Jump to content

Recommended Posts

Hi 

I have that virus where whenever I search using the bar on google chrome I get redirected to trovi.com

This does not happen with edge.

I've run scans with windows defender, Malwarebytes, Adwcleaner and RogueKiller
All detect nothing

This makes me think its just isolated to chrome 
So I deleted browsing/download history, coockies, cached, passwords, autofill data, site settings and hosted app data

I've checked search engine settings and all is normal

Is there anyone who can help
I'd like to not completely reset my chrome if possible

Thanks
 

(the only thing detected was the honey browser extension which I have deleted) 

RogueKiller.txt AdwCleaner[S00].txt Malwarebytes.txt

Link to post
Share on other sites

Hi,      :welcome:
My name is Maurice. I will be helping and guiding you, going forward on this case.
Let me know what first name you prefer to go by.

Please follow my directions as we go along.  Please do not do any changes on your own without first checking with me. 
If you will be away for more than 3 consecutive days,  do try to let me know ahead of time, as much as possible. 
  
Please only just attach   all report files, etc  that I ask for as we go along.
.

[   1   ]

Use Chrome browser   to go to https://www.google.com/settings/chrome/sync and sign into your account.
Scroll down until you see the "reset sync" button and click on the button
At the prompt click on "Ok".

[   2   ]

for Chrome, while Chrome is running:
Press & hold SHIFT+CTRL+Del keys  on keyboard to get menu for clearing browsing data:

Check mark the line  "Browsing history"

Check mark the line "Download history"

Check mark the lined "Cached images and files"
and press Clear Data button  ( in blue )

[   3   ]

After that, make real sure that Chrome is "NOT" set to reload the pages from the last session

Go into the settings menu of Chrome by first clicking  the control icon of Chrome on upper right of the adress bar

Then look deeper in SETTINGS

 

image.png.17e49fb84e2741f49a423daa727ebd14.png

Make real sure it is "NOT" set to "continue where you left off"

.

[   4   ]

See this article on our Malwarebytes Blog
https://blog.malwarebytes.com/security-world/technology/2019/01/browser-push-notifications-feature-asking-abused/

 

You want to disable the ability of each web browser on this machine from being able to allow "push ads". That means Chrome, Firefox, or Edge browser (on Windows 10), or on Opera.

Scroll down to the tips section "How do I disable them".

[   5   ]

I suggest you install the Malwarebytes Browser guard for Chrome.

To get & install the Malwarebytes Browser Guard extension for Chrome,

 

Open this link in your Chrome   browser: 

https://chrome.google.com/webstore/detail/malwarebytes/ihcjicgdanjaechkgeegckofjjedodee

 

Then proceed with the setup.

Link to post
Share on other sites

Thank you for your help

 

I realised that I was doing a quick scan with Malwarebytes so I ran a custom scan on all my drives, where it found 'PUP.Optional.BundleInstaller'.

I have deleted the program, rerun the scan and nothing was found.

However the problem still persisted on the browser so I followed your actions, desync and install Malwarebytes detector.

But it found nothing.

Then I got annoyed and in the 'Reset and Clean up' tab I restored settings to their original defaults.

The issue has now gone. 

I've restarted a couple of time to check it has gone and everything seems fine.

So thanks for the help didn't mean to waste your time.

👍

Link to post
Share on other sites

OK.   I am glad that now things are normal with Chrome.    Restoring its settings to original does do good.

 

Since things are ok  & you did not mention another issue, I am marking this case for closure.

Backup is your best friend.  Keep backups of your system on a regular basis to offline storage & keep those safe. https://forums.malwarebytes.com/topic/136226-backup-software/

It is not enough to just have a security program installed. Each pc user needs to practice daily safe computer and internet use.

Best  practices & malware prevention:
Follow best practices when browsing the Internet, especially on opening links coming from untrusted sources.
First rule of internet safety: slow down & think before you "click".
Never click links without first hovering your mouse over the link and seeing if it is going to an odd address ( one that does not fit or is odd looking or has typos).

Free games & free programs are like "candy". We do not accept them from "strangers".

Never open attachments that come with unexpected ( out of the blue ) email no matter how enticing.
Never open attachments from the email itself. Do not double click in the email. Always Save first and then scan with antivirus program.

Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed.
Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next".

Use a Standard user account rather than an administrator-rights account when "surfing" the web.
See more info on Corrine's SecurityGarden Blog http://securitygarden.blogspot.com/p/blog-page_7.html
Don't remove ( or change )  your current login. Just use the new Standard-user-level one for everyday use while on the internet.

 

Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware.

For other added tips, read "10 easy ways to prevent malware infection"

 

Stay safe.  I wish you all the best.   😎

Sincerely,

Maurice

Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Hello RedChicken.     What is going on ?   what is up ?

Edited by Maurice Naggar
Link to post
Share on other sites

Good afternoon @RedChicken

A few days ago you requested Ron to re-open this thread.  He has done so.   Please provide more detail on what is going on , plus,

run this diagnostic-information support tool.

 

I would appreciate  getting some key details from this machine in order to help you forward.

 NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

 

Do have patience while the report tool runs.  It may take several minutes.  Just let it run & take its time.  You may want to close your other open windows so that there is a clear field of view.

Download Malwarebytes Support Tool

   

    Once the file is downloaded, open your Downloads folder/location of the downloaded file

    Double-click mb-support-1.7.0.827.exe  to run the report

 

Once it starts, you will see a first screen with 2 buttons.  Click the one on the left marked "I don't have an open support ticket".

 

        You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.

       

    Place a checkmark next to Accept License Agreement and click Next

Now click the left-hand side pane "I do not have an open support ticket"

 

    You will be presented with a page stating, "Get Started!"

    Do NOT use the button “Start repair” !   But look instead at the far-left options list in black.

 

    Click the Advanced tab on the left column

   

    Click the Gather Logs button

   

    A progress bar will appear and the program will proceed with getting logs from your computer.  Please do have patience.  It takes several minutes to gather.

  

    Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK.  Then Exit the tool.

 

    Please attach the ZIP file in your next reply.

Link to post
Share on other sites

It has been several days since after Ron has re-opened the thread and we still have not heard back from you.

I am presuming you have ( for some reason or other )  no intent to reply.    Thus I am no longer wtaching this case.

I do wish you well.

Link to post
Share on other sites

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.