Jump to content

Browser hijacker keeps coming back

princessjazzy
 Share

Recommended Posts

princessjazzy

princessjazzy

Posted
Posted

I received some help on this forum very recently relating to virus removal, and for a day, the malware was gone. However, it returned this afternoon, and I want to know if there's anything I can do to make sure it's gone for good. I've been dealing with this since April, and I haven't been able to remove it for more than two weeks or so. If there's anyone that can help me out, I'd be very appreciative!

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Hello @princessjazzy

Please get us some new logs to review.

 

 

Scan with SecurityCheck by glax24
https://forums.malwarebytes.com/topic/307301-scan-with-securitycheck-by-glax24/


Scan with FSS Farbar Service Scanner
https://forums.malwarebytes.com/topic/306736-scan-with-fss-farbar-service-scanner/


Scan with Farbar Recovery Scan Tool
https://forums.malwarebytes.com/topic/306601-scan-with-farbar-recovery-scan-tool/


Scan with Malwarebytes
https://forums.malwarebytes.com/topic/304827-scan-with-malwarebytes/


Scan with AdwCleaner
https://forums.malwarebytes.com/topic/304822-scan-with-adwcleaner/

 

 

Thank you

 

 

  • Thanks 1
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Thank you for the logs @princessjazzy

Windows appears to be missing a security file.

Let me have you do the following please.

[ 1 ]

Please create a NEW System Restore Point  

Turn On or Off System Protection for Drives in Windows 11
https://www.elevenforum.com/t/turn-on-or-off-system-protection-for-drives-in-windows-11.3598/

Create System Restore Point in Windows 11
https://www.elevenforum.com/t/create-system-restore-point-in-windows-11.3602/

 

[ 2 ]
Please show me a LOG and / or Screenshot of the block

 

[ 3 ]

Please make sure you have your license key for Avast software and deactivate it. Then uninstall it temporarily

Then RESTART the computer and get me a new set of the above logs again.

 

 

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

No, I'm looking for a log or screenshot or both that show the ALERT or BLOCK you say has returned.

How do you know there is something wrong?

 

The current logs also show that Avast has not been removed yet. But, please send me a log or screenshot before uninstalling Avast

 

Link to post
Share on other sites
princessjazzy

princessjazzy

Posted
  • Author
Posted

Oh, I apologize for my misunderstanding. I can tell the malware has returned because I keep seeing extensions on my chrome that I've never downloaded, and I'm being told that my browser is managed. When the virus is on my computer, my searches also get redirected to different browsers such as Bing or Yahoo and my chrome tabs sometimes crash.

Screenshot 2024-07-22 210931.png

Screenshot 2024-07-22 210942.png

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Okay, this looks like Google Chrome

Please do the following and be extensive about cleaning Google Chrome. For now, do not uninstall Avast.

 

Please follow the directions from the following topic for a more extensive article on cleaning Google Chrome

Resetting Google Chrome to clear unexpected issues
 

Thank you

 

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

The Farbar (FRST) program is located here in your downloads folder:  

Please follow the process below to perform a fix in Safe Mode

 

Start in Safe mode:

  • Press the Windows icon on the keyboard together with the letter I, to get into the Settings.
  • Choose Update and Security.
  • From the menu at the left, choose Recovery.
  • Under the title Advanced startup at the right, choose Restart now.
  • From the window that will appear choose Troubleshoot and then Advanced options.
  • Choose Startup Settings and then Restart.
  • Press number 5, for choosing Safe mode with networking.
  • You will know that you are in Safe mode, if the background is black and Safe mode is written at the four corners of the screen.


After that:

Please do the following to run a FRST fix.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.

  

Start::
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction
GroupPolicy: Restriction
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

End::

 

  • Right-click on FRSTEnglish in your Downloads folder, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt in your Downloads folder or where you have the Farbar program located.
  • Attach that log in your next reply.
 
Thank you
 
 
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Great that log looks good.

Were you able to complete the Google Chrome cleanup now? @princessjazzy

 

Please RESTART the computer one more time. Then get me ALL NEW scan logs.

 

Scan with SecurityCheck by glax24
https://forums.malwarebytes.com/topic/307301-scan-with-securitycheck-by-glax24/


Scan with FSS Farbar Service Scanner
https://forums.malwarebytes.com/topic/306736-scan-with-fss-farbar-service-scanner/


Scan with Farbar Recovery Scan Tool
https://forums.malwarebytes.com/topic/306601-scan-with-farbar-recovery-scan-tool/


Scan with Malwarebytes
https://forums.malwarebytes.com/topic/304827-scan-with-malwarebytes/


Scan with AdwCleaner
https://forums.malwarebytes.com/topic/304822-scan-with-adwcleaner/

 

 

Thanks

 

 

 

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.