malware
-HitmanPro
-ESETSirefefCleaner.exe (Service Repair no longer exists)
-AdwCleaner

4. I couldn't enable safe mode. So then I followed the steps in the MalwareTips guide "Remove BrowserModifier:Win32/SupTab (Virus Removal Guide)". That included running:
-AdwCleaner
-Malwarebytes Anti-Malware
-HitmanPro
-Zemana AntiMalware
I haven't yet done the last step of the guide, "5. Reset your browser to default settings", because I really don't want to do that to my browser (I like the settings I have much more than the defaults), and because it's not clear to me how that can help when the first 4 scans/steps didn't even find anything.

5. None of the scans in the previous step found any malware or pup, so I ran Malwarebytes Anti-Rootkit (which found nothing), and its fixdamage plugin.

6. In Windows Defender, I selected "Quarantine" and I hit "Apply Actions"

So far, nothing has worked. Every few seconds, Windows Defender Alert pops up with "Potentially harmful software detected." When I click to review, I still see the same 2-3x copies of "BrowserModifier:Win32/Suptab!blnk".

Can anyone help?

On a side note, in the instructions for making this post, it says "To make the malware removal process faster and easier, we need the AdwCleaner, FRST and aswMBR scan logs. These reports will provide useful information regarding the state of your computer, and the infected files on your machine. You can find the instructions and download links for these tools on this page: https://malwaretips.com/threads/malware-removal-assistance-how-to-get-help.20334/". However, "aswMBR scan log" isn't there. I don't know what that is, so I didn't include that log.

TwinHeadedEagle · Nov 6, 2016

Hello,

Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

Right-click on

icon and select

Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
Make sure that Addition.txt option is checked.
Press Scan button and wait.
The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please attach report into your next reply.

Miryafa · Nov 6, 2016

Files attached.

TwinHeadedEagle · Nov 7, 2016

Please download Zemana AntiMalware and save it to your Desktop.

Install the program and once the installation is complete it will start automatically.
Without changing any options, press Scan to begin.
After the short scan is finished, if threats are detected press Next to remove them.

Note: If restart is required to finish the cleaning process, you should click Reboot. If reboot isn't required, please restart your computer manually.

Open Zemana AntiMalware again.
Click on

icon and double click the latest report.
Now click File > Save As and choose your Desktop before pressing Save.
The only left thing is to attach saved report in your next message.

Miryafa · Nov 7, 2016

Attached.

I also attached the other logs I got in case they help.

TwinHeadedEagle · Nov 7, 2016

Do you still have this problem?

Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

Right-click on

icon and select

Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
Make sure that Addition and Shortcut.txt options are checked.
Press Scan button and wait.
The tool will produce three logfiles on your desktop: FRST.txt, Shortcut.txt and Addition.txt.

Please attach them into your next reply.

Miryafa · Nov 8, 2016

Yes, I still have this problem. Why do you ask? I don't want to sound ungrateful. I'm just confused why I've been asked to run scans 4 times without any other response.

TwinHeadedEagle · Nov 8, 2016

I ask because I don't see any malware on your PC.

Can you go to C:\Program Files (x86)\Google\Chrome\Application and start chrome.exe from there? Let me know if Microsoft still makes a detection?

Miryafa · Nov 8, 2016

Thanks for replying again!

I am still having this problem. I rebooted the computer and just let it sit a few minutes before starting Chrome (from its source folder, like you said to do). But even in that case - before Chrome opened, I still got the pups.

TwinHeadedEagle · Nov 8, 2016

Can you please run one more Zemana scan now?

Kaleb2033 · Nov 9, 2016

Hey, my mother's computer had the exact same issue. I ran a few scans and removed it when it came up. Then I reset the browser under advanced settings and restarted the computer and that seemingly fixed it.

Miryafa · Nov 9, 2016

I reran the Zemana scan and have attached the results.

It found a couple things having to do with WebOfTrust, so I did the "next->clean" thing. But the SupTab pups still showed up almost immediately after doing that.

I'll try reseting the browser now.

Miryafa · Nov 9, 2016

Update: I reset Chrome's settings, as described in the MalwareTips guide. However, I still have the SupTab pups showing up.

Miryafa · Nov 9, 2016

*I meant to say I reset the browser and restarted the computer.

TwinHeadedEagle · Nov 9, 2016

Can you reinstall Google Chrome?

BFB2 · Nov 11, 2016

[QUOTE="Potentially harmful software detected" showed up again, and it was the same 2 copies of "BrowserModifier:Win32/Suptab!blnk".
QUOTE]
This little devil has been driving everyone crazy for a few days now, because it just kept reappearing. Luckily it's an easy fix. It's a from an error in a recent Windows Defender definition update, which they have now corrected. All you have to do is check for updates, and once it downloads and installs, poof, that nasty red box turns to green, and stays that way. It's not your computer, it's Windows Defender.....

TwinHeadedEagle · Nov 12, 2016

Can you choose remove/delete instead of quarantine when you get this detection?

BFB2 · Nov 12, 2016

TwinHeadedEagle said:
Can you choose remove/delete instead of quarantine when you get this detection?

Why would you bother doing that? Read the response right before yours. That you got the alert was due to an error by Defender which has been corrected. Update your Defender, and the error is gone. The 'problem' does not exist.

TwinHeadedEagle · Nov 12, 2016

I know, this was false positive detection from Defender. It seems it was fixed.

Solved Need help with "BrowserModifier:Win32/Suptab!blnk"

New Member

Attachments

Level 41

New Member

Attachments

Level 41

New Member

Attachments

Level 41

New Member

Attachments

Level 41

New Member

Level 41

New Member

New Member

Attachments

New Member

New Member

Level 41

New Member

Level 41

New Member

Level 41

Similar threads