Got a virus, need help.

[Peterw42]

Also installing flash and enabling flash within chrome are 2 different things.

 

To enable Flash for all websites, open your Chromebrowser and type chrome://settings/content in the address bar, then press enter. Then on the Content Settings page, scroll down to Flash and select the button next to 'Allow sites to run Flash'

 

https://support.google.com/chrome/answer/6258784

Edited November 17, 2017 by Peterw42

[Bri19000]

Golden Triangle I recommend trying Comodo Cleaning Essentials.

 

https://www.comodo.com/business-security/network-protection/cleaning-essentials.php

 

It's been a great fallback for me on a few occasions.

 

Just download the appropriate version - 32 / 64 bit and unzip to a new folder on your desktop.

There are 3 programs in the folder: CCE, Autoruns, Killswitch.

 

You'll want to run CCE -  run a full scan of your system - see what it brings up.

[BuaBS]

I don't believe it . Microsoft says Windows 10 is the safest windows yet ! And windows defender is enough to keep your updated OS clean and safe .

[amvet]

Tell us how you uninstall and reinstall Win 10.  I would assume you are not doing a clean install.  Don't open chrome on a clean install and use the Windows browser Edge or another one.  Forget the spy hunter thing.  Do a clean install and don't load anything else.  You can go back in later and add things.  You will have defender after a clean install. 

Edited November 17, 2017 by amvet

[amvet]

12 minutes ago, BuaBS said:

I don't believe it . Microsoft says Windows 10 is the safest windows yet ! And windows defender is enough to keep your updated OS clean and safe .

Not true.  My Win 10 has been taken over 3 times by other programs that loaded without my knowledge or permission while I was running Defender.  I had to re load my whole system to an earlier date.  The last time I was updating firmware on a bluetooth device and lost my ability to control anything.  I had to unplug the computer to turn it off. 

Edited November 17, 2017 by amvet

[JSixpack]

1 hour ago, Meljames said:

 

I'd run the Malwarebytes like the above says, if that doesn't get it, run  adwcleaner, superantispyware and hitman pro. You can down load free versions of them in a matter of minutes. If it's a malware problem one of them should catch it.

 

1 hour ago, Jdietz said:

Read this article about the cause and removal:

 

https://malwaretips.com/blogs/remove-fake-flash-player-update/

 

 

^^These. Take a look at your browser extensions and plugins and remove any suspicious or not needed. Also just look in Add/Remove Programs and see if anything looks suspicious. Funnily enough some malware has an uninstall.  Certainly worth a look at your DNS servers. 

 

I suggest you run the malware scans in Safe mode, not connected to the internet. BTW, first thing would be to do a cleanup, either via disk cleanup or, better, CCleaner, which will cleanup the browser cache as well. Scans will go a bit faster and might even help get rid of the malware.

 

So let us know the results of all this.

 

Edited November 17, 2017 by JSixpack

[BuaBS]

8 minutes ago, amvet said:

Not true.  My Win 10 has been taken over 3 times by other programs that loaded without my knowledge or permission while I was running Defender.  I had to re load my whole system to an earlier date.  The last time I was updating firmware on a bluetooth device and lost my ability to control anything.  I had to unplug the computer to turn it off. 

It was sarcasm amvet ! I 'm still on winXP with no problems , but I don't click on dodgy links to install adobe flash player ....

Hey amvet , they need your input on your favorite subject : https://www.thaivisa.com/forum/topic/1011646-teenager-dies-after-rolling-onto-broken-iphone-cable-in-her-sleep/?tab=comments#comment-12457058

[JSixpack]

2 hours ago, Jdietz said:

Read this article about the cause and removal:

 

https://malwaretips.com/blogs/remove-fake-flash-player-update/

 

 

Bit more helpful guide along the same lines here:

 

https://www.bleepingcomputer.com/virus-removal/remove-fake-flash-player-update-popup

 

One guy fixed his problem miraculously by simply going into incognito mode once, then back into normal mode:

 

Launching Chrome Incognito

--------------------

• Press the Windows Key + R at the same time
• Type in chrome --incognito and press Enter
• Check the browser behavior

===================================================

 

If the popup goes away in incognito mode, but then comes back, then the next step would be to disable the extensions one by one to see if the problem arises from one of them.

 

 

Edited November 17, 2017 by JSixpack

[NanLaew]

2 hours ago, Here It Is said:

No high horse needed.  I merely stated you don't have this nonsense on a Mac.  Up to you.

 

That's two, totally unhelpful Mac cock waves in the space of a few hours. You're on a roll!

 

1 hour ago, RichCor said:

Looks to me like your Windows 10 is infected with Windows 7, (at least that's what you posted in the screenshot).

Maybe the OP has one of those much sought after but AFAIK virtually unobtainable but far too fidgety anyway Win 7 shells for Win 10?

 

But I doubt it.

 

1 hour ago, Peterw42 said:

OP, spyhunter 4 is a rouge antivirus program (false results so you buy it), thats why malwarebytes is blocking it.

Google it, lots of reputable malware removal sites say its rubbish. 

 

Remove it, malware bytes then hitman pro.

Spyhunter is worse than a herpes breakout on a hot date. Made the mistake of installing that dross when pursuing what was ultimately a corrupt Win 7 update registry issue. It took a claw-hammer, a breaker bar and an act of Congress to uninstall the bugger.

[Golden Triangle]

I really really do appreciate all your input people, and thank you very much, a lot of it is way above my understanding but I do know that my mate will be checking this thread in the morning as he keeps normal hours  

 

Just to show what I mean I will post below a screenshot of this page showing the fact that pages are not loading as they should, once again many thanks, any other thoughts or helpful tips all welcome.

 

Oh, by the way I nearly forgot, I am currently on a Windows 7 machine at the moment as my mate has my windows 10 machine at his place.

 

 

[Bri19000]

Good luck, buddy..

[steven2018]

Malwarebytes subscription (about $25 USD annually), monitors activity in real-time and Winpatrol, monitors programs trying to modify areas of the OS. Keep your computer basic, all these add-ons are asking for trouble.

 

To restore Windows 10, you can use the restore feature of the software, if you haven't been doing so.

 

Sent from Android using Tapatalk

 

 

 

 

[Golden Triangle]

One more bit of info I thought about overnight, the machine I am using at the moment is using Windows 7 ultimate, until a couple of weeks ago this computer had never had a browser or FaceBook loaded on it, only when I loaded my Chrome browser and FaceBook did the problems begin. Just another part of the jigsaw.

[maxpower]

22 minutes ago, Golden Triangle said:

One more bit of info I thought about overnight, the machine I am using at the moment is using Windows 7 ultimate, until a couple of weeks ago this computer had never had a browser or FaceBook loaded on it, only when I loaded my Chrome browser and FaceBook did the problems begin. Just another part of the jigsaw.

Google is re-installing your infected browser setup each time you do a clean install.

You need to sync a clean Chrome setup to your Google account.

Edited November 18, 2017 by maxpower

[Meljames]

1 hour ago, Golden Triangle said:

 until a couple of weeks ago this computer had never had a browser or FaceBook loaded on it, only when I loaded my Chrome browser and FaceBook did the problems begin. Just another part of the jigsaw.

Never had a browser? So it's probably never been connected to the internet. Via internet is where most viruses come from...unless you plugged in an infected USB device.

 

Check your browsing habits,  stay away from dodgy sites, porn etc..... Also be careful opening attachments in emails. If it's not from a trusted source don't open it.

 

Pretty sure if you run the malware programs listed on this thread, you'll fix the problem. Just a matter of finding the right one.

 

 

 

Edited November 18, 2017 by Meljames

[Here It Is]

11 hours ago, steven2018 said:

Malwarebytes subscription (about $25 USD annually)

For existing customers $25 annually and a whopping $39.99 (£29.99) for new customers. 

 

Glad I purchased on special offer at £16.96 for lifetime license back in 2012 as do utilise it on my Thai PC.

 

Anyway, I do know of one website selling a lifetime license for £27.90 and appears legit, though you can make up your own mind.  Also has top ranking on TrustSpot (PM me if you want the URL (accepts PayPal)).

 

 

Edited November 18, 2017 by Here It Is

[steven2018]

For existing customers $25 annually and a whopping $39.99 (£29.99) for new customers. 
 
Glad I purchased on special offer at £16.96 for lifetime license back in 2012 as do utilise it on my Thai PC.
 
Anyway, I do know of one website selling a lifetime license for £27.90 and appears legit, though you can make up your own mind.  Also has top ranking on TrustSpot (PM me if you want the URL (accepts PayPal)).
 
 

Wow, did not know the price went up. I have had my subscription for a few years. Still I feel it is a good product.

Sent from Android using Tapatalk

[steven2018]

I got into computers in the late 1980's when I built my own computer (IBM DOS) . Have been a 'fanboy' ever since. They are easy to fix and work with. Keep your computer clean and it will be a clean machine.

 

My brother and his wife are Mac fans. I have used Apple products before, yet still prefer the Windows environment - even have a Windows phone.

 

Sent from Android using Tapatalk

 

 

 

 

[JSixpack]

9 minutes ago, steven2018 said:

I got into computers in the late 1980's when I built my own computer (IBM DOS) . Have been a 'fanboy' ever since. They are easy to fix and work with. Keep your computer clean and it will be a clean machine.

 

Agreed. PCs have always offered so many possibilities, hardware and software-wise. Linux may be more fun to mess around with than Windows, but the applications that run under Windows are just the most advanced, interesting, and useful for ordinary users.

[Scott]

Off-topic posts and replies removed.  

[Golden Triangle]

Hi all, just got my laptop back, everything was cleaned out and reinstalled, but just like before as soon as I log into my GMail account or Google Chrome the bloody thing comes back, we have just been through the extensions in Chrome and can't find anything suspicious in there, any ideas anyone ??  

[RichCor]

As the issue really appears to be when you're logging chrome into your google account, I'd suggest you set your Google Account not to sync, for now, then do further testing to see if your google account is the culprit.

 

See the following support.google.com page:

Get your bookmarks, passwords & more on all your devices

Customize what info is synced

When you sign in to Chrome, all your profile information is saved to your Google Account. If you don't want to sync everything, you can change what info is saved.

1. On a trusted computer, open Chrome.
2. At the top right, click More   Settings.
3. At the top, under "People," click Sync.
4. Turn on the info you want to sync.

 

 

 

 

 

Then reset Chrome.

SETTINGS ... (scroll to bottom) > ADVANCED (scroll to bottom) RESET

 

Reboot your PC.

Depending on the malware in play, you may need to run utilities to clean your machine. And with the sync turned off, logging into Chrome shouldn't recreate the issue.

[Golden Triangle]

2 hours ago, RichCor said:

As the issue really appears to be when you're logging chrome into your google account, I'd suggest you set your Google Account not to sync, for now, then do further testing to see if your google account is the culprit.

 

See the following support.google.com page:

Get your bookmarks, passwords & more on all your devices

Customize what info is synced

When you sign in to Chrome, all your profile information is saved to your Google Account. If you don't want to sync everything, you can change what info is saved.

1. On a trusted computer, open Chrome.
2. At the top right, click More   Settings.
3. At the top, under "People," click Sync.
4. Turn on the info you want to sync.

 

 

 

 

 

Then reset Chrome.

SETTINGS ... (scroll to bottom) > ADVANCED (scroll to bottom) RESET

 

Reboot your PC.

Depending on the malware in play, you may need to run utilities to clean your machine. And with the sync turned off, logging into Chrome shouldn't recreate the issue.

Hi RichCor, I tried that, unfortunately it didn't work, but thanks for your input, it was much appreciated.

 

I am now going to throw this open to all you PC experts out there, would someone, anyone, be willing to take my laptop or even work on at at my place food and drink provided and a reasonable fee paid for a successful completion of getting my laptop free of this <deleted> thing 

 

PS: I'm in Pattaya on the darkside.

[RichCor]

What that was supposed to do is prevent the automatic loading of stuff from your google account upon login.

If your computer is currently affected with an issue, this won't solve it on it's own.

 

While you can try cleaning your chrome profile, it would probably just be quicker to UNINSTALL chrome, UNINSTALL Flash (if it reloaded), restart the computer, run a few cleanup utilities (adwcleaner, ccleaner), and reboot once again.

 

Then first test using another browser (firefox, opera, whatever) to see if that browser gets hijacked or hijacks your computer when you use gmail or run your game.

 

If the computer then behaves, you can reinstall chrome if desired and retest.

 

Also, in a previous post, ThaiVisa user MaxPower brought up DNS hijacking. So if would be a good idea to verify your computer is being furnished with either actual ISP DNS or custom DNS entries to resolve URLs and not rogue DNS IP addresses that can redirect or set up "man in the middle" situations with your internet connections. 

[Meljames]

I just re-read your OP. Maybe all you need is  adblock. Easy to add if you don't already have it.

 

And run adwcleaner. 

Edited November 24, 2017 by Meljames

[steven2018]

I would do a full recovery of the PC, after the recovery install Malwarebytes, run that and then install a fresh copy of Fire Fox browser and see where you are at. IMO you don't need Chrome to navigate the internet. If it is bookmarks, just revisit those sites on Fire Fox and rebookmark. Keep it simple.

 

Get a copy online of WinPatrol, it will inform you of what is attempting to install on your computer.

 

Once you get this all sorted, run Malwarebytes weekly.

 

Sent from Android using Tapatalk

 

 

 

 

[Golden Triangle]

^^^^^^ Hi steven2018, thanks for that I did use Fire Fox maybe 8 years back, always liked it will maybe check it out in the near future 

[WorriedNoodle]

On 11/24/2017 at 8:23 PM, Golden Triangle said:

maybe check it out in the near future

Did you ever solve this I wonder.

Recently I had another redirect virus that kept opening a search page on any browser I started. I use Win10 with built in security turned on all times. It didn't stop this. Neither could free Malware Bytes or  Adware Cleaner fix it. I tried Zemana Anti Malware and Hitman Pro as well with no luck.

 

Then I tried UnHackMe which has a 30 day free trial and it fixed it and a few other things immediately with step by step user inputs to confirm along the way. It seems like a very useful app to revert to if things get tricky but left me wondering how the heck a small app like this manages to fix things the bigger products do not? 

[Golden Triangle]

2 hours ago, WorriedNoodle said:

Did you ever solve this I wonder.

Recently I had another redirect virus that kept opening a search page on any browser I started. I use Win10 with built in security turned on all times. It didn't stop this. Neither could free Malware Bytes or  Adware Cleaner fix it. I tried Zemana Anti Malware and Hitman Pro as well with no luck.

 

Then I tried UnHackMe which has a 30 day free trial and it fixed it and a few other things immediately with step by step user inputs to confirm along the way. It seems like a very useful app to revert to if things get tricky but left me wondering how the heck a small app like this manages to fix things the bigger products do not? 

Thanks for that info, I think I will give it a try now, I will let you know how I get on. 

[BuaBS]

4 hours ago, WorriedNoodle said:

Recently I had another redirect virus that kept opening a search page on any browser I started. I use Win10 with built in security turned on all times. It didn't stop this. Neither could free Malware Bytes or  Adware Cleaner fix it. I tried Zemana Anti Malware and Hitman Pro as well with no luck.

 

What are you guys doing with your computer ?

> 11 years on win XP and I have never had a serious attack , virus , malware or browser redirect . This year I had 1 warning of a virus , that was swiftly removed.