|
Post by glorywriter on Jul 18, 2014 22:36:04 GMT -8
After restarting Chrome, the google search worked for about 10 searches. Then it started redirecting to us.yhs4.search.yahoo.com/yhs again, and has Looksafe Yahoo showing in the tab title on top.
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jul 18, 2014 22:54:12 GMT -8
|
|
|
Post by glorywriter on Jul 19, 2014 9:51:39 GMT -8
I followed the steps to reset Chrome. I also deleted almost all of my bookmarks because I never used them (I did this before resetting Chrome if it matters). Now, when I do searches, it no longer redirects me. I did numerous searches to check, and all remained at Google.
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jul 19, 2014 16:06:39 GMT -8
On with step 4, Complete system check for any file and cleanup of items and tools used. Special attention to the different settings I have asked for below You can leave Norton Enabled even though ESET may warn about it. just makes the scan take longer. The pictures below showing what to click may be blue instead of green on the ESET website now, but the procedure is still the same Please read carefully and Slowly, Notice all the settings listed below to check before starting the scan. Take note of the NO tick in the Remove found threats setting below at it needs to have the tick removed.
Hold down Control and click on the following link to open ESET OnlineScan in a new window. ESET OnlineScan
Click the For alternate browsers only: (Microsoft Internet Explorer users can skip these steps) Click on Posted Image to download the ESET Smart Installer. Save it to your desktop. Double click on the icon on your desktop. Check Click the button. Accept any security warnings from your browser. Under scan settings, check and DON'T (NO) check Remove found threats (reason for this is we don't want something deleted and then Windows won't load).
Click Advanced settings and select the following: Scan potentially unwanted applications Scan for potentially unsafe applications Enable Anti-Stealth technology
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. Attach the resulting log in your next reply The scanner screen gives me the option of saving the results to a .txt file as part of the options after the scan has finished. Screenshot of part of the finished scan dialog box by ESET showing the options. List found threats and at the bottom of the listings is the options to save the list. Quads
|
|
|
Post by glorywriter on Jul 19, 2014 20:02:30 GMT -8
I have finished the scan. The results were as follows:
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Linkey\module.dll.vir a variant of Win32/AdWare.Bandoo.AE application
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jul 19, 2014 20:07:05 GMT -8
Download OTL www.bleepingcomputer.com/download/otl/ On to the Desktop Click on the Blue Button on the download page Download Now @ Authors Site Disable your AV for say 30mins or More Start OTL, (Right click and from the menu choose "Run as Administrator") Click the Scan All Users checkbox. Change file age to 90 days Press the An OTL.txt and extras.txt will be created. To attach back in a post Quads
|
|
|
Post by glorywriter on Jul 19, 2014 20:52:39 GMT -8
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jul 19, 2014 21:40:34 GMT -8
In the Control panel => Programs => Uninstall
Uninstall in the list of programs
"ESET Online Scanner" = ESET Online Scanner v3
I have to script for the rest, In your case am using the OTL, and ESET logs
Quads
|
|
|
Post by glorywriter on Jul 19, 2014 21:54:52 GMT -8
Ok, uninstalled the ESET Online Scanner" = ESET Online Scanner v3 .
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jul 19, 2014 21:59:05 GMT -8
Start OTL, Right click "Run as Administrator" Under Copy and paste What I have put in the .txt file I have attached, all the way to the bottom ([REBOOT] is the last command line) , It is in the correct line by line layout as it is to be for OTL to understand, what I want it to do. (include the : at the start of :OTL and all the way to the end / bottom) and run the script. (Red Run Fix Button) The output log, should be placed in the C:\_OTL\MovedFiles folder after, to attach back here. Looks like a txt file not a Folder Quads
|
|