Can't get rid of Bueno Search browser hijacker
Posted on 2014-07-15
A colleague has given me their laptop to try and put right and the problem would appear to be with a browser hijacker called Bueno Search. Chrome is on the laptop but (thankfully) that seems OK - it's IE 11 that is having the problem. Every time IE is opened it hijacks the defined home page and goes to Bueno Search.
I have followed umpteen procedures I've found on the web but with no luck. Malwarebytes seems to detect all/some of it which I quarantine but after a reboot it's back again. I've also used Hitman Pro, Spybot S&D, JRS, Advanced Systemcare and a few others - same story. I even uninstalled IE, went through a procedure to clean the registry, rebooted and reinstalled and the ******* thing is still there. It seems to create a key called DOMStorage under HKCU/Software/Microsoft/Internet Explorer as well as one or two other entries and they keep coming back.
There are no add-ons, extensions or installed programs that have 'bueno' in the title, unlike a lot of the solution guides demonstrate. Can anyone advise on how I can find out what process keeps creating the registry keys or some sure fire way of nuking this thing - avoiding a full Windows reinstall if possible!