Solved Spigot Infecting Browsers

F

fan1bsb97

New Member
Thread author
Jul 13, 2014
3
0
2
40
Hi. I noticed a few days ago, not sure when specifically, that when I open google chrome it opens two tabs. The first one is https://search.yahoo.com/?type=282369&fr=spigot-yhp-ch and the second is my homepage. It also happened on firefox. When I search it automatically goes through yahoo.

I've done the adwcleaner scan, junk removal tool, malware bytes at least twice, and hitman pro. I've read a few other threads on this topic and followed directions but nothing seems to work.

Please help if you can. Thanks.
 

Attachments

Hello,


Before we start please note the following:

icon_arrow.gif
Analysis and research take some time, also sometimes real life gets in the way, please be patient.
icon_arrow.gif
Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
icon_arrow.gif
Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
icon_arrow.gif
Do not paste the logs in your posts, attachments make my work easier. There is a Upload a File button which you can use to attach your reports. Attach all reports.
icon_arrow.gif
Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
icon_arrow.gif
Note that we may live in totally different time zones, what may cause some delays between answers.

icon_idea.gif
I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif
There are no silly questions. Never be afraid to ask if in doubt!




FRST.gif
Fix with Farbar Recovery Scan Tool

icon_exclaim.gif
This fix was created for this user for use on that particular machine.
icon_exclaim.gif

icon_exclaim.gif
Running it on another one may cause damage and render the system unstable.
icon_exclaim.gif

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on
    FRST.gif
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.




51a612a8b27e2-Zoek.png
Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on
    51a612a8b27e2-Zoek.png
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    Code: 
    createsrpoint;
autoclean;
CHRdefaults;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Attach report into your next reply.
 

Attachments

Very good, then we can finish :)


Below you will find my thoughts about securing your machine. Go ahead through it, you will benefit from some useful advice about safe computing.


Recommended reading:
icon_exclaim.gif
MUST READ - security tips: Computer Security - a short guide to staying safer online. Simple and easy ways to keep your computer safe and secure on the Internet
icon_exclaim.gif
MUST READ - general maintenance: What to do if your Computer is running slowly?



Recommended additional software:
icon_arrow.gif
TFC - to clean unneeded temporary files.
icon_arrow.gif
Malwarebytes' Anti-Malware - to scan your system from time to time in search for malware.
icon_arrow.gif
Malwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.
icon_arrow.gif
McShield - to prevent infections spread by removable media.
icon_arrow.gif
CryptoPrevent - to secure yourself from very severe CryptoLocker infection.
icon_arrow.gif
Unchecky - to prevent from installing additional foistware, implemented in legitimate installations.


The following will implement some post-cleanup procedures:

=> Please download DelFix by Xplode to your Desktop.

Run the tool and check the following boxes below;
checkmark.png
Remove disinfection tools
checkmark.png
Create registry backup
checkmark.png
Purge System Restore
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:\DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.



Stay safe,
TwinHeadedEagle :)
 

You may also like...