Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




34 posts

Geek
+1 received by user: 1


# 210506 30-Mar-2017 13:44
Send private message

Hi Geekzone,

 

I had a virus on my work computer this one: https://www.bleepingcomputer.com/news/security/chrome-users-targeted-with-malware-via-new-font-wasnt-found-technique/

 

I used Adaware and Malwarebytes to remove it. Most of it is but I still have a spam message that comes up on Chrome when I start my computer.

 

How do I remove the last bit?

 

Also since that folders open in a new window so keeps opening heaps in new windows, all my PDF/Excel/word files have been corrupted. Also when I save a file I can save it anywhere on my computer some path are missing like if I want to save on disk D: I can only save on the root cause I don't see the folders.

 

I've done a Registry check and found nothing.

 

How can I fix all that?

 

 

 

Cheers,


Create new topic
1861 posts

Uber Geek
+1 received by user: 548


  # 1750700 30-Mar-2017 13:49
2 people support this post
Send private message

Format

1908 posts

Uber Geek
+1 received by user: 460

Trusted
Subscriber

  # 1750709 30-Mar-2017 14:05
2 people support this post
Send private message

sys restore?





________

 

Antonios K

 

Click to see full size


 
 
 
 


5561 posts

Uber Geek
+1 received by user: 1560

Moderator
Trusted
Lifetime subscriber

  # 1750713 30-Mar-2017 14:16
Send private message

If it's your work computer is it your responsibility to do all that?  I'd give it to your IT staff.




34 posts

Geek
+1 received by user: 1


  # 1750716 30-Mar-2017 14:20
Send private message

gehenna:

 

If it's your work computer is it your responsibility to do all that?  I'd give it to your IT staff.

 

 

 

 

I'd like to do it myself if possible and I'm propably the one with the best IT knowledge in my company (8 people).


1861 posts

Uber Geek
+1 received by user: 548


  # 1750720 30-Mar-2017 14:23
One person supports this post
Send private message

Sounds like you need an IT review.

8078 posts

Uber Geek
+1 received by user: 856

Subscriber

  # 1750776 30-Mar-2017 16:45
Send private message

I remember a similar problem about two years ago and used Adwcleaner to remove any crap that was left ..





Regards,

Old3eyes


Mad Scientist
20461 posts

Uber Geek
+1 received by user: 2790

Trusted
Lifetime subscriber

  # 1750799 30-Mar-2017 17:40
Send private message

i'd run Avast boot scan. not sure if that's the right way but that's what I'd do. backup first though.





Swype on iOS is detrimental to accurate typing. Apologies in advance.


 
 
 
 


997 posts

Ultimate Geek
+1 received by user: 652

Trusted

  # 1750801 30-Mar-2017 17:42
Send private message

Check for Chrome extensions. 

 

I've recently seen adware load 'legit' extensions to Chrome & Firefox which aren't detected by Malwarebytes and the like.


14887 posts

Uber Geek
+1 received by user: 2794

Trusted
Subscriber

  # 1750802 30-Mar-2017 17:43
One person supports this post
Send private message

Restore from backup or reinstall. I use Macrium Reflect for OS backups.


961 posts

Ultimate Geek
+1 received by user: 197

Trusted

  # 1750864 30-Mar-2017 19:50
Send private message

shakedown14:

 

gehenna: If it's your work computer is it your responsibility to do all that?  I'd give it to your IT staff. 

 

 I'd like to do it myself if possible and I'm propably the one with the best IT knowledge in my company (8 people). 

 

 

 

The best way is to wipe the device and re-install the OS. That way is the best to guarantee that nothing malicious was left behind / overlooked.

 

If you really want to try a clean-up, back up your data and start with these

 

  • In Win8 / Win10, run Task Manager and look at the Start Up tab. Disable everything that you don't believe should be there. IF you are unsure, rather disable and see if anything breaks.
  • In Win7 / Win8 / Win10 you can run MSCONFIG.EXE and again from the Start Up tab, disable everything, reboot several times and only enable broken functionality related items. On the Services tab, hide all Microsoft related services and again disable everything, reboot and then only enable broken functionality.
  • More low level, look at the Registry (Beware!!! Take care! Approach with caution!) Right click on a folder / key in the left hand navigation tree and export to a .reg file before making any changes.

     

    • Browse to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and delete non-required entries
    • Browse to HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run and delete non-required entries
    • Browse to HKEY_LOCAL_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and delete non-required entries
    • Browse to HKEY_LOCAL_USER\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run and delete non-required entries
  • Disable extensions / add-ons in all installed browsers
  • Failing all of that, try to roll-back to a previous restore point before the infection by running RSTRUI.exe
  • In Win8 / Win10 you can try to "reset" your PC from Start -> Settings -> Update & Security -> Recovery -> Reset PC. This effectively will "re-install" Windows while leaving your files intact.
  • In Win8 / Win10 you can try to "refresh" your PC from Start -> Settings -> Update & Security -> Recovery -> Advanced Start-up. This will "re-install" Windows completely and wipe everything else out.




Please keep this GZ community vibrant by contributing in a constructive & respectful manner.


1373 posts

Uber Geek
+1 received by user: 326


  # 1750867 30-Mar-2017 19:54
One person supports this post
Send private message

+1 System restore is surprisingly pretty effective in general at getting rid of malware.




34 posts

Geek
+1 received by user: 1


  # 1757606 6-Apr-2017 15:01
Send private message

Thanks guys I think I'll give a try to the "Reset this PC" option that Windows 10 gives you. Apparently restore system to factory without touching documents.


6615 posts

Uber Geek
+1 received by user: 2293
Inactive user


  # 1757625 6-Apr-2017 15:03
Send private message

timmmay:

 

Restore from backup or reinstall. I use Macrium Reflect for OS backups.

 

 

 

 

+1 for Macrium reflect, You can also load the ISO into Hyper V or VMWare and troubleshoot the drive in a "sandbox".
If successful re flash the HDD with the new image and boom!


Mad Scientist
20461 posts

Uber Geek
+1 received by user: 2790

Trusted
Lifetime subscriber

  # 1757635 6-Apr-2017 15:07
Send private message

shakedown14:

 

Thanks guys I think I'll give a try to the "Reset this PC" option that Windows 10 gives you. Apparently restore system to factory without touching documents.

 

 

Depending on how much you value your "documents", I'd back them up, but treat the backup as an infected drive.





Swype on iOS is detrimental to accurate typing. Apologies in advance.


Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Dunedin selects Telensa to deliver smart street lighting for 15,000 LEDs
Posted 18-Jul-2019 10:21


Sprint announces a connected wallet card with built-in IoT support
Posted 18-Jul-2019 08:36


Educational tool developed at Otago makes international launch
Posted 17-Jul-2019 21:57


Symantec introduces cloud access security solution
Posted 17-Jul-2019 21:48


New Zealand government unveils new digital service to make business easier
Posted 16-Jul-2019 17:35


Scientists unveil image of quantum entanglement
Posted 13-Jul-2019 06:00


Hackers to be challenged at University of Waikato
Posted 12-Jul-2019 21:34


OPPO Reno Z now available in New Zealand
Posted 12-Jul-2019 21:28


Sony introduces WF-1000XM3 wireless headphones with noise cancellation
Posted 8-Jul-2019 16:56


Xero announces new smarter tools, push into the North American market
Posted 19-Jun-2019 17:20


New report by Unisys shows New Zealanders want action by social platform companies and police to monitor social media sites
Posted 19-Jun-2019 17:09


ASB adds Google Pay option to contactless payments
Posted 19-Jun-2019 17:05


New Zealand PC Market declines on the back of high channel inventory, IDC reports
Posted 18-Jun-2019 17:35


Air New Zealand uses drones to inspect aircraft
Posted 17-Jun-2019 15:39


TCL Electronics launches its first-ever 8K TV
Posted 17-Jun-2019 15:18



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.