Browser hacked

polonus · October 17, 2016, 9:52pm

My google chrome browser was shortly hacked by -www.premereautodetail.com
It completely hijacked the browser, I could not search anymore.

Just want to establish what this was. Anyone?

After resetting and securing the browser settings. I now see that site was hacked and is redirecting to smut (do not go there).
The hacking probably came via hxtp://redorangeid.nl/
See: https://www.virustotal.com/nl/url/9c787d6f32f9762cf24a2b7e677d8d0a90cedd133e20fc9d94c894a65a7070f0/analysis/
SCUMWARE.ORG has it as malware site. Others fail detection: https://sitecheck.sucuri.net/results/redorangeid.nl
It is a htxp://bokotraffic.com/2.html? malicious redirect The File Viewer encountered an error while retrieving the page! NFI

polonus

Pondus · October 17, 2016, 11:22pm

Unmaskparasites > http://www.UnmaskParasites.com/security-report/?page=redorangeid.nl

http://killmalware.com/redorangeid.nl/

https://virustotal.com/en/url/624520b7f4ce93e697dbadf30ba2fd7ae0556390782bb19ff24a7e50a5447112/analysis/1476746488/

Also listed by TrendMicro > https://global.sitesafety.trendmicro.com/

polonus · October 18, 2016, 12:02am

Hi Pondus,

Fine and recovered. Everyone into volunteer websecurity could have a slip of the old keyboard once in a blue moon.
It can happen to the best of us, so I am not excluded.

No excuse I know, but I have to fill out captcha’s because I am only human.

polonus

Pondus · October 18, 2016, 12:10am

run AdwCleaner to remove any browser crap

polonus · October 18, 2016, 11:38am

Hi Pondus,

Clean as a whistle: # AdwCleaner v6.021 - Logfile created 18/10/2016 at 13:32:08

Updated on 06/10/2016 by ToolsLib

Database : 2016-10-16.1 [Server]

Operating System : Windows my OSconfiguration Connected (version)

Username : Polonus - the computer in question scanned

Running from : C:\Users[i]Polonus[/i]\Downloads\adwcleaner_6.021.exe

Mode: Scan

Support : https://toolslib.net/forum

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious keys found.

***** [ Shortcuts ] *****

No infected shortcut found.

***** [ Scheduled Tasks ] *****

No malicious task found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

########## EOF - C:\AdwCleaner\AdwCleaner[S10].txt - [1939 Bytes] ##########

That is reassuring, italics = anonymized personal data.

Damian