ThomasMiles 0 Posted September 14, 2022 Share Posted September 14, 2022 My ESET NOD32 Antivirus can't find the adware that makes my PC open Chrome with the page "dinoklafbzor.org" on boot. I tried looking into processess when that happens and I found a script that opens Chrome with that page but I don't know where that proccess comes from. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,392 Posted September 14, 2022 Administrators Share Posted September 14, 2022 Please provide logs collected with ESET Log Collector as well as the suspicious script that you have found. ThomasMiles 1 Link to comment Share on other sites More sharing options...
Administrators Marcos 5,392 Posted September 14, 2022 Administrators Share Posted September 14, 2022 If you have launched Chrome via a shortcut, check the shortcut properties and make sure it doesn't start Chrome with the "--single-argument" parameter followed by the blocked url, otherwise remove the parameter with the url. Link to comment Share on other sites More sharing options...
ThomasMiles 0 Posted September 14, 2022 Author Share Posted September 14, 2022 2 minutes ago, Marcos said: If you have launched Chrome via a shortcut, check the shortcut properties and make sure it doesn't start Chrome with the "--single-argument" parameter followed by the blocked url, otherwise remove the parameter with the url. @Marcos It launches on boot. I tried finding something in the startup folder and in the startup tab but there is nothing there. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,392 Posted September 14, 2022 Administrators Share Posted September 14, 2022 Please provide a zipped Procmon boot log then. Note that you don't need to hide the post if you post logs. Those are available only to ESET staff. Link to comment Share on other sites More sharing options...
Solution ThomasMiles 0 Posted September 14, 2022 Author Solution Share Posted September 14, 2022 I found a "Windows Command Processor" in the task manager startup tab and disabled it. That solved the problem. Link to comment Share on other sites More sharing options...
Recommended Posts