Solved Spigot Infecting Browsers

F

fan1bsb97

New Member
Thread author
Jul 13, 2014
3
Hi. I noticed a few days ago, not sure when specifically, that when I open google chrome it opens two tabs. The first one is https://search.yahoo.com/?type=282369&fr=spigot-yhp-ch and the second is my homepage. It also happened on firefox. When I search it automatically goes through yahoo.

I've done the adwcleaner scan, junk removal tool, malware bytes at least twice, and hitman pro. I've read a few other threads on this topic and followed directions but nothing seems to work.

Please help if you can. Thanks.
 

Attachments

  • Addition.txt
    44.9 KB · Views: 125
  • FRST.txt
    56.8 KB · Views: 126
  • HitmanPro_20140712_2310.log
    39.8 KB · Views: 58
  • JRT.txt
    2.2 KB · Views: 60
  • mwb.txt
    1.8 KB · Views: 333
F

fan1bsb97

New Member
Thread author
Jul 13, 2014
3
It wouldn't let me edit my post to add my adwcleaner scans. I did two yesterday and one this morning. It's still infected.
 

Attachments

  • AdwCleaner[R1].txt
    982 bytes · Views: 64
  • AdwCleaner[R2].txt
    1.1 KB · Views: 61
  • AdwCleaner[S1].txt
    1 KB · Views: 45
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Hello,


Before we start please note the following:

icon_arrow.gif
Analysis and research take some time, also sometimes real life gets in the way, please be patient.
icon_arrow.gif
Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
icon_arrow.gif
Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
icon_arrow.gif
Do not paste the logs in your posts, attachments make my work easier. There is a Upload a File button which you can use to attach your reports. Attach all reports.
icon_arrow.gif
Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
icon_arrow.gif
Note that we may live in totally different time zones, what may cause some delays between answers.

icon_idea.gif
I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif
There are no silly questions. Never be afraid to ask if in doubt!




FRST.gif
Fix with Farbar Recovery Scan Tool

icon_exclaim.gif
This fix was created for this user for use on that particular machine.
icon_exclaim.gif

icon_exclaim.gif
Running it on another one may cause damage and render the system unstable.
icon_exclaim.gif

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on
    FRST.gif
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.




51a612a8b27e2-Zoek.png
Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on
    51a612a8b27e2-Zoek.png
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    Code: 
    createsrpoint;
autoclean;
CHRdefaults;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Attach report into your next reply.
 

Attachments

  • fixlist.txt
    3.1 KB · Views: 234
F

fan1bsb97

New Member
Thread author
Jul 13, 2014
3
Did both and it stopped appearing on chrome! Here's my scans.
Thank you!
 

Attachments

  • zoek-results.txt
    9.3 KB · Views: 103
  • Fixlog.txt
    7.2 KB · Views: 116
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Very good, then we can finish :)


Below you will find my thoughts about securing your machine. Go ahead through it, you will benefit from some useful advice about safe computing.


Recommended reading:
icon_exclaim.gif
MUST READ - security tips: Computer Security - a short guide to staying safer online. Simple and easy ways to keep your computer safe and secure on the Internet
icon_exclaim.gif
MUST READ - general maintenance: What to do if your Computer is running slowly?



Recommended additional software:
icon_arrow.gif
TFC - to clean unneeded temporary files.
icon_arrow.gif
Malwarebytes' Anti-Malware - to scan your system from time to time in search for malware.
icon_arrow.gif
Malwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.
icon_arrow.gif
McShield - to prevent infections spread by removable media.
icon_arrow.gif
CryptoPrevent - to secure yourself from very severe CryptoLocker infection.
icon_arrow.gif
Unchecky - to prevent from installing additional foistware, implemented in legitimate installations.


The following will implement some post-cleanup procedures:

=> Please download DelFix by Xplode to your Desktop.

Run the tool and check the following boxes below;
checkmark.png
Remove disinfection tools
checkmark.png
Create registry backup
checkmark.png
Purge System Restore
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:\DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.



Stay safe,
TwinHeadedEagle :)
 

Similar threads

Darth_Mario
Google Search getting redirected to yahoo
Replies
10
Views
2,452
Windows Malware Removal Help & Support
TwinHeadedEagle
TwinHeadedEagle
J
  • Locked
Solved Google redirects to Yahoo
Replies
4
Views
19,040
Windows Malware Removal Help & Support
Joannelys
J
N
Spigot Removed but Browser Still Redirecting
Replies
9
Views
3,869
Windows Malware Removal Help & Support
TwinHeadedEagle
TwinHeadedEagle

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top