waterlily_18

New Member
Hello.
Recently, I have been having some trouble with a search-find-it type of what I think is a browser hijacker. I am not sure how to get rid of it. It started around the time I realized that I also had this
Search powered by Yahoo virus/malware. Also during this time I was able to catch and remove a trojan virus. I am thinking these were all connected so I am trying to remove them all as soon as I can.

The search powered by Yahoo malware was refusing to uninstall and I don't know when it actually finally did uninstall. I took all of the steps and went to the control panel, uninstall a program, click uninstall/change, yes. I did this both on the control panel and on the apps and features tab on my computer. It stayed for several days before it stopped showing up in the control panel and apps tab.

I checked the extensions and reset the browser info, but nothing seemed out of the ordinary there.

During this time, I've been using several different anti-malware finders and cleaners (Adwcleaner, CCleaner, Malwarebytes, windows defender and FRST).

Am I missing something, and is someone able to help me learn how to get rid of it?

The pictures I am attaching to this post contain markings to help point out what the problem is. The red markings are to point out things that the virus/malware is doing (not all of these are marked), and the green markings are what the computer/google is supposed to be doing. One has a yellow marking showing that one of these pages did not have these extra generated tabs pop up.
------------- I chose the searches almost completely randomly to show what this virus thing may or may not target/effect.
(The black markings simply contain information related to my identity which I do not intend to give out. Please excuse this.)

Some of these symptoms make me wonder whether or not this virus is collecting passwords and other data, or if it is just there to lead you to places that will install other viruses that are made to steal information or to scam you into spending money or something like that. It is particularly concerning that it pops up when trying to log into your email and personal information accounts and such.


208688
------- The image above shows the additional pop ups (us9.) as well as the questionable links of a different size and font. ------

208689208691
--- search with a single word, single word additional pop up (us3.). Searches with more words generate more tabs, each with one or more words/symbols ------

208692
----bottom of the page, more of these links ----

208693
---- for whatever reason, this search link did not generate additional tabs. The link is related to data security and prevention against viruses. Possibly one of the types of links this virus either can't affect or is programed not to affect ------

208694
------ just a random search. this text is bolded more than the others, so I don't know for sure if it is part of this virus, but the size and font of the text looks relatively similar to the other pictures. -----

208695
----- pop ups (us.) for sites that you use for your personal information -------
 

Attachments

TwinHeadedEagle

Level 41
Verified
Hello,


Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.

Running it on another one may cause damage and render the system unstable.

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on
    icon and select
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finishes FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.
 

Attachments

Top