Jump to content

CatByte

Staff
  • Content Count

    1,393
  • Joined

  • Last visited

Everything posted by CatByte

  1. Is Chrome synced? Does this only happen in Chrome and Edge? Were you able to reset Edge? Are you on a specific site when this happens as it may be the sites themselves with the issue? Please follow the instructions here, including running adwCleaner:
  2. Let's reinstall both browsers If you have Google Chrome bookmarks, please back them up before proceeding. Instructions on how to do so can be found here: http://www.wikihow.com/Export-Bookmarks-from-Chrome Uninstall Software Press the Windows Key + R on your keyboard at the same time. Type appwiz.cpl and click OK. Search for the following program, right-click the program and click Uninstall. Google Chrome Follow the prompts to uninstall the program. Reboot your computer after uninstallation. Please let me know if uninstallation of the program was successful. Important: Press the Windows Key + R on your keyboard at the same time. Copy and paste the text below into the Run box and click OK. C:\Users\username\AppData\Local\Google\Chrome A folder named Chrome will open. Right-click the User Data folder inside and click Delete. Please ensure you carry out the instructions above. If you encounter any issues during the deletion of the User Data folder, please stop and let me know. Google Chrome Installation Download and install Google Chrome using the link below. → https://www.google.com/chrome Please hold-off on singing into your Google account before checking if the issue is still present. NEXT Open the WinX Menu and click on Settings Select Apps > under the Apps and features section, search for Microsoft Edge. Now click on the Advanced options button to open the advanced menu. Scroll down to the Reset section and select the Reset button. Windows will reset your Edge browser settings, keeping your Favorites intact
  3. see if you can run Chrome with the extensions disabled, it may be a recently installed extension causing the issue https://www.thewindowsclub.com/chrome-incognito-mode-safe Let me know if that makes a difference.
  4. Hello and welcome to the Malwarebytes Forum, There are no obvious signs of any infection in the logs. I suspect it is webpage based redirects that are occurring. Do you recall which particular websites you are visiting when this happens? Adding an adblocker to your browser extensions may assist. www.ublock.org, www.adblockplus.org or https://adguard.com/en/adguard-browser-extension/overview.html are all good ones to consider. Clean out your browser cache as well: While the Chrome browser is open Press Ctrl + Shift + Del to open the Clear Browsing Data Window. Click the Clear browsing data button.
  5. Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks
  6. ok, How are things running now, are you still getting IP blocks with chrome?
  7. Hello TheSirPancake. Your Windows Defender has alerted on this Chrome extension CHR Extension: (Adblocker for Youtube™) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhhhfgfhbjnkpaoedekoofphhbagpooj [2018-04-08] I do recommend uninstalling that extension: NEXT There does appear to be infection present. Please upload the following to Virus total is still present C:\Program Files (x86)\FpyEWGzDFWVVpLycIFR\RyJgGGl.dll C:\Program Files (x86)\muZPPgwvU\vcPFlq.dll C:\Program Files (x86)\GYHHaWMnbkQU2\wvhcEPmFVlCqx.dll These actual names might not be there but random names using the same format might still be if you could upload those please: http://www.virustotal.com Use the browse button on that page to navigate to the location of the file to be scanned. In the right hand panel, click on the file "C:\Program Files (x86)\FpyEWGzDFWVVpLycIFR\RyJgGGl.dll" then click the open button. The file will now be displayed in the submit box. Scroll down a bit and click "send file", wait for the results If you get a message saying File has already been analyzed: click Reanalyze file now Once scanned, copy and paste the link to the results page in your next reply. Make sure you have copied and saved the results before continuing. Do the same for the following files: C:\Program Files (x86)\muZPPgwvU\vcPFlq.dll C:\Program Files (x86)\GYHHaWMnbkQU2\wvhcEPmFVlCqx.dll NEXT Please do the following: Download the attached fixlist.txt file and save it to the Downloads folder, where FRSTEnglish.exe is saved. Fixlist.txt NOTE. It's important that both files, FRSTEnglish.exe and fixlist.txt are in the same location or the fix will not work. Run the FRSTEnglish.exe program and press the Fix button just once and wait. The tool will make a log in the same folder as where the FRST program is saved. (Fixlog.txt). Please attach it to your reply. (note: sometimes the program will need to reboot - please allow it to do so) NEXT Please run the following: Please download AdwCleaner from the following link and save it to your desktop or downloads folder. adwCleaner Please wait and look toward the top or bottom of your browser for the option to Run or Save. Click Save to save the file. Double click on AdwCleaner.exe to run the tool. Click on the Scan Now button After the scan has finished... click on the Clean and Repair button. (A reboot will be required) Press OK again to allow AdwCleaner to restart the computer and complete the removal process. After rebooting, a log file report AdwCleaner.txt will open automatically. If it does not > click on Log Files on the left, find the most recent scan log and open it, save it to your desktop. Attach that log file to your next reply. Please let me know if there are any outstanding issues.
  8. https://www.malwarebytes.com/eula/ Firefox is correct. It is stated in the eula. Sec.2.(a)
  9. Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks
  10. Trying to dig out the source from those user preferences is like trying to find a needle in a haystack, so it's best to delete them, uninstall then use an adblocker to minimize exposure and move on. Then be careful about any extensions you choose to install, research them first. Also when installing or updating programs, watch the installations carefully for any third party installs and be sure to opt out as they are always checked off to install by default Personally I use ublock, but both are very good, use which one you prefer.
  11. The sync feature has a lot to do with it. Chromes the most popular browser so therefore there are more attempts to compromise it with adware. Personally, I use FireFox, but none of the browsers are immune, so use the one you like the best. Add an adblocker > www.ublock.org is a good one. That will help to minimize exposure. Right click and delete the FRST program and logs and you should be good to go.
  12. Is the User Data folder there? (If so, delete it) Did you find the Chrome Folder in AppData? If so, then that's fine, re-install Chrome and see how it goes.
  13. yes, this should resolve it Just make sure that you are not synced as that will cause it to return See the info in this post https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/
  14. yes, Back up your bookmarks first before you uninstall. Be sure to delete the profile folder as well: (type %appdata% into the search box to open the folder) C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default << right click and delete this folder Note: “AppData” is a hidden folder, so you will need to show hidden files and folders.
  15. The good news is that there are no obvious signs of any infection on the PC, so the issue is isolated to the browser(s) There are signs of pirated software on the PC though and having stolen software on the PC brings about it's own set of security risks. You will be much more vulnerable to exploitation. I recommend uninstalling the pirated programs (Threattrack Security, Office) Please confirm that the blocks only occur while using FireFox and Chrome and not IE or Edge? If it is isolated to Chrome and FireFox, then those browsers need to be completely uninstalled and re-installed and the profile folders deleted. Chrome also needs to be unsynced or the problem will return. https://support.google.com/chrome/answer/95319?co=GENIE.Platform%3DDesktop&hl=en https://support.mozilla.org/en-US/kb/uninstall-firefox-from-your-computer Make sure you follow the instructions for removing the user data and settings. Please let me know how it goes
  16. Hello rekamyenoM Let's get a diagnostic scan of the PC to see what is going on. Please download the appropriate version of Farbar Recovery Scan Tool (FRST.exe) from here: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ save it to your desktop. Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. Double-click to run it. Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.