About 10 days ago a malware "Your browser has been locked" created a new tab in my Opera browser and locked the browser allowing me to close it only with Task Manager. I have Malware Pro active on my PC as well as McAfee Security Suite. I manually ran both programs full scan to determine if I could locate the problems. After several uninstall Opera and reinstall Opera, rebooting each time, running Malware Pro and McAfee Security Suite again and again I went onto the internet for more suggestions. I downloaded and ran Adwcleaner, JRT, FRST64, along with Revo uninstall with advanced delete files in order to get rid of any remaining Opera links. I also contacted Malware and reported my problem and a technician was helping me last week. (I have an active trouble ticket but the Malware technician seems to have given up.) After all that I tried to reinstall Opera again, only to find that the malware tab is on the new program. I have deleted Opera again. I have Firefox, Chrome and IE on my PC and none of them are infected, or to be more accurate, none show signs of infection. ( By the way, I was having a problem opening a new thread before. I was told that the procedure should not be as I described. However, this time the thread information field(s) is/were different. This time there is only one general field to fill in, before there were several and places to fill in my OS data, etc.)
Opera malware Your browser is locked - Persistent!
- Thread starter Stephen
- Start date
- Oct 5, 2012
- 2,697
Hi and welcome to the malwaretips.com forums!
I'm Kuttus and I am going to try to assist you with your problem. Please take note of the below:
Before we start:
Please be aware that removing malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.
Because of this, I advise you to backup any personal files and folders before you start.
------------------------------------------------------------------------------------------------------------------------------
Could you please send a Screen Shots of the Error you are getting?
To Take Screen Of Your Screen.
I'm Kuttus and I am going to try to assist you with your problem. Please take note of the below:
- I will start working on your malware issues, this may or may not, solve other issues you have with your machine.
- The fixes are specific to your problem and should only be used for this issue on this machine!
- The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
- If you don't know, stop and ask! Don't keep going on.
- Please reply to this thread. Do not start a new topic.
- Refrain from running self fixes as this will hinder the malware removal process.
- It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
Before we start:
Please be aware that removing malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.
Because of this, I advise you to backup any personal files and folders before you start.
------------------------------------------------------------------------------------------------------------------------------
Could you please send a Screen Shots of the Error you are getting?
To Take Screen Of Your Screen.
- Press PRINT SCREEN (Print Scr) key on Your Keyboard.
- Now Open MS Paint
- Open Paint by clicking the Start button
, clicking All Programs, clicking Accessories, and then clicking Paint.
- In MS Paint Click Edit, and then click Paste.
- After this Save the File on your computer by Clicking on File --> Save
kuttus:
Thank you for your response. I hope I can ask some basic questions before we get started with trying to get rid of my malware problem.
You advise me to back up my personal files and folders. Is this only on my C drive? I have several hard drives on my PC through sub drive H with information too vast to back up. Because of the several hard drives I do not keep any personal files on my C drive - it is a solid state drive and therefore small. Should I try to disconnect the other hard drives in Device Manager (never done that before) before we begin?
When we get started with trying to find the malware should I download Opera again before we start or at some point later? So far the only way I know the malware is still active is to open a copy of Opera and see the offensive tab, and of course lock up Opera and my PC. If you need a screen shot of the problem I need to download Opera and open it. The malware tab will be there but I should be able to do a print screen before I try to close Opera and of course lock up my PC.
Thank you again for the help.
Thank you for your response. I hope I can ask some basic questions before we get started with trying to get rid of my malware problem.
You advise me to back up my personal files and folders. Is this only on my C drive? I have several hard drives on my PC through sub drive H with information too vast to back up. Because of the several hard drives I do not keep any personal files on my C drive - it is a solid state drive and therefore small. Should I try to disconnect the other hard drives in Device Manager (never done that before) before we begin?
When we get started with trying to find the malware should I download Opera again before we start or at some point later? So far the only way I know the malware is still active is to open a copy of Opera and see the offensive tab, and of course lock up Opera and my PC. If you need a screen shot of the problem I need to download Opera and open it. The malware tab will be there but I should be able to do a print screen before I try to close Opera and of course lock up my PC.
Thank you again for the help.
Since you are asking for screen shots of the problem, there is no error messages just a locked browser, do you want me to download Opera again and open it to do a screen shot of the Opera browser with the malware tab. I can do it and take a screen shot of Opera as long as I do not go to the offending tab. However, If you want a full picture of the opened tab I can try it, but since the malware locks up my keyboard I'm not sure if I can get a screen shot. When I close Opera normally, it will lock up with the full offending page and I can try the screen shot then.
Would you believe I just installed a good copy of Opera. There is no malware tab on it now. Two days ago I downloaded Opera and found the tab with the browser is locked and had to use Task Manager to close it . The only final thing I did differently this last time was to uninstall Opera using the 30 day use free copy of Revo and asked it to do an advanced uninstall. I guess the malware was somewhere in the sub files or ????? that Revo deleted out of my hard drive. I guess I may have to spring for a full paid for version of Revo.
I will start using Opera as my browser again to see if the Malware tab comes back. This time though I am registered with your website and can come back anytime I get into trouble - which I probably will.
Do you want to take any additional steps or should we just view this as solved? If I had not seen the last version of Opera having the malware after I performed all the prior actions except for the uninstall through Revo at the advanced settings I would have thought my prior actions, prior to Revo, had somehow effected it. What do you think?
I will start using Opera as my browser again to see if the Malware tab comes back. This time though I am registered with your website and can come back anytime I get into trouble - which I probably will.
Do you want to take any additional steps or should we just view this as solved? If I had not seen the last version of Opera having the malware after I performed all the prior actions except for the uninstall through Revo at the advanced settings I would have thought my prior actions, prior to Revo, had somehow effected it. What do you think?
- Oct 5, 2012
- 2,697
STEP 1: Run a scan with Farbar Recovery Scan Tool
Please download Farbar Recovery Scan Tool and save it to your desktop.
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.
------------------------------------------------------------------------------------------------------------------------------
Please download Farbar Recovery Scan Tool and save it to your desktop.
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.
- Double-click to run it. When the tool opens click Yes to disclaimer.
- Press Scan button.
- It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
- The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
------------------------------------------------------------------------------------------------------------------------------
I have run the FRST64 program and have attached the FRST.txt file for today, 1/14/14. However, this program is one that the Malware Pro technician had me run last Thursday and therefore the Addition.txt file is from the 1/9/14 run date.
OK, I copied the fixlist.txt file onto my desktop where the program was originally downloaded. I ran the fix and have attached the resultant file.
- Oct 5, 2012
- 2,697
Now reboot the computer..
Download Malwarebytes Anti-Rootkit from here to your Desktop
Please download Malwarebytes' Anti-Malware to your desktop.
Download Malwarebytes Anti-Rootkit from here to your Desktop
- Unzip the contents to a folder on your Desktop.
- Open the folder where the contents were unzipped and run mbar.exe
- Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
- Make sure there is a check next to Create Restore Point and click the Cleanup button to remove any threats. Reboot if prompted to do so.
- After the reboot, perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If there are threats, click Cleanup once more and reboot.
- When done, please post the two logs in the MBAR folder(mbar-log.txt and system-log.txt)
Please download Malwarebytes' Anti-Malware to your desktop.
- Double-click mbam-setup.exe and follow the prompts to install the program.
- At the end, be sure a checkmark is placed next to
- Update Malwarebytes' Anti-Malware
- and Launch Malwarebytes' Anti-Malware
- then click Finish.
- If an update is found, it will download and install the latest version.
- When it prompts you to try their 30-day trail, click decline
- Once the program has loaded, select Perform quick scan, then click Scan.
- When the scan is complete, click OK, then Show Results to view the results.
- Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
- When completed, a log will open in Notepad. please copy and paste the log into your next reply
- If you accidently close it, the log file is saved here and will be named like this:
- C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
I ran the MBAR - Anti Rootkit program. it ran a scan but found nothing to clean. However my McAfee found a problem file and I asked McAfee to delete it. I am attaching a screenshot of the McAfee notice and where I was in the process. I ran the Anti Rootkit program twice, rebooting between times and I am attaching the 2 different mbr Log files and the one System log. In neither scan of the Rookit program did it find anything to clean. Since I already have Malwaresbytes Anti-malware program on my pc, malware pro, I ran it for a full scan of my C drive. It did pick up a questionable file contained in a quaranteed area of FRST64. I had Malware Pro remove it.
Attachments
It all works fine. I have the Opera browser on my pc again and it does not have the problematic tab anymore. Everything else is working normally. I really do appreciate your help in getting the PC working as it is supposed to function.
Thank you Kuttus!!!
Thank you Kuttus!!!
- Oct 5, 2012
- 2,697
You are most welcome... 
Now that your PC is clean, I recommend you to create a new System Restore point then purge the old ones after.
For XP
How to create a Restore Point in XP
Delete all restore points except the most recent one
For Vista
Create a restore point
Delete all but the most recent restore point
For Windows 7
Create a restore point
Delete all but the most recent restore point - Click the Delete all but the most recent restore point link
Keep your system updated
I also recommend you to switch your antivirus program to a better one. Here are some suggestions:
In addition to your antivirus, you need additional protection such as a firewall and behavioural blocker.
Here are only a few suggestions that will improve your system security. Should you wish to allow us to make full recommendations and set your PC up with maximum security, please start a thread here. Our community of PC enthusiasts and experts will give you feedback and help you secure your system from future malware infections.
Internet Explorer may be the most popular browser but it's definitely not the most secure browser. Consider using other browsers with addition add-ons to safeguard your system while browsing the internet.
Firefox is a more secure, faster browser than Internet Explorer. Firefox contains less vulnerabilities, reducing the risk of drive-by downloads. In addition, you can add the following add-ons to increase security.
Google Chrome is another good browser that is faster and more secure than Internet Explorer by having a sandbox feature. Additionally, you can add the following add-on to Chrome to heighten security.
Lastly, it is important to perform system maintenance on a regular basis. Here are a few tools and on-demand scanners that you should keep & use every 1-2 weeks to keep your system healthy.
Other than that, stay safe out there! If you have any other questions or concerns, feel free to ask
What's next?
My virus removal help is always free. Should you wish to show your appreciation via a donation, it will be much appreciated.
Now that your PC is clean, I recommend you to create a new System Restore point then purge the old ones after.
For XP
How to create a Restore Point in XP
Delete all restore points except the most recent one
For Vista
Create a restore point
Delete all but the most recent restore point
For Windows 7
Create a restore point
Delete all but the most recent restore point - Click the Delete all but the most recent restore point link
Keep your system updated
- Keeping your programs (especially Adobe and Java products) updated is essential. Update Checker will notify you if any of your programs require an update.
- Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office product bugs and vulnerabilities.
- Please ensure you update your system regularly and have automatic updates on. You can learn how to turn Automatic Updates on here
I also recommend you to switch your antivirus program to a better one. Here are some suggestions:
- avast! 7 Home Edition - Don't use it with Online Armor
- Avira AntiVir Personal
- Microsoft Security Essentials
In addition to your antivirus, you need additional protection such as a firewall and behavioural blocker.
- Online Armor
- Comodo Firewall - If you are an advance user
Here are only a few suggestions that will improve your system security. Should you wish to allow us to make full recommendations and set your PC up with maximum security, please start a thread here. Our community of PC enthusiasts and experts will give you feedback and help you secure your system from future malware infections.
Internet Explorer may be the most popular browser but it's definitely not the most secure browser. Consider using other browsers with addition add-ons to safeguard your system while browsing the internet.
Firefox is a more secure, faster browser than Internet Explorer. Firefox contains less vulnerabilities, reducing the risk of drive-by downloads. In addition, you can add the following add-ons to increase security.
- KeyScramber - Encrypts your keystrokes to protect you against keyloggers that steals personal & banking information
- AdBlock - Disable/blocks advertisements on websites so you won't accidentally click on a malicious ad.
- NoScript - Disables Flash & Java contents to avoid exploits or drive-by attacks
- Web of Trust - Shows the website rating by other users and blocks dangerous and poor-rated sites
Google Chrome is another good browser that is faster and more secure than Internet Explorer by having a sandbox feature. Additionally, you can add the following add-on to Chrome to heighten security.
Lastly, it is important to perform system maintenance on a regular basis. Here are a few tools and on-demand scanners that you should keep & use every 1-2 weeks to keep your system healthy.
Other than that, stay safe out there! If you have any other questions or concerns, feel free to ask
What's next?
- Bulild up your malware defenses by starting a new thread in Security Configuration Wizard forum.
- Learn how to avoid malware by reading this article How to easily avoid malware
- Be an active member in the MalwareTips community!
My virus removal help is always free. Should you wish to show your appreciation via a donation, it will be much appreciated.
Thank you again for all your help. It is going to take me awhile to go through and implement your advise as well as reorganize my desktop and research and then store the beneficial programs we used to clean up the problem.
