hijacked web browser

Hi all

Have a laptop when opening google chrome get redirected to dk.search yahoo.

Have tried nearly all av hitman pro malewarebytes, antisuperspyware, and many others

anyone has any soultions   win7

Thanks
LVL 6
davy999Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

KimputerCommented:
It's probably in the command line of the Chrome shortcut. Right mouseclick, properties, check the full command line.
If not, in Google Chrome, do a full reset of the settings.
0
Mark BillExchange, AD, SQL, VMware, HPE, 3PAR, FUD, Anti MS Tekhnet, Pro EE, #1Commented:
Try running Trend Micro hijack this on the computer, then upload your logfile to http://www.hijackthis.co/

Also have a look at all the added entrys in there, like the above poster says check the shortcuts and links too.
0
JohnBusiness Consultant (Owner)Commented:
Download, install and run Process Explorer from Microsoft. Look under the Explorer tree (left side of the window) and see if there are any strange (alphanumeric) processes running. If so, kill the processes and do not restart.

Now run Malwarebytes again. It should remove the remaining malware. Restart after this is done.
0
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

EirmanChief Operations ManagerCommented:
If you run your scans again in Safe Mode you will have a lot more success.
0
Mark BillExchange, AD, SQL, VMware, HPE, 3PAR, FUD, Anti MS Tekhnet, Pro EE, #1Commented:
Malware Bytes is a pretty poor piece of software now days, I would suggest also running Trend Micro Housecall primarily along with Spybot S&D, and visiting bleeping computer forums where they have a lot of very handy tools.

Mcafee Stinger is also a pretty useful tool.
I would actually recommend the following to clients for virus issues.

1. Take a full backup of your system image if possible.
2. Run hijack this, upload the log and remove any suspicious entrys as per the website you uploaded too I posted more details above on that.
3. Run a full scan from Trend Micro Hi Jack this or Mcafee Stinger.
4. Run a full scan from Spybot Search and Destroy or Malware Bytes.
5. Run Combofix on the machine you can get this at Bleepingcomputer.

That should definetly do you.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Mark BillExchange, AD, SQL, VMware, HPE, 3PAR, FUD, Anti MS Tekhnet, Pro EE, #1Commented:
regarding scans in safe mode it depends on the virus you have, they should be ran within safe mode with networking and I believe its fine to run the tools listed above in normal mode.

if your really unsure of whether the system is clean or not you can perform a couple of extra scans in safe mode with networking to ensure the system is clean.

safe mode with networking is usually more useful for Ransomware where the Windows GUI is locked out.
0
davy999Author Commented:
Here is my hijackthis file
hijackthis.log
0
Mark BillExchange, AD, SQL, VMware, HPE, 3PAR, FUD, Anti MS Tekhnet, Pro EE, #1Commented:
upload it to the website I posted above, paste the text in and it will tell you what to do from there.

open up hijack this run the scan again and remove(untick) the entries you want to remove, make sure to take a backup of this box or the data on it that is important unless you don't mind if it all goes bye bye.
0
Mark BillExchange, AD, SQL, VMware, HPE, 3PAR, FUD, Anti MS Tekhnet, Pro EE, #1Commented:
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Browsers

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.