Jump to content

Potential Browser Hijacker keeps me from loading certain webpages properly


Go to solution Solved by Maurice Naggar,

Recommended Posts

Hi again ,

after completing the above described steps , I still fail to load some pages properly . 

the driver executable malware was flagged on a previous scan and i thought I removed them after quarantine , i'll look into that . but they are a recent download of the past few days and this issue is re-accurring after almost 2 weeks.

Link to post
Share on other sites

Please go to Control Panel, Programs, Programs and Features and uninstall the following two programs

Bonjour
+
Java(TM) SE Development Kit 15.0.2

If you do use Java SE then see about latest release https://www.oracle.com/java/technologies/javase-downloads.html
Oracle shows a version 16.0.1

 

I will have more for you later.
 

Link to post
Share on other sites

Hey

A couple of things i wanted to ask about were 

1) I attached a photo of what my browser looks like on those pages and what the malwarebytes browser extension shows and I just thought that's an absurd amount of stuff being blocked ( ad blocker blocking 50 "ads" in less than 4  minutes is also suspicious) . is this normal ? I know it kinda depends on the site but i've been using this specific site for almost 6 years without a hitch

2)I finished uninstalling java se 15 but the program Bonjour is nowhere to be found on the uninstall list accessed through control panel .I have not installed this software by myself even and am pretty sure it's part of apps that were installed for me when I purchased this Laptop 10 months.

Standing by

Yep.rar

Link to post
Share on other sites

  • Solution

on 1)  I am unsure at this point.

on 2)  This custom script will attempt to get remove references to Bonjour.

At this point, I do have a more important script for several cleanups to be run.

Be sure to save any open work files in progress  ( if any).

Close ( Exit) your open apps before you begin the following.

 

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

Please download the attached fixlist.txt file and save it to the  Downloads folder

Fixlist.txt

 

With File Explorer, go to the Downloads folder.

Right-click on FRSTENGLISH and select "Run as Administrator" & reply YES to allow to proceed.

press the Fix button just once and wait.

If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.

The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply.

 

Note: If the tool warned you about an outdated version please download and run the updated version.

 

NOTE-1: This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files.   It will also run Windows DISM to check system.

It will remove references to AVG Tuneup  ( some process named CleanupPSvc)      & a  "McAfee Remediation"

It will run a quick scan with Microsoft Defender.

Depending on the speed of your computer this fix may take ( depending on hardware speed) 45 minutes or up to an hour.

 

NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed. The use of an external password manager is highly recommended instead of using your browser to store passwords.

 

The following directories are emptied:

  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Flash Player cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin

Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

 

The system will be rebooted after the fix has run.

Kindly attach Fixlog.txt with next reply.   Plus, provide me a good idea as to How is this system afterward.

I will be out for a few hours to do personal errands.  I will check back later this afternoon / evening.  Otherwise, it may be on Sunday.

T I A

Cheers.

  • Thanks 1
Link to post
Share on other sites

Hey Maurice 

I've tried the sites and everything seems to be working and in order ! 

thank you for your patience and flexability with work hours and I appreciate your attention to details and customising solutions for my specific case .

I admire your work and wish you the best for helping overcome this hurdle.

you are much appreciated and your dedication is admirable :D

I don't know if we should be celebrating reaching page 2 on the investigation but i'm glad you were the expert assigned to my case .

Stay safe out there and thanks again ! 

Link to post
Share on other sites

The Windows System File Checker found some issue & fixed it.

Quote

La Protection des ressources Windows a détecté des fichiers corrompus et les a réparés.

I am glad that the browser issue has been overcome.   I do not believe that there was then a actual "infection".

Your pc is good to go.

To remove the FRST tool & its work files, do this. Go to your Downloads folder. Do a RIGHT-click on FRSTENGLISH.exe & select RENAME & then change it to

UNINSTALL.exe

.
Then run that ( double click on it) to begin the cleanup process.

Delete msert.exe

Delete esetonlinescanner.exe

Delete KVRT.exe    ( Kaspersky tool)

Delete mbst-grab-results.zip

Delete mb-support-1.8.4.896.exe   on Desktop

😀  I am a volunteer here.    Cases are not assigned.   

I wish you well.  Stay safe.    😎

Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.