Kaspersky
Solved

[Andriod] gestyy.com [Closed]

  • 23 February 2020
  • 11 replies
  • 5376 views

Unable to stop the page gestyy.com. Kaspersky internet security does not detect it, nor identify it. The page pops up even when I'm on flight mode. Even downloading Malwarebytes did not work. I've done all what tutorials to remove it asked for in vain. Support is needed & why kaspersky unable to identify it & stop it? Thank you in advance

icon

Best answer by Flood and Flood's wife 24 February 2020, 03:29

View original

This topic has been closed for comments

11 replies

Userlevel 7
Badge +9

@Maia Welcome. Please check this pinned Topic.

Thanks.... The stated solution is for laptops.... Any solutions for phone/android? 

 

Userlevel 7
Badge +11

Hi Maia, 

  1. Please detail exactly the steps you taken to fix the issue so far?
  2. May I have an AIDA64 Report please, attach:paperclip: the Aida64.txt to your reply please?
  3. Is KIS licensed? 
  4. Do you have backups? 

Thank you:pray_tone3:

Flood:whale:

I followed the steps from this website https://malwaretips.com/blogs/remove-android-virus/

Since I didn't know which was the malicious App, I deleted all unessential Apps (meaning downloaded recently around the time the problem started, or not using frequently). 

Yes, my KIS is licenced & renewed. 

Thanks in advance

Userlevel 7
Badge +11

Hello @Maia
Thank you for the information:ok_hand_tone3:

  1. May I have an AIDA64 Report please, attach:paperclip: the Aida64.txt to your reply please?
  2. Which browsers are installed & used? 
  3. Do you have backups? 
  4. In the App manager, go to each app separately, clear data & clear cache, note, this will log (you) out on some apps, however, it’s a necessary step, all logins can be re-established after the issue is resolved. 

Please post back?

Thank you:pray_tone3:

Flood:whale:

Userlevel 7
Badge +9

@Maia Also, did you try to reset your Browser settings.

Hello @Maia
Thank you for the information:ok_hand_tone3:

  1. May I have an AIDA64 Report please, attach:paperclip: the Aida64.txt to your reply please?
  2. Which browsers are installed & used? 
  3. Do you have backups? 
  4. In the App manager, go to each app separately, clear data & clear cache, note, this will log (you) out on some apps, however, it’s a necessary step, all logins can be re-established after the issue is resolved. 

Please post back?

Thank you:pray_tone3:

Flood:whale:

Thanks Flood,

1. Stupid question: is it safe to post the report her in a public forum?( No offence)

2. Chrome ( main used brouser) & Google

3. I turned backup off long time ago... so I'm not sure what has been backed up

4. I cleared the cache for all, but kept data for few apps ( cause I don't remember the credentials) 

Cheers

 

@Maia Also, did you try to reset your Browser settings.

@Berny . I did. Is there there anything specific I need to be aware of? 

Thanks in advance

Userlevel 7
Badge +11

Hello @Maia,

Thank you for replying, the additional information and confirming the actions you’ve taken:ok_hand_tone3:  

There is no such thing as a stupid question, every question is important, do not worry!

:arrow_right: AIDA64 provides hardware & software information, no personal information, however, if you wish you may request Kaspersky Technical Support assist, I’ll provide info at the end of my reply.

:large_blue_diamond: If you’ve completed every step recommended on Remove Viruses, Adware & Malware from Android Phone (Guide), the quickest and cleanest solution is to reset the phone, however, if you wish to continue to toubleshoot, I’m more than happy to work with you until this is resolved. 

For clarification:

The gestyy pages are persisting, even with Flightmode on.

  1. Is Wifi manually enabled after setting Flightmode on? 
  2. May I have an image of the full (gestyy) page please?
  3. Is the gestyy page opening automatically, ie. without you touching the phone?
  4. If no”, what actions preceed the gestyy page opening ? 
  5. Is the gestyy page opening in a Google browser or via a Chrome app (like Google Voice, Now) ?
  6. Log into your Google account, reset everything to default. 
  7. Is Google Sync on, if “yes”, turn OFF. 
  8. Google Notifications, Content suggestions, turn OFF
  9. Google Home page - turn OFF
  10. Google Privacy - make sure every check box is BLANK
  11. AFTER turning Sync OFF, run Clear browsing data again, select Advanced, select All time. make sure EVERY checkbox is selected, run Clear data, Clear Site Storage. 
  12.  :radioactive: Google Settings: Storage, select Clear site storage. 

  13. Google Settings: Cookies, Block third-paty cookies - turn ON

  14. Google Settings: Popups & Redirects - make sure these are blocked
  15. Google Settings: Ads, make sure this is set to block. 
  16. Phone, select Storage, clear Cached data. Note this steps is different to resetting Apps Cache & Data. 
  17. Phone, Miscellaneous files, check & clear. 
  18. If gestyy is coming via a Google app, the same procedures above need to be repeated, as much as possible.
  19. After completing steps 6 to 18 power the phone OFF & ON.
  • Please let me know?
It’s important to reset all data & cache for all apps, this procedure is different to any Clear procedures listed above. 
For the apps you cannot remember the credentials, log into them, reset the accounts, you’ll be able to submit forgot password, & or forgot account sign in name  & or email to do this. 

 :arrow_right: If you decide to factory reset the phone:

Old backups will not help.
Download & use a free Backup app, run backups for Call Logs, SMS, Calendar, Contacts, Bookmarks and any other information/data you consider important. 
Don’t worry about backing up Apps - all apps can be reinstalled. 
After testing 6 available solutions, I use Superbackup, (I’m not associated with them in any way), I backup to a SD card as well as to cloud. 
:warning: Important, Notes are not backed up:warning:
IF an SD Card is installed, remove before resetting the phone.
  • Please let me know? 

For Kaspersky Technical Support, they’ll require a detailed histoy, including all steps taken to resolve, images if relevant, AIDA64. 
If they’re unable to clear the infection they may ask you to install a special KIS version to capture logs and trace the source of the infection.

After submitting the case, you’ll receive an automated email with an INC+12digits reference number, then, normally, within 5 business days, a Kaspersky Technical Support human will communicate with you, also by email, you may continue to engage with the Kaspersky Technical Team via email or by updating the INC in your MyKaspersky account.

  • Please let me know their advice when the issue is resolved? 

 

Please post back?

Thank you:pray_tone3:

Flood:whale:

Hello @Maia,

Thank you for replying, the additional information and confirming the actions you’ve taken:ok_hand_tone3:  

There is no such thing as a stupid question, every question is important, do not worry!

:arrow_right: AIDA64 provides hardware & software information, no personal information, however, if you wish you may request Kaspersky Technical Support assist, I’ll provide info at the end of my reply.

:large_blue_diamond: If you’ve completed every step recommended on Remove Viruses, Adware & Malware from Android Phone (Guide), the quickest and cleanest solution is to reset the phone, however, if you wish to continue to toubleshoot, I’m more than happy to work with you until this is resolved. 

For clarification:

The gestyy pages are persisting, even with Flightmode on.

  1. Is Wifi manually enabled after setting Flightmode on? 
  2. May I have an image of the full (gestyy) page please?
  3. Is the gestyy page opening automatically, ie. without you touching the phone?
  4. If no”, what actions preceed the gestyy page opening ? 
  5. Is the gestyy page opening in a Google browser or via a Chrome app (like Google Voice, Now) ?
  6. Log into your Google account, reset everything to default. 
  7. Is Google Sync on, if “yes”, turn OFF. 
  8. Google Notifications, Content suggestions, turn OFF
  9. Google Home page - turn OFF
  10. Google Privacy - make sure every check box is BLANK
  11. AFTER turning Sync OFF, run Clear browsing data again, select Advanced, select All time. make sure EVERY checkbox is selected, run Clear data, Clear Site Storage. 
  12.  :radioactive: Google Settings: Storage, select Clear site storage. 

  13. Google Settings: Cookies, Block third-paty cookies - turn ON

  14. Google Settings: Popups & Redirects - make sure these are blocked
  15. Google Settings: Ads, make sure this is set to block. 
  16. Phone, select Storage, clear Cached data. Note this steps is different to resetting Apps Cache & Data. 
  17. Phone, Miscellaneous files, check & clear. 
  18. If gestyy is coming via a Google app, the same procedures above need to be repeated, as much as possible.
  19. After completing steps 6 to 18 power the phone OFF & ON.
  • Please let me know?
It’s important to reset all data & cache for all apps, this procedure is different to any Clear procedures listed above. 
For the apps you cannot remember the credentials, log into them, reset the accounts, you’ll be able to submit forgot password, & or forgot account sign in name  & or email to do this. 

 :arrow_right: If you decide to factory reset the phone:

Old backups will not help.
Download & use a free Backup app, run backups for Call Logs, SMS, Calendar, Contacts, Bookmarks and any other information/data you consider important. 
Don’t worry about backing up Apps - all apps can be reinstalled. 
After testing 6 available solutions, I use Superbackup, (I’m not associated with them in any way), I backup to a SD card as well as to cloud. 
:warning: Important, Notes are not backed up:warning:
IF an SD Card is installed, remove before resetting the phone.
  • Please let me know? 

For Kaspersky Technical Support, they’ll require a detailed histoy, including all steps taken to resolve, images if relevant, AIDA64. 
If they’re unable to clear the infection they may ask you to install a special KIS version to capture logs and trace the source of the infection.

After submitting the case, you’ll receive an automated email with an INC+12digits reference number, then, normally, within 5 business days, a Kaspersky Technical Support human will communicate with you, also by email, you may continue to engage with the Kaspersky Technical Team via email or by updating the INC in your MyKaspersky account.

  • Please let me know their advice when the issue is resolved? 

 

Please post back?

Thank you:pray_tone3:

Flood:whale:

THANK YOU for your effort & support. I am not sure which step worked, but the gestty.com page has not popped up since yesterday.. hurray 🤗

I think deleting the data/cache for most Apps worked pretty well. 

Just to answer some of your questions: 

No I don't reset the wifi manually

The page would pop up even without touching the phone... Most of the time, if I'm playing music... Others, without touching it at all. If I want to use the phone, the page is already there. 

There was no specific pattern to make it open. 

I really appreciate your support... Much appreciated

Thank you again 

 

Userlevel 7
Badge +11

Hello @Maia,

You’re very welcome!

Thank you for letting me know:clap_tone3: I’m delighted to read the gestty issue has been resolved:cartwheel_tone3:

Please implement an automatic backup solution, if a disaster happens that mandates a factory reset, it’s incredibly easy and stress free to do if the really important data is backed up.

Thank you:pray_tone3:

Flood:whale: