Author Topic: Trojan virus won't go away. Chrome Talk.Gadget.Google - JS:ScriptPE-inf [Trj]  (Read 12509 times)

0 Members and 1 Guest are viewing this topic.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Are you using hangouts as well, as there has been a problem with this for the last few weeks

Go to your extensions in settings, and remove hangouts. Then add it back.

REDACTED

  • Guest
Ok, I removed Hangouts, and selected "revert to old chat" in the chat options in the email window. (there wasn't a "hangouts" extension in the chrome settings/extensions list).



Then I let it go back to the old chat, and then closed chrome. Then I restarted chrome, and opened my work email again. Then I selected "try the new hangouts" to re-install hangouts.

And it took a minute, but it re-installed successfully and didn't trigger an alert from Avast.

So hopefully that did it.

I'll let you know if it comes back, but I think we may have got it fixed!

That was so scary and frustrating as it took a couple days, and I LIVE on my computer.

Thank you so much essexboy, Para-Noid, and the Avast community!

You guys are awesome, and I have been, and always will be an Avast guy!

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Thanks for the screenshot as I do not use Chrome

When you are happy let me know and I will remove my tools

REDACTED

  • Guest
You're welcome essexboy, I think screenshots are the best.

What do you mean you'll remove your tools? Just them downloaded on your machine? Should I remove FRST, adwcleaner, aswmbr etc. from my computer as well?

Thanks again.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
No there is a small tool that I use that removes all the other tools, resets restore points and system settings back to as they were before you used them :)

REDACTED

  • Guest
Oh that's awesome! ok, well I'm happy for now, as long as it doesn't show back up lol.

I'll remove the tools from my computer as well.

Reset the tools and help another helpless soul gallant avenger.

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • Trust only what you test yourself!
Oh that's awesome! ok, well I'm happy for now, as long as it doesn't show back up lol.

I'll remove the tools from my computer as well.

Reset the tools and help another helpless soul gallant avenger.

Let essexboy do the tool removal or you might do more harm.
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Cleaning tools do not hold any fit for all remedies.
They are to be used only by qualified removers,
that know how to create a custom made script just for that particular victim's computer situation.

Any other use of these tools may completely ruin a machine or peripheral to even a "kind of doorstopper state".

Qualified removers need an online tough outbuilding under supervision
until they are granted access to infested computer systems to cure.
Their qualification is being honored all over the internet, even by big  institutions like Microsoft etc.

In unqualified n00b hands working these tools may be destructional to a very high degree.

Same is with the right interpretation of scan results
as I often experience here in the virus and worms section of the support forums.
It takes a high degree of experience and knowledge to come up with the right interpretation of website malcode.

Whenever you do not exactly know what you are up against, stay out of it, you will loose and others with you.

polonus (volunteer website security analyst & website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

REDACTED

  • Guest
Ok sounds good guys.

So I should "delete" these files from my computer at this time?



And you're saying that essexboy, will be able to delete them from my local machine for me?

How does that work? And do I have to let him access my machine through the internet to do so?

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • Trust only what you test yourself!
Let essexboy do the work. He will give you step-by-step instructions.
Once he gives his final "all clear" then he's done. Have patience.

Do not do anything else unless he instructs you to do so.
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

REDACTED

  • Guest
sounds good.

I'll wait for instruction.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
One cleanup :)

Subject to no further problems   :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems 

Now the best part of the day ----- Your log now appears clean  :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset  System Restore points:

Remove tools

Download and run Delfix




: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select  Remove Java Runtime.  Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version



Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware



Malwarebytes.

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme  ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide  Best security practices Keep safe  :wave:

REDACTED

  • Guest
Thanks essexboy.

I have run the delfix program and it looks to have deleted the necessary programs. I have attached the log the came after.

Should I keep the log? It saved it to my C drive.

Also I disabled java from my browser.

Do I really need the Cryptoprevent and Unchecky software? I already run Malware bytes and avast. Isn't that enough?

Thanks.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
The choice is yours. 

Cryptoprevent locks down the registry so that unknown files can not be run from known encrypting malware launch points.  As this nasty bit of malware changes daily there is no way that the anti virus companies can keep up with it.  It does not use any resources as it just adds a group policy to the registry.  However, if you keep regular disc images then you should be OK

Unchecky is for removing most of the hangers on that come with "free" software again it just sits there until required.  However, if you use custom install on all software then it is not needed

Delfix and the log can be deleted 


REDACTED

  • Guest
Awesome thanks for the further insight essexboy.

I will definitely install CryptoPrevent then.

And thanks again for everything!