Link to home
Create AccountLog in
Avatar of srilee

asked on

Browser Hijacked?

I have been struggling with some sort of Malware for several days. When I open any browser it is redirected to which appears to be some sort of rouge anti-virus tool. I have run Malwarebytes and Norton Internet Security Suite which have both identified multiple copies of bugs on the PC. I then reboot to allow the full removal of any identified malware/viruses  but still same behavior when I open the browser.  I have also checked my IP settings for any DNS modification as well I have checked for any proxy setting in my browser however  both are set as they should be.  Any ideas????
Avatar of FirstSentinel
Flag of United States of America image

boot into safemode with networking.
then kill the Antivirus8.exe process  (Taskmanager terminate  Antivirus8.exe )
then download malwarebytes
install and run in safe mode

manually check (and if needed remove these files in safe mode)
%Documents and Settings%\All Users\Start Menu\AV\Antivirus8.lnk
%Documents and Settings%\All Users\Start Menu\AV\Uninstall.lnk
%Documents and Settings%\[UserName]\Desktop\Antivirus8.lnk
%Program Files%\AV\Antivirus8.exe

shutdown power off computer and wait 30 seconds  
restart computer
In addition to FirstSentinal's suggestions, you may also want to turn off the System Restore feature. Sometimes Malware likes to hide in there. This will remove system restore info, so you won't be able to use "last known good confirguration" when pressing F8 for boot options.

Right-click My Computer and choose Properties.
Click on the System Restore tab.
Check the box that says "Turn off system restore on all drives".
Reboot and remove malware.

Once you can start up without the malware, use the same procedure to turn System Restore back on.
Avatar of phototropic

Link to home
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of srilee


TDSSKiller in safe mode finally found the problem files.