Malware bug in "searchinterneat-a.akamaihd.net" resources.pak, etc.
191 views
Skip to first unread message
K Hashmi
Dec 27, 2015, 7:26:37 PM12/27/15
to Chromium-discuss
I've reported this to the Google Chrome team otherwise, but I'm really stuck.
When search for any string in the Search Bar or Right-click to "Search Google for ...", Chrome the searches using something like "http://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfV0NAAEUEgIUbQ9dUw9cFVYacBRZAF0VDFATclxZVwxIFlATJB9aFQQTQkcFME0FA1UWQhNNfWpdAEsSSWFML3JWDk4=&q=akamaihd"
(got that address which appears momentarily; I end up at Yahoo Search).
Also each new tab or new window (including Chrome launch) causes same redirect.
You can Google"searchinterneat-a.akamaihd.net redirect" for more info.
Tried Chrome Clean Tool, MS official scan and MS Malicious Software Removal, as well as ADW and MalwareBytes.
NO LUCK!!!
Sometimes, I can get a Google search to work right from G's home page (google.com). On the SERP, I get a weird ad block with the label "Search Too Know ads" and a few ads below.
I did open resources.pak (it shows a Date modified about the time this mess began). And that file is full of URLs like:
I've tried to edit these out of resources.pak using Notepad or Wordpad. When I do that, Chrome crashes on launch (i keep a backup of orig so I can go back to it).
This is a very persistent malware/virus issue that seems to be afflicting others (Google "searchinterneat-a.akamaihd.net ")
Please help me; please help Google! Thanks!!
K Hashmi
Dec 27, 2015, 7:52:43 PM12/27/15
to Chromium-discuss
Actually, when MalwareBytes is running in the background, the redirection is prevented (but Malwarebytes redirects to its own web page "block.malwarebytes.org"
I screen-captured what happens in Chrome if I open an new window or tab:
K Hashmi
Dec 27, 2015, 7:59:10 PM12/27/15
to Chromium-discuss
On Sunday, December 27, 2015 at 4:26:37 PM UTC-8, K Hashmi wrote:
Sometimes, I can get a Google search to work right from G's home page (google.com). On the SERP, I get a weird ad block with the label "Search Too Know ads" and a few ads below.
Below is a screen-capture example of new non-Google ads ("Search Too Know ads") that .akamaihd.net malware seems to be adding:
PhistucK
Dec 28, 2015, 2:49:47 AM12/28/15
to k...@khurramhashmi.org, Chromium-discuss
Generally, there are two ways to solve it -
1. Uninstall Chrome (in the process, make sure it does not delete your profile, there is a checkbox or something) and reinstall it. It should get you the original PAK file and everything else should be as it was.
2. Manually set the search engine -
Right click on the location bar and select "Edit search engines...".
Scroll down the list to get to the new search engine row and fill out the details, respectively -
Google Google https://www.google.com/search?q=%s
(Replace .com with the prefix of your country, if you want the localized Google search)
You can do that same for Yahoo! -
Yahoo! Yahoo https://search.yahoo.com/search?q=%s
The first way will only work if the malware is no longer active.
The second way should always work, but you lose search suggestions and other nice treats.
☆PhistucK
--
--
Chromium Discussion mailing list: chromium...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-discuss
---
You received this message because you are subscribed to the Google Groups "Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discu...@chromium.org.
K Hashmi
Dec 29, 2015, 2:32:19 AM12/29/15
to Chromium-discuss, k...@khurramhashmi.org
On Sunday, December 27, 2015 at 11:49:47 PM UTC-8, PhistucK wrote:
Generally, there are two ways to solve it -1. Uninstall Chrome (in the process, make sure it does not delete your profile, there is a checkbox or something) and reinstall it. It should get you the original PAK file and everything else should be as it was.
I solved the issue bit before I read this, your suggestion is what I did ... except I did not Uninstall. I went to the Chrome DL page, and DL'd the latest, and let it take care of Install.
All is as it was pre-malware EXCEPT I lost most of my Session Saver histories (several years worth). Any way to get THOSE back (I do see one or two from about 1-2 years ago -- dunno how/why Chrome picked those to re-install)?
PhistucK
Dec 29, 2015, 3:38:16 AM12/29/15
to K Hashmi, Chromium-discuss
No idea, ask the author of Session Saver, perhaps. I never heard of it.
I wonder if it worked because you had a slightly outdated version. I always thought the installer does nothing if you already have the current version, but perhaps it actually reinstalls.
☆PhistucK
--
Reply all
Reply to author
Forward
0 new messages