Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

PC browser redirects are affecting everything. [Solved]


  • This topic is locked This topic is locked

#16
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

You're certainly welcome.  We are very close to giving you the thumbs-up here, but before that, I'm concerned about your inability to reset Chrome.  It may be the result of previously existing malware.
 
Let's try a different approach, shall we?
 
Re-install Chrome

Unless you did this yourself, malware has likely changed your Chrome version into the Development Build. Among other things this allows malware to install any extension it wants. We need to resolve this.

  • If you have bookmarks, let's save them by exporting them - Export Bookmarks
  • Then I need you to go Google Sync and sign into your account
  • Scroll down until you see the "Stop and Clear" button and click on the button. At the prompt click on "Ok"
  • Now we need to uninstall chrome. Note: When asked about user data or settings you must remove this also so please check the box.
  • Restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome
  • Import your bookmarks back into Chrome
  • Sign back in to your Chrome browser so that your bookmarks sync with your online account.

 

Let me know how this method works. ;)


  • 0

Advertisements


#17
[email protected]

[email protected]

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

Good Evening,

 

Uninstalled and re-installed Chrome everything was completely removed and now is re-synced. I hope that helps.

Again the PC seems to be working OK. 

 

I hope all the malware is gone. 


  • 0

#18
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hi Lisa,

 

Congratulations, your log is clean! :thumbsup:

Now, let's cover some additional steps to clean up your computer and help you avoid getting infected again...

Step 1

Tools Cleanup and Housekeeping

The first thing we need to do is to remove all the tools that we have used. This is so that should you ever be re-infected, you will download updated versions. It will also remove the quarantined Malware from your computer.

Tool Removal

We need to remove the tools we've used during cleaning your machine

  • Download DelFix from here
  • Ensure Remove disinfection tools is ticked
  • Also check these options:
    • Activate UAC
    • Create registry backup
    • Purge system restore
    • Reset System Settings
    delfix_zpsjnkukbim.png
  • Click Run
  • The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply

And delete any logs that you have left over on your desktop.

Now let's take a few preventative measures to reduce the risk of further infections. :cool:


Step 2

Automatic Updates for Windows Vista

Another essential is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats, Microsoft releases security updates that help keep your computer from becoming vulnerable. It is best if you have these set to download automatically:

Turn ON Automatic Updates in Windows Vista


Step 3

Keep Java Updated

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java.
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to disable Java in your web browser and How to unplug Java from the browser).

If you do need to keep Java then download JavaRa.
Run the program and select Remove Java Runtime.  Uninstall all versions of Java present.
Once done then run it again and select Update Java runtime > Download and install Latest version.
javara.JPG


Step 4

Web Browser security

Most malware is exploiting Internet Explorer's vulnerabilities, with Firefox you will be more secure.

Note: If you are going to use Firefox, I would suggest the use of these add-ons:

  • NoScript - for blocking ads and other potential website attacks.
  • McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling.

Step 5

Other Program updates

You have outdated versions of Adobe software, and should get the latest versions and keep it updated.  Best of all, they're FREE:

NOTE: Make sure to uncheck the check box labelled "Yes, install McAfee Security Scan Plus - optional", or any other optional "features".



Step 6

Anti Virus Programs

On to personal Anti Virus programs. One AV is a must have, but never more than one, as this can and will cause conflicts, system slow-downs, and false readings.

If you wish to keep using your current program, always make sure it is up to date and enabled.

- OR -

These FREE ones are as good as any paid subscription AV, as long as you allow them to update themselves:

 

Step 7

Anti Spyware

You already have an excellent preventative program that will help to keep the nasties away - Malwarebytes Anti-Malware.  I would advise running this at least once a month.  If you need to download it again, you can get it from here:

Malwarebytes Anti-Malware


Step 8

Personal Firewalls

Next let's look at Firewalls. These help to prevent unauthorized access both to and from the internet or your local network. A firewall is considered a first line of defense in protecting private information. Below are two free firewalls to choose from, if you do not already have one. Note: You only want to use one firewall your system.

You can use your built-in Windows Vista Firewall, OR use a third-party one, such as these:

Step 9

Instant Messengers

Almost done! If you like to use chat, MSN and Yahoo have vulnerabilities that can leave you open to infections. There are however a couple of very good, malware-free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN):

Step 10

File/System Cleaners

Finally, it is a good idea to clear out all your temp files every now and again. This will help keep your computer running optimally. It can detect registry errors, missing shortcuts, invalid files, etc. It also can assist in getting rid of files that may contain malicious code that could re-infect your computer.

Step 11

CryptoLocker Warning
 
CryptoLocker is a particularly nasty infection which is becoming more prevalent...
 
Go here for information about CryptoLocker Ransomware. Learning about what is out there may help you prevent infection. The best protection against this infection is to backup your files often. If you're using an external drive, keep it unplugged from the computer when you're not backing up files or using it. This will prevent the infection from getting to your backed up files if you ever have the frustrating experience of contracting it.
 
It is suggested to Download CryptoPrevent, which is free for home use. It will help prevent CryptoLocker infection.



Further Reading

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this excellent article, originally written by Tony Klein, and updated by SpySentinel.

I will keep this log open for the next couple of days, so if you have any further problems, you can post another reply here.

OK, happy computing, and stay safe! :cool:


Please reply again to this thread to acknowledge you have read my last post.  If you have no further questions, this thread will be closed to prevent others from posting here.

Thanks!


  • 0

#19
[email protected]

[email protected]

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Hi Thanks for all the info. I will safe now. I will keep Microsoft Security running at all times, and I think I will switch to Firefox. LISA DelFix.txt # DelFix v10.9 - Logfile created 29/03/2015 at 11:42:09 # Updated 27/02/2015 by Xplode # Username : Mom - MOM-PC # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) ~ Activating UAC ... OK ~ Removing disinfection tools ... Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\Users\Mom\Desktop\AdwCleaner.exe Deleted : C:\Users\Mom\Desktop\FRST64.exe Deleted : C:\Users\Mom\Desktop\JRT.exe Deleted : HKLM\SOFTWARE\AdwCleaner ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #743 [Revo Uninstaller's restore point - Microsoft XNA Framework Redistributable 3.1 | 03/22/2015 21:48:47] Deleted : RP #744 [Revo Uninstaller's restore point - Microsoft XNA Framework Redistributable 3.1 | 03/22/2015 21:50:20] Deleted : RP #745 [Revo Uninstaller's restore point - SmartPurple | 03/22/2015 21:50:59] Deleted : RP #746 [Revo Uninstaller's restore point - PepperZip 2.0 | 03/22/2015 21:53:08] Deleted : RP #747 [Revo Uninstaller's restore point - TheBestDeals | 03/22/2015 21:54:02] Deleted : RP #748 [Revo Uninstaller's restore point - StormWatch | 03/22/2015 21:54:57] Deleted : RP #750 [Supprimé Webplayer Remote | 03/22/2015 21:57:59] Deleted : RP #751 [Windows Update | 03/23/2015 21:03:54] Deleted : RP #752 [Windows Update | 03/25/2015 18:34:03] Deleted : RP #754 [Restore Point Created by FRST | 03/26/2015 20:07:35] Deleted : RP #756 [Restore Point Created by FRST | 03/27/2015 15:06:27] Deleted : RP #758 [Restore Point Created by FRST | 03/27/2015 22:22:24] Deleted : RP #759 [Revo Uninstaller's restore point - ESET Online Scanner v3 | 03/28/2015 16:49:01] Deleted : RP #760 [Revo Uninstaller's restore point - Steam | 03/28/2015 16:50:44] Deleted : RP #761 [Removed Steam | 03/28/2015 16:50:53] Deleted : RP #762 [Revo Uninstaller's restore point - Windows Media Encoder 9 Series | 03/29/2015 00:52:35] Deleted : RP #763 [Revo Uninstaller's restore point - ESET Online Scanner v3 | 03/29/2015 00:53:48] Deleted : RP #764 [Revo Uninstaller's restore point - UserTesting.com Recorder Plugin | 03/29/2015 00:54:31] Deleted : RP #765 [Revo Uninstaller's restore point - Google Chrome | 03/29/2015 01:08:22] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ##########
  • 0

#20
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

You are most welcome, Lisa. :thumbsup:  

 

Firefox is what I use, and with the NoScript extension, you are pretty well protected.  A minor annoyance with NoScript is teaching it what is OK so it will allow it, but there's a status bar that appears to prompt you.  You can tell it to allow sites opened from bookmarks by default, which helps too.

 

Also, installing CryptoPrevent (Step 11) is highly recommended. :)

 

Happy Computing!


  • 0

#21
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP