Jump to content


Rogue malware coupondownloader firmly enterenched on all my browsers


AlexRRR

Recommended Posts

Couple of months back i downloaded software that would allow me to do a few things, in the past ive had unexpected crap downloaded with it but managed to get rid of it easy enough, and yes ive learned to avoid sites that add that junk to what your looking for and yes i normaly pay close attension to what im getting but its a never ending battle with these sites that offer it that they get sneakier on how and where they stick this malware.

My problem and im hoping someone can help me with it apart from a total reinstall of windows is how to get rid of this "coupondownlader" add ware, its driving me nuts, its very agressive its attached itself to all my broswers, i run internet explorer and chrome, i got rid of firefox my browser of choice and just last few days i got opera, the dam thing attached itself instantly.

Click on anything when browsing and an add page turns up.....normal 3 times untill i get the page i want.. there is a vid screen to bottom right hand with neverending adds....... have an imac as well and the only thing that stops me from ditching my 2 windows laptops is i play a game that only windows can run and ive been playing versions of this game for the past 8 ys...my preferance would be to get a macpro laptop but then i have to instal windows on it and at over $3000 just to play a game is kinda silly, right now i'm running a job that takes me away from home most of the week so im stuck with my windows laptop.

I did have a tech look at it but did nothing and i did download sypbot who wanted $40 to clean my pc...and who knows if they would have got it.

Ive unistalled every bit of software that i dont need and checked program and features many times to see if there was anything there that shouldnt be, ive checked the browsers and made a few adjustments, checked relavent browser websites and followed there advice, got into a few forums on this subject but its still there.

HELP

  • Like 1
Link to comment
Share on other sites

Removal of 'Coupon downloader' Step by step here

http://malwaretips.com/blogs/coupondownloader-virus-removal/

yes ive been there, downloaded spy hunter they show up your malware then hit you for a fee if you want your pc cleaned and whos to say in the roguh world of cyber your going to get you money worth?

ive followed many trails but it goes nowhere.

i have no extensions in chorme to disable but just before i looked in internet explorer there i found the coupon ext but its already been disabled....ummmm

Link to comment
Share on other sites

Just reset your browsers to the default settings. This link will tell you how for the browsers you mentioned.

Also look in Programs and Features in the control panel to see if anything unusual was installed.

Edited by BB1950
Link to comment
Share on other sites

I think you need to reread the link provided by ThaidDown. No where do they mention to use spy hunter. All the programs they mentioned are available free and are reliable. Some are on a limited time trial but they are fully functional during the trial period. You don't need to spend money on crap!

Link to comment
Share on other sites

I think you need to reread the link provided by ThaidDown. No where do they mention to use spy hunter. All the programs they mentioned are available free and are reliable. Some are on a limited time trial but they are fully functional during the trial period. You don't need to spend money on crap!

Same here, no mention of 'Spy Hunter'

AdwCleaner (Free) from http://www.bleepingcomputer.com/download/adwcleaner/

Malwarebytes free from https://www.malwarebytes.org/

HitmanPro from http://www.surfright.nl/en/hitmanpro This is a trial version, unlimited scanning but only able to remove for 30 days.

I recently went through the procedure using the 3 programs listed above plus a couple of other steps of doing something in each browser. I downloaded VLC media player & adware called advance elite popped up everytime I opened a website. I also noticed Baidu Security attached itself to the download & somehow I manged to get rid of it as another time the only way I could get rid of it was to re format. I too am usually very careful when I download & watch out for unwanted software but as stated they are getting more sneaky.

Link to comment
Share on other sites

I'll agree programs are getting more sneaky, especially with Baidu products being installed. The option to opt out is usually not presented in the

Express Install (recommended) option.

Nowadays you need to select the

Custom Install option.

Don't worry, it's usually not that complicated, just allow the default settings for the program and opt out of the crap stuff from being installed.

You usually do have the option to opt out of crap being installed with the Custom Install whereas the with the Express Install you don't. It'll take a little more time to review the install, but the time saved not getting the crap is worth it!

Edited by Maestro
Corrected "Do worry" to Don't worry, at posters behest.
  • Like 1
Link to comment
Share on other sites

You can't get rid of very nasty pieces of malware if you boot your computer using an infected environment.

When I have to get rid of very nasty pieces of malware (usually from my friends' computers), I either use Hiren's Boot CD (which allows you to boot on another operating system and contains many antimalware tools among other utilities) or I put their hard disk in an external enclosure and then run several antimalware programs from one of my own computers with the external enclosure connected to it. The goal is to not boot on the infected operating system (nasty malware tend to replicate themselves at startup).

For more information about Hiren's Boot CD:

http://en.wikipedia..../Hiren's_BootCD

http://www.hiren.info/pages/bootcd

http://www.hirensbootcd.org/download/

  • Like 1
Link to comment
Share on other sites

Have a look at this e-mail I sent my son, therein might lie the answer.

"Thought you might be interested to know that it looks like I don't have a virus on my laptop after all. Having scanned it with Norton and several of the adware stuff you suggested, there was still the same old shit going on so I googled my problem. Someone on line had suggested that add ons in Mozilla could create problems so I had a look and found one called ConveRtMe 3.4 that was installed last May, so I disabled it and have since removed it and it seems to have solved the problem"

I dont know if it would work with Chrome or Explorer, but it sounds as if you have exactly the same problem as I had

Link to comment
Share on other sites

Time for naivety on the internet is OVER - ignore and you might regret, much sooner rather than later

Strong Recommendation: Unless you REALLY have to, do NEVER use any (free...!?) wifi networks or other wifi networks which you are not SURE you can trust... They see EVERYTHING... and possibly do worse that just "seeing"...

Stronger Warning: "if you don't know what it is, DO NOT CLICK on it". Clicking out of naivety is just that, naivety... One wrong click and you might be done without knowing it (yet)...

In the past, hacking was for the few and rare freaks, not anymore. Even if you may not know how to, but trust me, any second-grade school kid can spy on you easily (and do much more damage) with all the tools freely available on the internet... let alone the exploding number of "pro scammers"...

Sorry for the stern language, I though it's justified...

P.S.: and make sure YOU control the wifi settings/access of your home router, and NOT the guy/company from where you bought it, who installed it. I don't know how many thousand, or hundreds of thousands, of routers here in Thailand have "admin" as the username and your phone number as the password........ It's like passing someone a free copy of your car key, your house key, and a clone of your credit card. "Christmas Come Early" for the determined...

  • Like 1
Link to comment
Share on other sites

What about "System Restore?"

It has worked for me a few times.

Find a restore point before that download. It takes 10 minutes, but you will also lose other downloads made since that point.

Accessories - System Tools (or Search).

Settings - search in W8

Link to comment
Share on other sites

<script type='text/javascript'>window.mod_pagespeed_start = Number(new Date());</script>

I think you need to reread the link provided by ThaidDown. No where do they mention to use spy hunter. All the programs they mentioned are available free and are reliable. Some are on a limited time trial but they are fully functional during the trial period. You don't need to spend money on crap!

Same here, no mention of 'Spy Hunter'

AdwCleaner (Free) from http://www.bleepingcomputer.com/download/adwcleaner/

Malwarebytes free from https://www.malwarebytes.org/

HitmanPro from http://www.surfright.nl/en/hitmanpro This is a trial version, unlimited scanning but only able to remove for 30 days.

I recently went through the procedure using the 3 programs listed above plus a couple of other steps of doing something in each browser. I downloaded VLC media player & adware called advance elite popped up everytime I opened a website. I also noticed Baidu Security attached itself to the download & somehow I manged to get rid of it as another time the only way I could get rid of it was to re format. I too am usually very careful when I download & watch out for unwanted software but as stated they are getting more sneaky.

Big Big warning for Baidu. Chinese company spreading "badware". careful when downloding VLC

Link to comment
Share on other sites

Removal of 'Coupon downloader' Step by step here

http://malwaretips.com/blogs/coupondownloader-virus-removal/

Thank YOU ThaidDown for this! My computer (running Firefox) has lately been plagued with freezing up with a text box popup that says "a script running on this page has caused Firefox to" (Freeze up!). Then it shows you all the lines of code in the "script", then asks if you want to either stop the script or "debug" it. It is MADDENING! and it's happening every session. I ran the Firefox "reset" as shown in the excellent directions, and then brought up a news site that is most prone to this bug. No popup this time.

So far, so good. Just going to Control Panel (Windows 8) and trying to find whatever program is trying to run this "script", reveals nothing. I hope this reset fixed it. Thanks again.

Link to comment
Share on other sites

I think you need to reread the link provided by ThaidDown. No where do they mention to use spy hunter. All the programs they mentioned are available free and are reliable. Some are on a limited time trial but they are fully functional during the trial period. You don't need to spend money on crap!

Same here, no mention of 'Spy Hunter'

AdwCleaner (Free) from http://www.bleepingcomputer.com/download/adwcleaner/

Malwarebytes free from https://www.malwarebytes.org/

HitmanPro from http://www.surfright.nl/en/hitmanpro This is a trial version, unlimited scanning but only able to remove for 30 days.

those 3 are what i run everyweek on my 7 internet pc and notebooks

do an amazing job

  • Like 1
Link to comment
Share on other sites

Thanks ThaidDown, hotmanpro got rid of it, but seriously guys i used several free malware to no avail, coupons malware are very well known on the net it seems....

Best to download these free malware programs to your desktop then install and run from there in Safe Mode.

Otherwise use System Restore, as a poster earlier recommended.

Last but not least, to state the obvious, be careful about what you install. I am also a long time user of VLC player and ALWAYS should be downloaded from the developers website (videolan.org) NOT other similar looking/sounding websites where malware can be attached! If you are not sure about any program, do a google search and see what other says, good or bad.

  • Like 2
Link to comment
Share on other sites

Adware by stealth, browser hijacks and unwanted toolbars are becoming a common day thing and we all need to be mindful and vigilant about this. Running or downloading applications, collecting email, chat programs or browsing the web on your phone is becoming easier to target and in some ways poses a greater risk depending on what you use your phone for and what its linked to it and what is stored.

Baidu is a high profile set of applications which currently can load your computer or phone with an evergrowing collection range of irritating and normally useless applications. However, there are smaller, more dangerous applications lurking around the ethernet than this.

Baidu it seems comes packaged with nearly every second free piece of software. When installing software it is always best to do the custom install and decline all offers of added applications. Its not hard and will save you a lot of time and effort later trying to get rid of all the crap scattered around your computer.

I unwittingly downloaded some Baidu software once and found my computer and browsers laden with crap.

I uninstalled all I could using Revo uninstaller, A good tool that also cleans a lot of left over junk.

However, Baidu proved resistant to this.

I found stuff sitting in C:\ program data file, C:\Users\Application files and using Regedit files sitting through the registry.

I used Superantispyware, Hijack This and Malwarebytes. Followed up with windows free registry cleaner. Still found stuff in the registry which I deleted manually. what a pain. The thing is, what else are they doing, or could they do when they can get such easy access.

Firewalls and Anti-virus are good but there is not much they can do if you download software and accept the install instructions.

When streaming music, movies or sport on the net never get sucked in by pop ups telling you that you need this or that player or your flash player needs updating. Some of these are malicious and others just more crap ware but none are useful. If you feel you need a new player or flash needs updating then go directly to the home site to do this.

I also use Erunt registry backup on automatic which backs up the registry to another hard drive. This is free easy to use and will restore your registry with one click. However, you will lose any changes you have made from the latest backup onwards. The plus being that it will get you out of a hole or save a complete format or re-install. The other advantage is that trojans and other malware disable control panels and system restore.

Link to comment
Share on other sites

Hi AlexRRR,


Much of what has already been said is good advice and if you have tried programs such as Malwarebytes without success then a multi-pronged approach is the only way. It would be impossible to offer you a list of steps as it is such a dynamic set of variables with many synergistic processes.


I have just retired to Thailand and have had a computer business for over 19 years. This was my bread and butter.


If you genuinely need to retain your current install of "Windows" it CAN be cleaned.


I cannot work here - nor do I want to - as I have no Visa.


Nowhere on your post can I find your location - I am in Chiang Mai -/- Doi Saket.


If you luck out everywhere.... Bring it to me (assuming of course you are in my area) and I will clean it - NO FEE WHATSOEVER - you may have some skills I need someday.


Regards Mal

Link to comment
Share on other sites

You did not mention what operating system your computer has. If it is Windows, click on the Start button, then on Control Panel, then on Uninstall a program. You get a new window with a list of all programs installed on your computer. Check if on the date when you downloaded the program you mentioned in the OP, another program also got installed. If there is one, it is likely the coupon downloader you want to get rid of.

Link to comment
Share on other sites

It looks like you've received many good links for spyware / malware removal software. If you have a really persistent problem you may need to run the programs more than once. Don't forget to do something as simple as checking to see if this coupon malware is listed as one of your programs, if so remove it. I've always had good luck with Norton anti-virus products, make sure you have the latest version and run it. Finally Chrome is my browser of choice and it has a number of extensions available that you can add to block specific websites, the one that I've used with good luck is wips.com . Good luck.

Edited by mutha289
Link to comment
Share on other sites

I'll agree programs are getting more sneaky, especially with Baidu products being installed. The option to opt out is usually not presented in the

Express Install (recommended) option.

Nowadays you need to select the

Custom Install option.

Do worry, it's usually not that complicated, just allow the default settings for the program and opt out of the crap stuff from being installed.

You usually do have the option to opt out of crap being installed with the Custom Install whereas the with the Express Install you don't. It'll take a little more time to review the install, but the time saved not getting the crap is worth it!

I just noticed I made a type when I made this post.

It should have said:

Don't worry, it's usually not that complicated, just allow the default settings for the program and opt out of the crap stuff from being installed.

Instead of:

Do worry, it's usually not that complicated, just allow the default settings for the program and opt out of the crap stuff from being installed.

Link to comment
Share on other sites

I'll agree programs are getting more sneaky, especially with Baidu products being installed. The option to opt out is usually not presented in the

Express Install (recommended) option.

Nowadays you need to select the

Custom Install option.

Don't worry, it's usually not that complicated, just allow the default settings for the program and opt out of the crap stuff from being installed.

You usually do have the option to opt out of crap being installed with the Custom Install whereas the with the Express Install you don't. It'll take a little more time to review the install, but the time saved not getting the crap is worth it!

Baidu is the Problem.

Link to comment
Share on other sites

Never select 'express' or 'preferred' or 'recommended' installation options. ALWAYS select the slow-hand version and you will mostly see what crap is being bundled and you can opt out.

Avoid free stuff. It's mostly rubbish.

Learn how to discern between a legit products download button on a sellers web page and the rash of adware-generated "download here" buttons that grab your attention and invariably contribute to the headache. If you think you are downloading a product called (for example) "killallspamdead.exe" and you click 'Yes' when it identifies the download is going to be "watchmykittypoop.zip"... don't be surprised if you get catshit. you have selected the WRONG thing. Pay attention!

If you have a single bought and paid for AV and and a single bought and paid for malware killer, it's worth the (maybe) $50/year versus all the dicking about downloading free sh!te that doesn't do diddly.

But pay attention to what others recommend as some products just get bloated and useless (like Norton's stable of resources hogs) and you may need to change horses to get the best bang for the buck.

The two that I have settled on over the last 3 years of international gypsying are ESET NOD32 for viruses and Malwarebytes for the nasty stuff. At various times I have run Ad-aware, Norton, Webroot, McAfee and ZoneAlarm among others but they all started either missing stuff or eating up RAM or whatever.

Link to comment
Share on other sites

Never select 'express' or 'preferred' or 'recommended' installation options. ALWAYS select the slow-hand version and you will mostly see what crap is being bundled and you can opt out.

Avoid free stuff. It's mostly rubbish.

Learn how to discern between a legit products download button on a sellers web page and the rash of adware-generated "download here" buttons that grab your attention and invariably contribute to the headache. If you think you are downloading a product called (for example) "killallspamdead.exe" and you click 'Yes' when it identifies the download is going to be "watchmykittypoop.zip"... don't be surprised if you get catshit. you have selected the WRONG thing. Pay attention!

If you have a single bought and paid for AV and and a single bought and paid for malware killer, it's worth the (maybe) $50/year versus all the dicking about downloading free sh!te that doesn't do diddly.

But pay attention to what others recommend as some products just get bloated and useless (like Norton's stable of resources hogs) and you may need to change horses to get the best bang for the buck.

The two that I have settled on over the last 3 years of international gypsying are ESET NOD32 for viruses and Malwarebytes for the nasty stuff. At various times I have run Ad-aware, Norton, Webroot, McAfee and ZoneAlarm among others but they all started either missing stuff or eating up RAM or whatever.

There is no 100% perfect anti-virus program that I am aware of. "Google search" for tests on anti-virus programs for some comparative results.

"downloading free sh!te that doesn't do diddly" is not strictly correct but 90%+ of time is. Many freeware programs available known to tech community that are very good to use - usually in conjunction with one another. e.g. anti-virus and malwarebytes.

And your advice about downloading and installing "correctly" is sound.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.