Jump to content

Infected but can't find it


Recommended Posts

Hi,

This has worked in a topic I found.

1. Open Edge and in the upper right area, click the icon that looks like 3 horizontal lines
2. Next, click the 3rd icon from the right, that looks like a clock with a circle arrow.  This will bring up the History
3. In the next panel, click the 'Clear all history' link
4. Now you can select which you want to clear.  Place a check in the box next to 'Cached Data and files'
5. Press the Clear button

Close Microsoft Edge, then re-open it.  Are you still seeing IP blocks?

Link to post
Share on other sites

  • Replies 97
  • Created
  • Last Reply

Top Posters In This Topic

Deleted 2 copies of Microsoft.MicrosoftEdge_8wekyb3d8bbwe in the specified folder in safe Mode.

Powershell instructions wouldn't work until after I rebooted out of safe Mode.  No viral acts from Edge so far.

...I also cleared the history at the time. (Last night)

 

Edited by Ditch67
update
Link to post
Share on other sites

Oh. Can you pass along the URLs of the last two I mentioned getting past Malwarebytes to the progs, please?  (post #21 and 28)

Figure since I need the help and I'm paying a bit, we can both work on this problem. 

 

 

 

Edited by Ditch67
Link to post
Share on other sites

Hi,

Your copy of Chrome has been compromised

step1.gif Remove Chrome from your Computer and reinstall a fresh copy later.

step2.gif Before you remove Chrome Export your Bookmarks
Chrome will export your bookmarks as a HTML file, which you can then import into another browser.

How To: http://ccm.net/faq/31791-how-to-backup-your-google-chrome-bookmarks

step3.gifIf you sync you account you must remove it before you save your bookmarks etc...
Delete Your Google Chrome Browser Sync Data if you sync with other defices. <- Important ...
https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/

step4.gif Clear your Chrome cache and cookies
https://support.google.com/chromebook/answer/183083?hl=en

Restart the computer normally to reset the registry.

step5.gif Remove Chrome using the the instructions on this page.
https://support.google.com/chrome/answer/95319?hl=en

step6.gif Re-install Chrome and the Bookmarks.
====

Restart the computer normally again.

How is crhome now?


 

Link to post
Share on other sites

https://ssdf.space/page/us/virus/virusKiller.php?clickid=20180601022753_544_ek2Vevmm

Chrome.... already gone bad after full deletion.  Pop up link above.

 

Also, while I always shut off synching, in case it stores something in the cloud,

I don't own any other devices than this laptop. (Synch is off on both Edge and

Chrome.)

 

 

Edited by Ditch67
Link to post
Share on other sites

It was set to clear everything but passwords and cookies whenever it closes.

Not aware of cookies containing viruses. 

Are you asking me to delete all cache items and then reinstall Win10? Or just Edge?

Or Edge and then 10?

(Also, Chome immediately re-infects after a full deletion. Where is the malware actually located?)

 

 

Edited by Ditch67
Link to post
Share on other sites

Hi,

It's all a matter of your Syncing, both with Chrome and Edge.

Lets take care of Chrome.

Read and carefully and follow the instructions on this page.

Chrome Secure Preferences detection always comes back
https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/
===========

As instructed do not re-sync Chrome. Wait until both browsers are cleaned.

Work will chrome for a day or two. Let me know if the Chrome is cleaned.

Check Edge and let me know if the problem persists with that browser.

Link to post
Share on other sites

This all presumes that Malwarebytes is finding and removing a virus that

then comes back because of synch. However it has never found or 

removed anything. So while I'm doing as instructed, Malwarebytes 

is the problem.  To quote the page you sent me to: 

"Perform another scan, make sure Google Chrome is closed, have it remove what it has found, reboot if being asked to. Then verify if the detection is gone."

 

Link to post
Share on other sites

Followed all instructions. Didn't even go to gmail for fear it might resync. 

10 minutes after downloading Chrome it's the same problem. 

Only thing I used was the html file I had Chrome save to bring back my bookmarks. 

 

  •  
  •  
Untitled.thumb.jpg.79e4051f56490874b8747a540711d322.jpg

  •  
Link to post
Share on other sites

Hi,

It's a Fishing net from "FISHNET-AS, RU"

Reset your router

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

====
How to tell if my Wireless is secure.
http://www.ehow.com/how_6775466_tell-wireless-secure_.html

Restart the computer normally when completed.

Run the Farbar program, scan the computer and post the FRST.txt log for my review.

 


 

Link to post
Share on other sites

Hi,

In you Addition.txt log there is an issues with Windows Defender.
Correct it by executing these instructions.
https://support.microsoft.com/en-ca/help/2510301/the-security-center-service-can-t-be-started-error-message-in-windows
===

This are remnant entries from a previous infection. It's not found as runnig in your computer.
C:\program files (x86)\arc\arcchat.exe

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

The tool will create a log (Fixlog.txt) please post it to your reply.

Please let me know what problem persists with this computer.

fixlist.txt

Link to post
Share on other sites

Ran fix. ArcChat is just something from a legitimate online game

that I had no use for. Security Center allows no changes, but in any

case says: 'Service status: Running'.  Do I really need to do this 

over in safe mode if the status is not 'Stopped'?

 

Rebooting router 'seemed' to work until today. Though I'd note that I put settings back

as they were, right after reset, to avoid problems with wifi. Should I be changing some

of the settings if the problem is on the router? Which do you recommend?

 

Edited by Ditch67
Link to post
Share on other sites

Though I'd note that I put settings back

as they were, right after reset, to avoid problems with wifi. Should I be changing some

of the settings if the problem is on the router? Which do you recommend?

I suggest you check with your Internet Provider.
===

Malware Bytes just caught this on Edge


The link opens a Google start page.

Make sure you copy the complete link or post an image.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.