0
Operating system: Windows 7 Architecture: 32 bit Antivirus software and on-demand scanners on this system : ESET smart security Malwarebytes Antimalware Spybot Search and Destroy
Date and how issue started: I don't remember how it started, but when I boot into my Windows OS, A default browser (Chrome) Window opened with indiasearcher.in/fsquirt.exe page.
If I close the browser, "Windows explorer has stopped working" message box appears and system becomes very slow. I couldn't open control panel as well as windows update and other control panel items.
I somehow managed to boot into safe mode with networking and cleaned with Malwarebytes as well as Spybot S&D. I had Bitdefender IS 2013 at that time and also performed a scan with it. I think I succeeded partially.
Current issues and symptoms: Right now, "Windows explorer has stopped working" no longer appears, but still A browser windows opens at startup. I installed ESET smart security now and performed scan again. It cleaned two .js files JS/Kryptik.ALI Trojan, but my issue still persists.
Any ideas how to identify which process initiates the browser launch during startup?
as silly has it seems, could you check that it hasn't changed your browser short cut? If it was firefox, I'd also reset it to default settings, but I have no clue if it works on chrome. – Journeyman Geek – 2013-09-21T07:09:04.103
Thanks for responding. I think malware is trying to launch whichever the default browser is. I'm not sure how to detect which process in my system us helping it during startup... – kunaguvarun – 2013-09-23T14:20:57.660
Guess I've figured out the process which helps the malware.
It is "explorer.exe". I now tried to kill process from task manager and tried to open a new task "explorer" in task manager. Voila. Google chrome opened with fsquirt.exe web page.
Now how do I stop this? – kunaguvarun – 2013-09-23T14:55:32.903