As the subject line states, this is the error message we receive from Avast every time we try to Google search anything.
We’ve run scans from Avast(free edition), Malwarebytes(free), and SuperAntiSpyware(free). No program finds any sign of infection.
Only the Chrome browser is infected, Firefox is working w/o issue.
I tried to attach a screenshot from my phone, however, this site won’t accept a .jpeg file. I’ll type out the text:
Threat secured
We’ve safely aborted connection on floepiano.com because it was infected with Other:Malware-gen [Trj]
Then the upsell button
Threat name: Other:Malware-gen [Trj]
Threat type: Trojan Horse - (I’m not going to type the definition)
URL: https(colon)//floepiano(dot)com/***.js (I didn’t want to type the whole file name in case the site created a hyperlink to a virus)
Process C:\Program Files\Google\Chrome\Applications\chrome.exe
Detected by: Web Shield
Status: Connection aborted
@ Jodin
I rather doubt it is because Chrome is infected.
Are you trying to connect to the floepiano(dot)com link you gave, presumably not if happening in searches.
That search for some reason is triggering the floepiano(dot)com/ ***.js file
If not, clear Chrome’s browser cache and all cookies, restart Chrome, does it reoccur ?
Following up on this. We had cleared the cache & cookies. Closed and restarted Chrome. The issue went away for about 1 search, then came back upon a second search.
My first thoughts on this was a self replicating file with a backup file that replicates the first file if it has been deleted.
Our next step will be to uninstall Chrome and reinstall. I’ll reply once this has been completed.
I generally don’t use Chrome, so I’m really not that familiar with its settings.
You could try checking Chrome’s settings to improve security, in Firefox there is a Privacy and Security option and you can increase the levels. I don’t know if you can reset it to default settings which may be less severe than a reinstall.
Full uninstall & reinstall of Chrome resolved the issue. Unfortunately we are still not aware of what caused the initial infection.
Due to a user post from 2018 stating it only happened when they synched their browser to their google account, we have chosen to keep that feature turned off for now.
Hopefully this will be caught enough in the future to be identified as something other than “Other”