Browser hijacker problem

By Linda81 ยท 7 replies
Oct 2, 2014
  1. My friend's computer has the same nasty piece of malware as Emily Nelson's parents' computers in the thread: possible-browser-hijacker-problem.204794

    The computer's DNS server settings are being overridden and set to and

    I have removed a lot of other malware with SuperAntiSpyware, but it didn't get rid of that one. I also tried Spybot Search and Destroy, but it got stuck in the middle of the scan. I installed Malwarebytes, but it dies shortly after starting. I also tried to install Adaware but the installer was prevented from downloading.

    They have MacAvee suite installed, but it is being prevented from getting updates. They were hardly able to use the internet until I removed the other malware. Now it is working much better, but I would like to get rid of this malware too.

    I also have followed the instructions in the above thread up until fixlist.txt. Bruni or anybody else with the ability, if I post the log files would it be possible for you to create a fixlist.txt file for my friend's computer? My friend and I would greatly appreciate it. Thank you.
  2. Linda81

    Linda81 TS Rookie Topic Starter

    I just wanted to point out that I can't provide a Malwarebytes log, since it won't run. Also I obviously meant MacAfee in the original post.
  3. Linda81

    Linda81 TS Rookie Topic Starter

    I have the following files, will they provide enough information to create fixlist.txt:

  4. Broni

    Broni Malware Annihilator Posts: 54,260   +383

    Welcome aboard [​IMG]

    Please, complete all steps listed here:
    Since MBAM won't run see if you can provide DDS logs.
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
  5. Linda81

    Linda81 TS Rookie Topic Starter

    Thank you for replying. I will go back to my friend's house late tomorrow afternoon and run DDS. In addition to the DDS logs, should I post all the logs I listed above. Thank you very much.
  6. Broni

    Broni Malware Annihilator Posts: 54,260   +383

    Yes, go ahead.


    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2

    • Close all the running programs
    • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or and try again

    [​IMG] Create new restore point before proceeding with the next step....
    How to:

    Download [​IMG] Malwarebytes Anti-Rootkit to your desktop.
    • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
    • Double click on downloaded file. OK self extracting prompt.
    • MBAR will start. Click "Next" to continue.
    • Click in the following screen "Update" to obtain the latest malware definitions.
    • Once the update is complete select "Next" and click "Scan".
    • When the scan is finished and no malware has been found select "Exit".
    • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
    • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
      • "mbar-log-{date} (xx-xx-xx).txt"
      • "system-log.txt"
  7. Linda81

    Linda81 TS Rookie Topic Starter

    I ran DDR, RogueKiller, and MBAR on my friend's computer. RogueKiller and/or MBAR removed the browser hijacker. I then removed the old restore points on the computer and created a new one. Thank you very much for your assistance. My friend was very happy to have their computer working properly again.
  8. Broni

    Broni Malware Annihilator Posts: 54,260   +383

    I'm glad to hear good news but this not the way to follow my rules.
    One of them says:

Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...