vimy100 Posted October 20, 2022 ID:1538657 Share Posted October 20, 2022 I seem to be infected with something that keeps trying to direct me to chilichicytrie.com and claiming that I have have 5 viruses and should click and scan now. I didn't do so. Instead, I scanned my computer with MalwareBytes, Windows Defender, and AdwCleaner. None detected any threat. I attempted to follow the directions to access this forum. I tried to download and use the Farbar Recovery Scan Tool but when I tried to run it Windows Defender warned that it was unsafe to do so. I use both Windows Defender and MalwareBytes to protect my system and this has worked well for years. I assume I should ignore that Windows Defender warning and just continue? Link to post Share on other sites More sharing options...
Solution vimy100 Posted October 20, 2022 Author Solution ID:1538662 Share Posted October 20, 2022 I normally use Firefox as a browser but was using MS Edge when the chilichicytrie.com pop-up began plaguing me. I just discovered that the notifications from chilichicytrie.com that I have been getting every five minutes can be blocked using settings in the MS Edge browser. This has solved my problem. I now understand that I did not have any PUP or virus (hence MWD & Win Defender not finding any) but h.ad a notification problem. Changing the settings in the browser has solved the problem. Thanks. Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 20, 2022 ID:1538664 Share Posted October 20, 2022 (edited) Hello @vimy100 Suggestions for you as follow-on actions. See this article on our Malwarebytes Blog https://blog.malwarebytes.com/security-world/technology/2019/01/browser-push-notifications-feature-asking-abused/ You want to disable the ability of each web browser on this machine from being able to allow "push ads". That means Chrome, Firefox, or Edge browser (on Windows 10 or Windows 11), or on Opera. Scroll down to the tips section "How do I disable them". Let me suggest that you get your browsers each, as applicable, to have the Malwarebytes Browser Guard. See Support article how-to https://support.malwarebytes.com/hc/en-us/articles/360038520374-Install-Malwarebytes-Browser-Guard See Support article how-to for Firefoxhttps://support.malwarebytes.com/hc/en-us/articles/4413298841747--Install-Malwarebytes-Browser-Guard-on-Firefox-browser For the EDGE browser https://support.malwarebytes.com/hc/en-us/articles/4413298736787-Install-Malwarebytes-Browser-Guard-on-Microsoft-Edge-browser Note: If your pc also has Opera or Brave or Vivaldi browser, you can install the Chrome version of the Malwarebytes Browser Guard ( on each as appropriate). Edited October 20, 2022 by Maurice Naggar 1 Link to post Share on other sites More sharing options...
vimy100 Posted October 20, 2022 Author ID:1538665 Share Posted October 20, 2022 Thanks for the suggestions, Maurice, I am in the process of implementing them now. Much appreciated. Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 20, 2022 ID:1538667 Share Posted October 20, 2022 You are welcome. I'd suggest you run this report so I can review. Download SecurityCheck by glax24 from here https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe and save the tool on the desktop. If Windows's SmartScreen block that with a message-window, then Click on the MORE INFO spot and over-ride that and allow it to proceed. This tool is safe. Smartscreen is overly sensitive. Right-click with your mouse on the Securitycheck.exe and select "Run as administrator" and reply YES to allow to run & go forward Wait for the scan to finish. It will open in a text file named SecurityType.txt. Close the file. Attach it with your next reply. You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt Link to post Share on other sites More sharing options...
vimy100 Posted October 20, 2022 Author ID:1538690 Share Posted October 20, 2022 I ran the check, Maurice, and see it warns about Glary Utilities and CCleaner both of which I have used for years without any problems I'm aware of. If these are not recommended what would a person use in their stead? VdhCoApp 1.6.3 and Bonjour v.3.1.0.1 were unfamiliar to me. I just discovered that Bonjour 3 is an app from Apple but I have never used it as far as I know ~ I very seldom have any interaction with Apple or their products. It is not in my Start Menu. Apparently VdhCoApp is used by the Video DownloadHelper browser add-on. I use that in Firefox. What's your advice? SecurityCheck.txt Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 20, 2022 ID:1538698 Share Posted October 20, 2022 Launch Malwarebytes. Do a Check for Update using the Malwarebytes Settings >> General tab. See this Support Guide https://support.malwarebytes.com/hc/en-us/articles/360042187934-Check-for-updates-in-Malwarebytes-for-Windows When it shows a new version available, Accept it and let it proceed forward. If prompted to do a Restart, just please follow all directions. You can use the MS Windows "CLEANMGR" to help you in clearing temporary file areas ( in lieu of CCleaner) See https://www.tenforums.com/tutorials/3012-open-use-disk-cleanup-windows-10-a.html Why do you consider that you need "Glary utilities" ? to do what ? Registry cleaners range from the non-effective snake-oil to the ok ones --- but they can lead to causing more harm than good. Some can even lead to removing actually needed entries. I rarely suggest that folks use these "tools". Please see Ed Bott's blogpost "Why I don’t use registry cleaners"http://www.edbott.com/weblog/2005/04/why-i-dont-use-registry-cleaners/ In the context of the notion of a registry cleaner, I would refer you to Mark Russinovich's ( at Microsoft ) statement (from Registry Junk: A Windows Fact of Life ). http://blogs.technet.com/b/markrussinovich/archive/2005/10/02/registry-junk-a-windows-fact-of-life.aspx Quote I haven't and never will implement a Registry cleaner since it's of little practical use on anything other than Win2K terminal servers and developing one that's both safe and effective requires a huge amount of application-specific knowledge. There has not been a real need for registry cleaners ever since Win XP and later o.s. came out. Also see http://miekiemoes.blogspot.ca/2008/02/registry-cleaners-and-system-tweaking_13.html Bonjour is a old add-on. You do not need it. Just Uninstall Bonjour. calibre 64bit v.6.7.0 Warning! Download Update Microsoft Silverlight v.5.1.50918.0 Warning! This software is no longer supported. Be real sure to uninstall this FileZilla Client 3.59.0 v.3.59.0 Warning! Download Update Microsoft OneDrive v.19.232.1124.0005 Warning! Download Update 7-Zip 21.07 (x64) v.21.07 Warning! Download UpdateUninstall old version and install new one. IrfanView 4.59 (32-bit) v.4.59 Warning! Download Update Zoom v.5.7.8 (1247) Warning! Download Update QuickTime 7 v.7.77.80.95 Warning! This software is no longer supported. Please uninstall it and use another software. Adobe AIR v.32.0.0.125 Warning! This software is no longer supported. Please uninstall it. Adobe Creative Cloud v.4.6.0.384 Warning! Download Update ph v.1.0.0 << Hidden Warning! This software is no longer supported. Please uninstall it. bl v.1.0.0 << Hidden Warning! This software is no longer supported. Please uninstall it. Adobe Acrobat Reader DC v.22.001.20117 Warning! Download Update^Please run Acrobat Reader DC and go Help - Check for updates...^ 1 Link to post Share on other sites More sharing options...
vimy100 Posted October 20, 2022 Author ID:1538738 Share Posted October 20, 2022 Thank you for all the good info. I am tied up the rest of today and all day tomorrow but will digest all you have said and act on the information on Saturday. Thank you for your kindness in offering to help and proffering sound advice. Just in response to your query... the main reason I used Glary is that I have over the years encountered situations where buttons or links etc disappear, or some app takes on a bizarre appearance and running Glary has restored them. I was at a loss at the time as to how I could fix the situation otherwise. That's why. Thank you again for your help. I really appreciate it very much. Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 21, 2022 ID:1538812 Share Posted October 21, 2022 You may delete SecurityCheck.exe. I believe your system is good to go. Consider using PatchMyPC, keep all your software up-to-date - https://patchmypc.com/home-updater#download Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware. SAFETY TIPS: Backup is your best friend. Keep backups of your system on a regular basis to offline storage & keep those safe. https://forums.malwarebytes.com/topic/136226-backup-software/ It is not enough to just have a security program installed. Each pc user needs to practice daily safe computer and internet use. Best practices & malware prevention: Follow best practices when browsing the Internet, especially on opening links coming from untrusted sources. First rule of internet safety: slow down & think before you "click". Never click links without first hovering your mouse over the link and seeing if it is going to an odd address ( one that does not fit or is odd looking or has typos). Free games & free programs are like "candy". We do not accept them from "strangers". Never open attachments that come with unexpected ( out of the blue ) email no matter how enticing. Never open attachments from the email itself. Do not double click in the email. Always Save first and then scan with antivirus program. Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed. Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next". Use a Standard user account rather than an administrator-rights account when "surfing" the web. See more info on Corrine's SecurityGarden Blog http://securitygarden.blogspot.com/p/blog-page_7.html Only using the Standard-access-level user account when surfing and downloading / installing would have been a tremendous way to prevent the infections of this machine. Don't remove ( or change ) your current login. Just use the new Standard-user-level one for everyday use while on the internet. Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware. For other added tips, read "10 easy ways to prevent malware infection" Stay safe. Link to post Share on other sites More sharing options...
Recommended Posts