Browser hijacked with www1.ramirocampos.pro adware!
-
Hi again. I did check Service-Worker's entries, and it was OK. Thanks very much for the valuable help provided.
-
@greybeard said in Browser hijacked with www1.ramirocampos.pro adware!:
@Catweazle much the same but using Sophos Home Premium (they also have a free version) as AV. I had issues a few months back and used MalwareBytes as verification.
I do use Nirsoft's CountryTraceRoute as it is more versatile.Not the same as the extention
Trace can protect against:
- Canvas Fingerprinting
- Audio Fingerprinting
- WebGL Fingerprinting
- JS Crypto Currency Mining
- Common Tracking Protection (New!)
- WebRTC Leakage
- Media Device Enumeration (New!)
-
I note that this issue is now remarked as "resolved", but I hope that the following will be useful to other people with infected machines (and also to the OP to ensure theirs is definitely now clean!!).
I second @Catweazle 's recommendation of the "trace" browser extension. It covers the functions of multiple separate privacy extensions. Until the ad and analytics networks clean up their acts, privacy extensions are a great way of avoiding malware.
With regards to cleaning up your system, I note that you mentioned your copy of Vivaldi was a portable one; in which case it's easier to delete it and recreate it from scratch, which might get rid of the adware (depending on where it's took hold - if it's embedded itself into the Windows registry etc. then this will do nothing).
Finally, malware doesn't like to be lonely. For each piece that's made its presence known, you may well have a few more friends it's downloaded for company. If any of my relatives or friends comes to me with a suspect computer, there's a couple of utilities I like to sweep it clean with:
- F-Secure Online Scanner is very fast and pretty good.
- Emsisoft Emergency Kit is also pretty quick and has a fantastic detection rate.
- Windows Defender has a reasonable detection rate nowadays. A final "offline scan" with this utility will give added piece of mind. It's under the option "run advanced scan". It's a boot-time scan that catches things before Windows has loaded and normally runs very quickly.
- Comodo Cleaning Essentials can help get the last bits of crud off your computer, but I've always seen lots of false positives when I've used it.
Those utilities (excluding WD) are portable, so you don't need to install them. Emsisoft and F-Secure have good reputations, too. Comodo have had their share of embarrassments and controversies over the years, but they're well known and still have a reasonable reputation.
Honourable mentions also go out to:
- I think Kaspersky TDSSkiller, McAfee Stinger, and Malwarebytes' AdwCleaner have already been mentioned - they're pretty good portable cleaners.
- You could also try the regular Malwarebytes and Spybot - but be aware that these products can integrate into the security centre, which might disable your existing AV product. I have also noticed that (in my limited experience) their detection rates are no where near as good as they once were. (The last machine I actually found a piece of spyware on with a Spybot scan was running Windows ME).
- Zemana antimalware used to have a good reputation, but development stalled for a while, and it also leaves lots of traces (some still active) when you uninstall it. Additionally I have never found its detection rate to be particularly good. If you're desperate, it's one more tool to help with the cleanup effort, but I personally stopped using it years ago.
Obviously, don't run all cleaners at the same time. Run 1, reboot and check your system's not bricked, run the next, reboot... and so on.
-
This one also is a good cleaner
https://www.pandasecurity.com/en/homeusers/solutions/cloud-cleaner/ -
Hi. The issue has been resolved. I've run many tools (including ComboFix) to look for suspicious stuff. MalwareBytes, UnHackMe, Defender, also give me the thumbs up. Worse case scenario I'll restore an image from 10 days ago, but I think it's safe to say I'm good to go. Thanks much everybody!
-
@Catweazle Looks like a totally different application.
Using uBlock Origin with nano Adblocker and IBM Trusteer Rapport for all that.
Also there is MSoft's Window's Defender Browser Protection app for chrome which protects against Phishing and Malware. -
uBlock Origin with nano Adblocker? nano Adblocker contains all uBlock filters, it is a fork of uBlock Origin with some changes. Or did you mean nano Defender? (hides the adblocker)
-
You guys know that uBlock Origin also comes with uBlock Origin Extra, which is the anti-anti-adblocker, right? Exactly what Nano Adblocker+Nano Defender are. uBO+uBO Extra were there already. There's no need to gets your panties twisted about Nano Defender, all the Nano stuff are just forks of uBO, that guy is pratically living off someone else's work. If you keep the lists updated, it's just a matter of using one or another but they do the same exact thing.
-
@iAN-CooG said in Browser hijacked with www1.ramirocampos.pro adware!:
You guys know that uBlock Origin also comes with uBlock Origin Extra, which is the anti-anti-adblocker, right? Exactly what Nano Adblocker+Nano Defender are. uBO+uBO Extra were there already. There's no need to gets your panties twisted about Nano Defender, all the Nano stuff are just forks of uBO, that guy is pratically living off someone else's work. If you keep the lists updated, it's just a matter of using one or another but they do the same exact thing.
I know, nano Defender also works with uBlock Origin, you need to change some things.
All good adblockes are using the same filters, include Blokada in Android use filters that you can found in uBlock or nano.
I care that an adblocker weighs little, I don't see ads or trackers again. This has been accomplished perfectly, also blocks the entry to evil websites, better yet -
Guys, the OP already said the problem is sorted out on their end, no need to make this into "mine privacy blocker is superior to thine" type of thread :smiling_face_with_open_mouth_closed_eyes:
-
@Pathduck
It was just a clarification to @greybeard for using uBlock Origin together with nano Adblocker, which is obviously redundant. -
-