Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.



Windows 7: Redirect hides browser extension

12 Oct 2013   #1
Microsoft MVP

64-bit Windows 8.1 Enterprise
 
 
Redirect hides browser extension

Quote:
While analyzing a malicious Chrome browser extension we recently came across a Virtool that tries to redirect the Chrome Extension page.

We detect it as VirTool:JS/Redichrextor.A.

VirTool:JS/Redichrextor.A won’t let you view, change, remove or uninstall Chrome browser extensions. It does this by stopping you from viewing the Chrome Extension page.

It uses this technique so an affected user won’t be able to remove or uninstall the malicious extension without help from their antimalware software. This makes VirTool:JS/Redichrextor.A a useful piece of code for any malicious Chrome browser extension that wants to avoid manual detection or removal.

When an affected user does try to view the Chrome browser extension page they are redirected. We have seen it open a new tab, or go to the Chrome web store or Google.com:
•Chrome://newtab

•Chrome.google.com/webstore

Google
We have also seen similar behaviour used by the following known malicious Chrome browser extensions:
•Trojan:JS/Kilim

•Trojan:JS/Reksner
Once VirTool:JS/Redichrextor.A is detected and removed, you should be able to go to the Chrome extension page.

We recommend you then check and uninstall any suspicious browser extension that might be linked to VirTool:JS/Redichrex.A or other malware. We also recommend keeping your security products up-to-date to avoid infection.

While this new trick makes it harder to remove the Virtool manually, it is still easily detected and removed by Microsoft Security software.

SHA1s:

5a72d55f6b6c467565a2a53fe7ecb08beb996947
59131b62bb58bf80ab83e7f6522689ed38553cfb
0b516d26316c889a3468b92b4e376573567a822c

Jonathan San Jose

MMPC
Source: Redirect hides browser extension - Microsoft Malware Protection Center - Site Home - TechNet Blogs

My System SpecsSystem Spec
15 Oct 2013   #2

Microsoft Windows 7 Professional 64-bit 7601 Multiprocessor Free Service Pack 1
 
 

Thanks for the information.
My System SpecsSystem Spec
Reply

 Redirect hides browser extension





Thread Tools



Similar help and support threads for2: Redirect hides browser extension
Thread Forum
Google undeletes RSS extension for Chrome browser News
Task switcher hides behind windows General Discussion
Chrome Extension Idea - Extension Bar Browsers & Mail
What Hides the Wiring? PC Custom Builds and Overclocking
Microsoft hides mystery Firefox extension in toolbar update News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 09:27 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33