totaladperformance

[NanLaew]

In the past month, I have had spurious web pages launch in chrome when I click on something. The new page has the totaladperformance url but stays blank for ages and I eventually just close them. I was thinking maybe I have a sticky mouse button and as I move it after clicking something I want, I am inadvertently clicking on some adware on the website. It is not on every click, maybe one or two each day and it seems unique to my Chrome browser. I also use Firefox (default browser) and IE only when forced to.

Doing a google search indicates that this 'operator error' with the mouse is a common misconception of where these spurious page launches originate but digging further, it appears to be malware that possibly comes from some newly installed software or from some other site, possibly a torrent or media-intensive one and is a bit of a bugger to define and thus a total bugger to get rid of.

Most referrals for removal cite the two form of 'infections', one which would entail uninstalling the dodgy program or running malwarebytes to find it and kill it. The other seems a lot more nebulous since it doesn't seem to be installed in the sense of a program being installed. I have the latest paid-for malwarebytes and it hasn't detected anything fixed but I am still getting the odd sheet launch. Since totaladperformance is apparently about gathering everything from your browser history to keystrokes, I am getting a bit pissed off with it, especially when website, blogs and other instructionals about it seem to focus on the installed malware (that I don't have) and leave one a bit clueless about the other, more insidious variant.

I may do a total uninstall of Chrome, run all the ghost busters and reinstall and see where that goes but if anyone else has experience with this, please contribute.

FYI, I run a full paid-up ESET NOD 32 antivirus and as said before, a full paid-up malwarebytes malware killer. This is on my dogsbollicks, workhorse Win 7 Professional core i5 ASUS laptop.

Thanks,

NL

Edited June 11, 2015 by NanLaew

[RichCor]

Pop up pages can be generated externally via compromised DNS server used, or a rogue service router injecting/adding code to JavaScripts as they pass through.

But most unwanted pop ups are likely generated by something now running on the computer itself.

In Chrome you can use ≡ (Settings) scroll to "Show Advanced Settings" and select "Reset Settings" to start Chrome afresh.
Also run the usual Malwarebytes, SpyBot S&D, etc. to see if anything has been added (or .dll modified)

Also, when searching, take a look at the help forums, (see how they made out).

Infected browser.

« on: April 23, 2015, 05:48:45 PM »

From what this poster mentions, the 'infection' (unwanted settings/code/whatever) can be picked up and propagate over sync'd google accounts.


//edit

a suggestion from one of the help forums

bleeping has related Topic.. infected by browser malware totaladperformancecom et al

Also, some General Suggestions:

Turn Off Chrome Sync (if enabled, to stop spread to other devices linked to your google account)

Visit 'one' of the free Malware Removal Forums recommended by the community

http://www.bleepingcomputer.com/Am-I-infected-What-do-I-do/

http://forums.whatthetech.com/MalwareRemovalForum

http://www.geekstogo.com/Security/MalwareRemoval

http://www.cybertechhelp.com/MalwareRemovalForum

Trained experts at free Malware Removal Forums do their best to clean / repair your system.
Resist self fixes and using your computer as normal until your system is declared clean. Register n' start a Thread at 'one' Malware Removal Forum. Follow Malware Removal Forum instructions as they can be finicky.

Edited June 11, 2015 by RichCor

[NanLaew]

Thanks RichCor. I have already checked most of those links that you gave and had run a few checks but assume that the problem persists as nothing was flagged. It may take a few hours for a random page launch or a few days, depending on how much chrome usage there is.

The unsyncing option is a good idea; I think I am un-synced but google is like facebook in that they change a policy and suddenly things like 'sync = yes' are the defaults.

I will back up my bookmarks and do a reset first. If that doesn't kill the bugger, then I reckon the uninstall, reboot, scan the bejezus, reboot and clean install will be the way to go.

Thanks fr your time!

[Chicog]

Thanks RichCor. I have already checked most of those links that you gave and had run a few checks but assume that the problem persists as nothing was flagged. It may take a few hours for a random page launch or a few days, depending on how much chrome usage there is.

The unsyncing option is a good idea; I think I am un-synced but google is like facebook in that they change a policy and suddenly things like 'sync = yes' are the defaults.

I will back up my bookmarks and do a reset first. If that doesn't kill the bugger, then I reckon the uninstall, reboot, scan the bejezus, reboot and clean install will be the way to go.

Thanks fr your time!

Reboot into a bootable cleaner and scan and clean with that.

Much modern malware is capable of hiding itself before the A/V software kicks in.

[NanLaew]

Thanks RichCor. I have already checked most of those links that you gave and had run a few checks but assume that the problem persists as nothing was flagged. It may take a few hours for a random page launch or a few days, depending on how much chrome usage there is.

The unsyncing option is a good idea; I think I am un-synced but google is like facebook in that they change a policy and suddenly things like 'sync = yes' are the defaults.

I will back up my bookmarks and do a reset first. If that doesn't kill the bugger, then I reckon the uninstall, reboot, scan the bejezus, reboot and clean install will be the way to go.

Thanks fr your time!

Reboot into a bootable cleaner and scan and clean with that.

Much modern malware is capable of hiding itself before the A/V software kicks in.

Good idea. Any recommendations there?

I did a quick google search and see that ESET have one and I am already running ESET so I will try that for starters but always good to hear of alternatives with a proven track history.

Thanks,

NL

Edited June 11, 2015 by NanLaew