Still having the Boyu problem despite doing the instructions provided ready.

Status
Not open for further replies.

skeptfusky

New Member
Thread author
May 19, 2024
3
Hello, My problem started 2-Days ago when I was trying to install a game but didn't know that I actually installed a virus as well. My Chrome and Edge started stating that it was managed by an organization, had "Guardian Angel" extension installed, and kept redirecting to the Boyu website whenever I search something. I followed the Remove Boyu Redirect [Virus Removal Guide] already step by step and managed to remove some malicious programs and quarantined some malicious files using AdwCleaner, HitmanPro, Malwarebytes as directed but I still have the problem. I also tried last resort by Factory Resetting my Windows 11 but it gets stuck at 62% everytime. Is there by any chance that I'm doing something wrong and or is there any other way to remove the Trojan? (I will be offline for awhile but I do want to see replies once I go back online Please and Thank you.)
 
Last edited:

nasdaq

Super Moderator
Verified
Staff Member
Nov 5, 2019
1,597
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Let's find out what is causing this.

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Ensure that you are in an Administrator Account
Double-click to run it. When the tool opens click Yes to disclaimer.
Check the boxes as seen here:

Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Please attach the logs for my review.
How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.

Let me know what problems persists.

Wait for further instructions

p.s.
This program is updated often.
If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
OR, you should restore the program from the Quarantine folder.
====
 

skeptfusky

New Member
Thread author
May 19, 2024
3
Hello! These are the logs the scan made.
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Let's find out what is causing this.

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Ensure that you are in an Administrator Account
Double-click to run it. When the tool opens click Yes to disclaimer.
Check the boxes as seen here:

Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Please attach the logs for my review.
How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.

Let me know what problems persists.

Wait for further instructions

p.s.
This program is updated often.
If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
OR, you should restore the program from the Quarantine folder.
====

Hello! These are the logs the scan made.
 

Attachments

  • Addition.txt
    42 KB · Views: 3
  • FRST.txt
    118.1 KB · Views: 4

nasdaq

Super Moderator
Verified
Staff Member
Nov 5, 2019
1,597
Hi,

Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt).

Please post the Fixlog.txt and let me know what problem persists.
 

Attachments

  • Fixlist.txt
    5 KB · Views: 4

skeptfusky

New Member
Thread author
May 19, 2024
3
Hi,

Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt).

Please post the Fixlog.txt and let me know what problem persists.
Thank you for the help! I don't see the Organization and the extension anymore. The site redirecting has stopped as well.
 

Attachments

  • Fixlog.txt
    15.3 KB · Views: 2

HaydenBrash

New Member
May 21, 2024
1
Hello I've randomly installed an app called Guard Go which when i try to use chrome it sends me to boyu.com. It doesn't seem like i can get it easily off anyone have any ideas?
 

nasdaq

Super Moderator
Verified
Staff Member
Nov 5, 2019
1,597
Hi HaydenBrash

In order to get sound advice you must stat a new topic in your name.

Please follow the following instructions.


Regards Nasdaq
 

Julito

New Member
May 22, 2024
2
Hola.

Tengo exactamente el mismo problema.
He seguido escrupulosamente toso los pasos del sitio :

Eliminar Boyu.com.tr redireccionamiento [Guía de eliminación de virus]

Y he leído atentamente este hilo y he hecho todo lo que indicas.

Pero me sigue direccionando las búsquedas a boyu.com

Ya no sé qué más hacer.

Muchas gracias.
 

Attachments

  • Addition.txt
    34.2 KB · Views: 0
  • FRST.txt
    92 KB · Views: 2

nasdaq

Super Moderator
Verified
Staff Member
Nov 5, 2019
1,597
Olá, Bem-vindo ao MalwareTips.
Eu sou nasdaq e estarei te ajudando.

Se você puder imprimir este tópico, será mais fácil para você seguir as instruções e concluir todas as etapas necessárias na ordem listada.
===

Para obter bons conselhos, siga estas directivas.

[OBRIGATÓRIO] Guia de preparação antes de solicitar ajuda para remoção de malware


<<<>>>

Para enviar um novo login do FARBAR em inglês, renomeie o arquivo FIRST64.exe para FRSTENGLISH.exe para relatório em inglês...

O mais importante é que você comece um novo tópico próprio. Não é possível usar outro tópico publicado.

Atenciosamente Nasdaq[
 

Julito

New Member
May 22, 2024
2
Olá, Bem-vindo ao MalwareTips.
Eu sou nasdaq e estarei te ajudando.

Se você puder imprimir este tópico, será mais fácil para você seguir as instruções e concluir todas as etapas necessárias na ordem listada.
===

Para obter bons conselhos, siga estas directivas.

[OBRIGATÓRIO] Guia de preparação antes de solicitar ajuda para remoção de malware


<<<>>>

Para enviar mmm novo login do FARBAR em inglês, renomeie o arquivo FIRST64.exe para FRSTENGLISH.exe para relatório em inglês...

O mais importante é que você comece mmm novo tópico próprio. Não é possível usar outro tópico publicado.

Atenciosamente Nasdaq[


Abro un hilo nuevo (creo) para enviar los archivos en inglés.

Muchas gracias.
 

Attachments

  • Addition.txt
    34.6 KB · Views: 0
  • FRST.txt
    90.9 KB · Views: 0

nasdaq

Super Moderator
Verified
Staff Member
Nov 5, 2019
1,597
Oi,

Desculpe, mas como eu disse antes você não pode postar neste tópico (toipic). Você deve começar seu próprio tópico.

LEIA-ME ANTES DE POSTAR NESTE FÓRUM


Crie um novo tópico conforme sugerido. Anexe seus logs e você será ajudado.

nasdaq
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top