1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved hijacked pages, system stops responding, pages won't load

Discussion in 'Virus & Other Malware Removal' started by principessa, Dec 19, 2016.

Thread Status:
Not open for further replies.
  1. principessa

    principessa Thread Starter

    Feb 18, 2003
    hello all :)

    i have started noticing "hijacked pages,"

    and that (so far, only when using "chrome," which is outdated - NOT by choice but because i am stuck with windows vista and GOOGLE will not longer support it...),

    sometimes chrome will "hang" when attempting to perform operations such as "clear browsing data,

    and then if i attempt to close chrome, it will make it so that system processes(?) such as my toolbar, ctrl+alt+del/task mgr, and restart will not work, forcing me to need to manually power off my computer,

    and now as of today, most pages are not loading ("err_connection_failed" in chrome, but ALSO IN FIREFOX a lot of pictures in pages are not loading),

    so i fear i have malware...

    okay, here is the sysinfo readout:

    Tech Support Guy System Info Utility version
    OS Version: Microsoft® Windows Vista™ Home Basic, Service Pack 2, 32 bit
    Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz, x64 Family 6 Model 23 Stepping 10
    Processor Count: 2
    RAM: 3061 Mb
    Graphics Card: Mobile Intel(R) 965 Express Chipset Family, 448 Mb
    Hard Drives: C: 232 GB (114 GB Free); E: 931 GB (471 GB Free); F: 931 GB (164 GB Free); G: 465 GB (378 GB Free);
    Motherboard: Dell Inc., 0U990C
    Antivirus: Avast Antivirus, Enabled and Updated

    and just let me know any diagnostics you need me to run and i'll try my best to cooperate...

    thank you so much for your help!!! :)
  2. askey127

    askey127 Malware Specialist

    Dec 22, 2006
    Hi principessa,
    I have two machines very similar to yours.
    I would suggest you run this 3-item sequence and check for results before we go looking for other malware.

    AdwCleaner Download and Run
    Download AdwCleaner and save it to your desktop or somewhere you can find it.
    Close your browser and double click the AdwCleaner icon on your desktop.
    • Click on the Scan button, accept any prompts that appear, and allow it to run.
      It may take several minutes to complete.
    • When it is done, the Scan button will be dimmed down, and it will wait for you to make any exceptions to its suggested removals. Don't make any exceptions or uncheck anything
    • Click on the Clean button, accept any prompts that appear, and allow the system to Reboot.
    • You will then be presented with the report. Copy & Paste it into a reply here.
    • If you lose track of the log, it is saved in this folder C:\AdwCleaner\
      The filename will be adwcleaner[xx].txt, where [xx] will be S1, or S2, etc. whichever filename is newest.

    Download and Run Temp File Cleaner (TFC.exe)
    Download Temp File Cleaner and save it to your desktop.
    You might want to Save any unsaved work. TFC will close ALL open programs... including your browser!
    Right click the TFC icon and choose Run as administrator.
    If you have a lot of junk files to remove, it could take a while, so please be patient and let it finish.
    When it's done, it will report the total size of files removed. If it asks to Reboot, choose to do so. This will remove files that could not be removed while Windows was running.
    After Restart, log back in to your usual account.
    You can keep TFC on your desktop and run it every week or two to clean out excessive temporary files. It does usually require a restart.

    Download MyDefrag from here and Install it : http://filehippo.com/download_mydefrag/
    After Installation, run MyDefrag in System Disk Monthly Mode on the C: drive only.
    (Click System Disk Monthly and then check C: drive, click Run)
    Wait for it. It goes through 6 Zones. It may take an hour or two, depending on how badly the HD is scrambled.
    The Window will be labeled Finished at the top when it is done.
    Going forward, you can run the C: drive in System Disk Daily mode, but once every week or two is sufficient.
    It will finish a lot faster in the ensuing runs.
    You can also use MyDefrag on the E:, F:, and G: drives using the "Data Disk Monthly" setting (Data disk runs use 3 zones).

    Post back how it behaves.
    Then we can run extra checks for malware if necessary
  3. principessa

    principessa Thread Starter

    Feb 18, 2003
    dear askey,

    hi, how are you today?

    the great suggestions you made, have already made a huge improvement in that i'm able to at least load web pages now - hooray! :)

    (adw cleaner seems to've removed /something/ - i'll post log at bottom of post)

    sadly, first i noticed that when i open firefox and attempt to enter a url, _sometimes_ firefox will "hang" for about 1-2minutes

    (i have tried disabling an add-on to see if that will help; i should find out later ...i can also try "resetting" firefox if you think that would be beneficial...) -

    then as i attempted to visit a page (bing.com) using chrome this morning, the page would not load, and i figured to clear my cookies/restart -

    when i did, i encountered the same problem of, the clear history page (nor extensions, etc) would not load,

    and when i _closed_ chrome, my computer's taskbar stopped responding ("buttons" for programs that had been closed, were staying there as an ...image, system clock and other icons were unresponsive),

    and my system wouldn't respond to "ctrl+alt+del"

    (desktop icons WERE still responsive upon mouseover, etc)

    ...i had to manually power off and start again...

    (another thing i forgot to ask you about - before you helped me - is, i noticed both chrome AND firefox have been ...reloading any tab that i've left for more than a few minutes -

    with chrome i had noticed this for a while, but with firefox i had not noticed it until recently,

    and i am wondering if it could be another sign that something has taken over my browsers?

    or do you happen to know if this is normal?)

    whenever you get a chance - i understand you must be so busy, and thank you so much for helping with my issue! - perhaps you can advise me on more involved diagnostics/repair?

    (unless...do you think the problem might just be chrome, bc google refuses to update it any longer ...bc i am stuck with an old windows vista system?)

    here's the adw cleaner log!

    (...i had wanted to ask you... does "tracing keys" mean something is monitoring what i type, such as passwords?? :( )

    # AdwCleaner v6.041 - Logfile created 21/12/2016 at 11:29:47
    # Updated on 16/12/2016 by Malwarebytes
    # Database : 2016-12-21.1 [Server]
    # Operating System : Windows Vista (TM) Home Basic Service Pack 2 (X86)
    # Username : Marketta - INSPIRON-PC
    # Running from : C:\Users\Marketta\Desktop\AdwCleaner.exe
    # Mode: Clean
    # Support : https://www.malwarebytes.com/support

    ***** [ Services ] *****

    ***** [ Folders ] *****

    [-] Folder deleted: C:\ProgramData\TweakBit
    [-] Folder deleted: C:\ProgramData\BSD\DriverHive
    [-] Folder deleted: C:\ProgramData\BSD
    [#] Folder deleted on reboot: C:\ProgramData\BSD\DriverHiveEngine
    [#] Folder deleted on reboot: C:\ProgramData\Application Data\TweakBit
    [#] Folder deleted on reboot: C:\ProgramData\Application Data\BSD\DriverHive
    [#] Folder deleted on reboot: C:\ProgramData\Application Data\BSD
    [#] Folder deleted on reboot: C:\ProgramData\Application Data\BSD\DriverHiveEngine
    [-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit
    [-] Folder deleted: C:\Program Files\TweakBit

    ***** [ Files ] *****

    [-] File deleted: C:\Users\Marketta\Desktop\SysInfo.exe

    ***** [ DLL ] *****

    ***** [ WMI ] *****

    ***** [ Shortcuts ] *****

    ***** [ Scheduled Tasks ] *****

    ***** [ Registry ] *****

    [-] Key deleted: HKLM\SOFTWARE\TWEAKBIT
    [-] Key deleted: HKLM\SOFTWARE\Auslogics

    ***** [ Web browsers ] *****

    [-] [C:\Users\Marketta\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
    [-] [C:\Users\Marketta\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com


    :: "Tracing" keys deleted
    :: Winsock settings cleared


    C:\AdwCleaner\AdwCleaner[C0].txt - [1785 Bytes] - [21/12/2016 11:29:47]
    C:\AdwCleaner\AdwCleaner[R0].txt - [1820 Bytes] - [09/05/2015 10:09:56]
    C:\AdwCleaner\AdwCleaner[S0].txt - [1829 Bytes] - [09/05/2015 10:13:24]
    C:\AdwCleaner\AdwCleaner[S1].txt - [2046 Bytes] - [21/12/2016 11:27:45]

    ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2077 Bytes] ##########

    okay, talk to you when you can... thank you again, and also happy holidays!!! :)

  4. askey127

    askey127 Malware Specialist

    Dec 22, 2006
    Have a nice Holiday.
    When you have time.....
    Now to find out what causing all the bad behavior.
    Download and Run the Farbar Scan Tool
    • Download FRST and save to your Desktop (or your Downloads folder).
    • Double click Frst.exe to launch it.
    • FRST will start to run.
      • When the tool opens click Yes to disclaimer.
      • Press the Scan button.
      • When finished scanning, 2 logs will open on your Desktop, FRST.txt and Addition.txt
      • Please post them in your next reply.
    If you lose track of them, they will be saved in the same location as FRST.exe
    Feel free to use separate replies if it's more convenient.

    Check hard Drive for Errors
    Open Notepad... then copy and paste the following line into Notepad:
    (Notepad is in Start, Programs, Accessories)
    cmd  /c  chkdsk  c:  |find  /v  "percent"  >> "%userprofile%\desktop\checkhd.txt"
    Now Save the NotePad file like this:
    • Click on File from the top menu bar.
    • Select Save As, use Filename: testhd.bat and Save As Type: All Files.
    • Choose Desktop as the location
    • Click Save.
    Right click on testhd.bat on your desktop and select Run As Administrator to run it. OK the UAC.
    A Command Prompt box will pop up, then close after a couple minutes.
    Please post the contents of the checkhd.txt file from your desktop.
    If the file is very long, just copy and paste the LAST 20 or 30 lines into your reply.
    If it doesn't finish, tell me what message it shows.

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1182635

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice