Malvertisement Website Redirect 15

Norton Security | Norton Internet Security
1

How do I remove this Malvertisement Website Redirect 15 link in my PC to the http :// www .adnetworkperformance .  com/script/preurl . php?r=1781859 which is only happening when I use google chrome and not with IE or Edge.  Norton Security Suite states that it is from the Google Chrome program folder, but I have no reference to the attacking file to be able to physical remove it from my PC and/or it's registry.

Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description
10/6/2017 8:04:27 AM,High,An intrusion attempt by localhost was blocked.,Blocked,No Action Required,Web Attack : Malvertisement Website Redirect 15,No Action Required,No Action Required,"localhost (127.0.0.1, 43227)",www . adnetworkperformance . com/script/preurl.php?r=1781859,"localhost (127.0.0.1, 59737)",localhost (127.0.0.1),"TCP, Port 43227"
Network traffic from <b>www . adnetworkperformance  .  com/script/preurl . php?r=1781859</b> matches the signature of a known attack.  The attack was resulted from \DEVICE\HARDDISKVOLUME2\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE.  To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>. 

 

Thank you for your support!

2

If this is only happening in Chrome, check all your extensions to see if you see anything unusual there. Try disabling all extensions to see if there is any change.

Clearing the Chrome Browsing Data may help. 

3

I ran Norton Power Eraser and nothing showed up.  Currently I am not getting this when I use Google Chrome, but Windows, Norton, etc., just had some updates. Nothing new though that was quarantined in Norton or Malwarebytes. We'll see!

4

Here's a link to the Symantec page, below. If you run NPE, be careful what you delete, as it can delete needed system files.

https://www.symantec.com/connect/forums/malvertisement-website-redirect-web-attack

If that doesn't get rid of it, you can go to one of the free malware removal sites we recommend, where an expert will help clean your system. If so, pick one and stay with that expert until your system is declared clean.

http://www.bleepingcomputer.com/ (link is external)
http://www.geekstogo.com/forum/ (link is external)
http://www.cybertechhelp.com/forums/ (link is external)
http://forums.whatthetech.com/ (link is external)
http://qmalwareremoval.freeforums.net/ (link is external)

5

That is the first thing I did, but nothing showed on the full scan or by Malwarebytes!  I came here hoping someone might have some intel on a filename or registry string that I could manually extract to get ride of it, because if it is all to connect it would not be good!

6

Hi, Highlander. Run a Norton Full Scan and also a scan with MalwareBytes Free Edition to see what they pick up.

https://www.malwarebytes.com/mwb-download/

You can choose to run the free trial if you wish.