Jump to content

Help, Pc is infected. Redirects - call this 1-800 number for help!


Recommended Posts

Redirect happened sometime last week - thought I just might've clicked a botched website - it happened again too on another website I frequent often. Takes me to a page that tells me in more or less words, my computer is massively infected and I need to call this number for help.

 

Attached are my logs, thanks so much!

 

scan_150921-122151.txt

FRST.txt

Addition.txt

Link to post
Share on other sites

Hello, my apologies for the delay. My name is Elise and I'll assist you with this issue.

 

It looks like you have some adware and PUPs on your computer, to make sure we target them all, please do the following.

Download AdwCleaner from here

Runt he tool by double clicking on it and accept the disclaimer. 

Pleae click the Scan button and wait for the scan to finish.

Once done, click the Report button and copy/paste the log in your next reply.

Link to post
Share on other sites

Please rerun AdwCleaner and this time click the Clean button to remove all found items.

 

Also, could you please tell me in which browser{s) you encounter the fake techsupport site and when you see it (for example when visiting certain sites)? The good news is that these usually are just URLs, it is possible this was cached by your browser which is why you return there, it usually does not mean anything malicious is actually active on your computer

Link to post
Share on other sites

I use Chrome, the first encounter was when I went to theasurus.com - an error on my part as I misspelled it. It redirected me to that site, and I just closed it. I encountered it again when helping my son navigate on the virtual pet website Neopets.com. 

 

I reran AdwCleaner and attempted to clean twice, both times the program became unresponsive when "cleaning the browsers". I attempted Ctrl Alt Delete, and recieved a error saying: "The logon process was unable to display security and logon options when ctrl alt delete was pressed." I had to manually turn off the PC both times. 

Link to post
Share on other sites

Hello,

I see you have online armor running. Please note that this is no longer being developed. If you have a license you can switch to Emsisoft Internet Security for free if you wish so.

 

Please press Windows key + R, type notepad and press enter.

Copy/paste the following text into Notepad and save it as fixlog.txt in the same location as FRST.

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1147485542-1954956844-167236107-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Now run FRST and click the Fix button. Post the resulting log.
 
Please let me know how everything is running now.
 
As for firefox, it appears your entire userprofile is still present, did you opt to remove this when you uninstalled it? If not and Firefox is uninstalled otherwise, you can remove the entire profile folder (in your case that is C:\Users\eMachines\AppData\Roaming\Mozilla\Firefox\Profiles\b9m90ox6.default).
Link to post
Share on other sites

What about this part? :)

Please let me know how everything is running now.
 
As for firefox, it appears your entire userprofile is still present, did you opt to remove this when you uninstalled it? If not and Firefox is uninstalled otherwise, you can remove the entire profile folder (in your case that is C:\Users\eMachines\AppData\Roaming\Mozilla\Firefox\Profiles\b9m90ox6.default).

 

 

Link to post
Share on other sites

I did go ahead and delete the firefox profile, thank you for helping me out with that!  And I haven't gotten a redirect - but they tend to be sporadic. Overall, computer just kinda feels like its struggling with something - maybe its just old and needs to be replaced. xD 

Link to post
Share on other sites

Please monitor it for a while to see the redirect reoccurs.

 

As for how the computer runs in general, I really recommend you to consider uninstalling Online Armor. No bug fixes and updates are being released for it, so if there is an issue that would cause it to influence how well your computer is running, this will not be fixed.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...