ksuthayya
New Member
- Joined
- May 25, 2017
- Messages
- 8
- Thread Author
-
- #1
Hi,
My PC was infected with some Malware a couple of days ago and since then I've just been scanning and deleting unwated programs and software. No matter which anti-virus/anti-malware programs I use to scan and then quarantine and delete the infected files, the damn Mystarting123 automatically finds its way back to Google Chrome as my default search engine. As long as it's there, it'll continue to infect my PC with other shit and hence I want it out asap.
What I've already tried:
- Malware Bytes Anti-Malware: Have run umpteen scans on safe mode and normal.
- HitmanPro 3 (Free): Same as above
- UnHackMe: Same as above (this was the only one that actually found the mystarting123 files and I clicked "fix", there was no delete option, but it clearly hasn't been fixed)
- Bitdefender: Mostly useless, but have scanned using it too
- I've used Revo uninstaller to remove programs
Before, 2 days ago, it was a lot worse. The virus had taken admin access and wouldn't let me install programs, access the task manager or shutdown my PC and enter safe mode. I managed to do all of that, remove most of the nonsense on safe mode but now it's back. Everything I do, every scan I run .. It's always waiting for me in Chrome. (IE and Edge seem unaffected).
Please please help. All the solutions online say download these softwares and run or check for suspicious programs and processes and in the registry and delete, but there's nothing with the same name or something ridiculous that's make me want to delete it, and I don't want to fuck up my PC even more by deleting some important registry files.
PC Specs:
- Lenovo Y510P (Model No - 20217)
- 8GB RAM
- NVIDIA GeForce GT755M
- Windows 10 Home, Version - 1511
- Intel Core i7-4700MQ CPU @2.4GHz
My PC was infected with some Malware a couple of days ago and since then I've just been scanning and deleting unwated programs and software. No matter which anti-virus/anti-malware programs I use to scan and then quarantine and delete the infected files, the damn Mystarting123 automatically finds its way back to Google Chrome as my default search engine. As long as it's there, it'll continue to infect my PC with other shit and hence I want it out asap.
What I've already tried:
- Malware Bytes Anti-Malware: Have run umpteen scans on safe mode and normal.
- HitmanPro 3 (Free): Same as above
- UnHackMe: Same as above (this was the only one that actually found the mystarting123 files and I clicked "fix", there was no delete option, but it clearly hasn't been fixed)
- Bitdefender: Mostly useless, but have scanned using it too
- I've used Revo uninstaller to remove programs
Before, 2 days ago, it was a lot worse. The virus had taken admin access and wouldn't let me install programs, access the task manager or shutdown my PC and enter safe mode. I managed to do all of that, remove most of the nonsense on safe mode but now it's back. Everything I do, every scan I run .. It's always waiting for me in Chrome. (IE and Edge seem unaffected).
Please please help. All the solutions online say download these softwares and run or check for suspicious programs and processes and in the registry and delete, but there's nothing with the same name or something ridiculous that's make me want to delete it, and I don't want to fuck up my PC even more by deleting some important registry files.
PC Specs:
- Lenovo Y510P (Model No - 20217)
- 8GB RAM
- NVIDIA GeForce GT755M
- Windows 10 Home, Version - 1511
- Intel Core i7-4700MQ CPU @2.4GHz
Solution
ksuthayya
New Member
- Joined
- May 25, 2017
- Messages
- 8
- Thread Author
-
- #2
My recent post on Lenovo forums (yday) - Re: Recently had a Malware Infection & now I don't have admin access to install/uninstall & - Lenovo Community
ksuthayya
New Member
- Joined
- May 25, 2017
- Messages
- 8
- Thread Author
-
- #4
Remove it from Safe Mode? Okay, how? Using what tool? As I've said before, I have deleted and uninstalled everything using safe mode before and it just comes back. Do you have something specific in mind? If I can simply change my default browser from Chrome, which wont open of safe mode though, what're the chances that it'll simply come back?
- Joined
- Jul 4, 2015
- Messages
- 8,998
ksuthayya
New Member
- Joined
- May 25, 2017
- Messages
- 8
- Thread Author
-
- #6
@Neemobeer, you didn't bother reading my post, did you?
The steps mentioned in the link you posted are the EXACT same steps as I've already taken and done MULTIPLE TIMES.
I have downloaded and run all those programs. I have restored Google Chrome's settings, hell I've even reinstalled Chrome!
The steps mentioned in the link you posted are the EXACT same steps as I've already taken and done MULTIPLE TIMES.
I have downloaded and run all those programs. I have restored Google Chrome's settings, hell I've even reinstalled Chrome!
- Joined
- Jul 4, 2015
- Messages
- 8,998
You can also uninstall Chrome, then remove the UserData from your profile and any lingering Chrome data in C:\ProgramData then re-install. If you have an account linked to Chrome this also could be pulling down sync'd settings.
ksuthayya
New Member
- Joined
- May 25, 2017
- Messages
- 8
- Thread Author
-
- #9
Yep, that's what I think. Hence I'm looking for other advice/soltuions to make sure it goes once and for all, properly. I need help identifying what's bringing it back.
I do have an account linked to Chrome, so you're saying that after a clean install of Chrome I shouldn't ever log into Chrome again?
I do have an account linked to Chrome, so you're saying that after a clean install of Chrome I shouldn't ever log into Chrome again?
- Joined
- Jul 4, 2015
- Messages
- 8,998
I'd start by removing Chrome and any remaining config in %LOCALAPPDATA% and C:\ProgramData. Then install Chrome without signing in and confirm it's gone. If it is then login to google and see if it pulls down. If it pulls down you can clear out Chrome sync from here https://www.google.com/settings/chrome/sync
ksuthayya
New Member
- Joined
- May 25, 2017
- Messages
- 8
- Thread Author
-
- #13
Thanks to UnHackMe and Rogue Killer I've (temporarily) removed the issue.
The virus actually found its way back even after running those 2 again on safe mode. On opening Chrome and signing back into Chrome, weirdly it'd come back only after going to Settings, it'd show up as my default search engine. Anyhow, I decided to use Revo Uninstaller to completely remove Chrome and reinstall it. ON doing so, the issue has been controlled for now. I haven't signed into my Chrome yet. Note, Chrome sync had been cleared and turned off before the uninstall.
I'm contemplating a clean install of Win from a USB and then and only then trying to sign-into Chrome. I need all the data that is in my partitioned drives apart from C. What do you think?
The virus actually found its way back even after running those 2 again on safe mode. On opening Chrome and signing back into Chrome, weirdly it'd come back only after going to Settings, it'd show up as my default search engine. Anyhow, I decided to use Revo Uninstaller to completely remove Chrome and reinstall it. ON doing so, the issue has been controlled for now. I haven't signed into my Chrome yet. Note, Chrome sync had been cleared and turned off before the uninstall.
I'm contemplating a clean install of Win from a USB and then and only then trying to sign-into Chrome. I need all the data that is in my partitioned drives apart from C. What do you think?
kemical
Essential Member
- Joined
- Aug 28, 2007
- Messages
- 36,176
Personally I'd try a few more AV scans like this one:
Online Malware Detection
Or try a free trial such as this one.
https://www.kaspersky.co.uk/downloads/thank-you/internet-security-free-trial
Whenever you've ran a scan do you always right click and 'run as admin'?
ksuthayya
New Member
- Joined
- May 25, 2017
- Messages
- 8
- Thread Author
-
- #15
@kemical, Yep, always ran as admin.
Just did a clean install, all looks good!
Thanks a lot for your time everyone.
For anyone else that has this problem: In safe mode - Malware Bytes Anti Malware + Rogue Killer (+ UnHackMe optional). Then use Revo Uninstaller to remove and uninstall all browsers affected (use Advanced search). Before uninstalling Chrome, make sure your Chrome sync has been erased and turned off. You should be good. On the safe side, clean install Windows too!
Just did a clean install, all looks good!
Thanks a lot for your time everyone.
For anyone else that has this problem: In safe mode - Malware Bytes Anti Malware + Rogue Killer (+ UnHackMe optional). Then use Revo Uninstaller to remove and uninstall all browsers affected (use Advanced search). Before uninstalling Chrome, make sure your Chrome sync has been erased and turned off. You should be good. On the safe side, clean install Windows too!
kemical
Essential Member
- Joined
- Aug 28, 2007
- Messages
- 36,176
Good job!
- Joined
- Jan 28, 2013
- Messages
- 2,419
2nd only to Rebooting your PC in fixing ALL kinds of computer problems, Clean Installs are a boon to mankind! Or perhaps, Cyberkind!
We recommend them very frequently when all else fails, or sometimes, even if they don't.
Best,
<<<BIGBEARJEDI>>>
We recommend them very frequently when all else fails, or sometimes, even if they don't.
Best,
<<<BIGBEARJEDI>>>
Similar threads
- Solved
- Question