Results 1 to 3 of 3
  1. #1
    2 Star Lounger artied2's Avatar
    Join Date
    Sep 2011
    Location
    Jacksonville, Fl
    Posts
    116
    Thanks
    8
    Thanked 0 Times in 0 Posts

    Need help eliminating a browser hijack.

    Earlier this week, we bought our granddaughter a new ASUS laptop with Win 8.1. She went home and promptly managed to download some of the worst PUP's and malware I've ever seen. One of the worst was "Open Install". I was able to get rid of most, but there's still one nagging problem. When she opens a browser, (either IE or FireFox), it goes to the proper home page, but then, no matter what she clicks, (even a non-link in a blank area), triggers the browser to start downloading data from several different URL's, resulting in some advertising page to open in a new tab.

    When I searched the web on how to uninstall "Open Install", I ran across a page, (Malwaretips.com), that described how to do it using 4 different programs. I downloaded and ran all four:

    1. AdwCleaner
    2. Junkware Removal Tool: (I don't recommend this one. It removed a wanted program without any warning or options.)
    3. MBAM: (The paid for version.)
    4. HitmanPro: (Paid for this one too.)

    They all removed something, and got most of the "baddies" off the computer, but that browser hijack still exists. None of the four caught it. Anyone have any ideas on where to look for this malware?

    Thanks all.
    Artie

  2. #2
    Super Moderator
    Join Date
    Aug 2012
    Location
    Durham UK
    Posts
    6,645
    Thanks
    147
    Thanked 884 Times in 845 Posts
    You could try the free Sophos anti malware scanner http://www.sophos.com/en-us/threat-c...-analysis.aspx and ESET Free Online Scanner http://www.eset.com/us/online-scanner/

    I've never used Sophos but ESET is thorough.

    For ESET, click on Advanced and check all of the boxes except the proxy one then disable your AV program immediately before hitting the Scan button.

    I suggest you also reset the Hosts File as Open Install or whatever could have corrupted that which can also take you all over the place.

    If it had just been IE that was affected then I would suggest checking the add-ons, although PuPs can migrate across browsers, I think this is more malware than the standard PuP which AdwCleaner would have taken care of.
    Last edited by Sudo15; 2014-11-27 at 18:44.

  3. #3
    2 Star Lounger artied2's Avatar
    Join Date
    Sep 2011
    Location
    Jacksonville, Fl
    Posts
    116
    Thanks
    8
    Thanked 0 Times in 0 Posts
    Thanks Sudo. She's coming up tomorrow. I'll try those then.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •