Somehow a browser hijack has installed itself on my laptop (
http://chromestart4.ru/i/rt4.html). I have scaned with Avast, Malwarebytes, Norton Power Eraser and Windows Malicious Software Removal tool and none of them were able to to find it. I did a search on my machine for any part of the file and did not find anything. I did the same search in my registry and did not find anything. I checked my installed programs and did not find anything that should not be there. I also checked my chrome extensions and did not see a problem. I checked my Chrome setting to see if the home page had been change and it was not. It is still set to
www.google.com. My last resort was to try a system restore; however, my system protection was turned of for my drive and system restore for some reason. When I turned them back on it said I had no restore points so I could not role back. I am out of thoughts and thought I would contact the professionals to see if you guys can come up with a fix for this thing. I search the net for answers but there seems to be only one site that offers a solution which is to download their malware program. Makes me think that they probably are responsible for the exploit in the first place. This is the site address for the tool/program (
http://www.freezingcomputer.com/tag/remove-chromestart4-ru/). The name of the program is Spyhunter 4. I have not downloaded it cause WOT and Avast do not have a reputation rating for it.
The hijacker only seems to appear when I open my browser and originally start to go to (
http://mir2sky1.com/882Bh) but then reverts to (
http://chromestart4.ru/i/rt4.html) which looks like a cheap copy of google.com. I checked the mir2shy1 address for a rep rating but it appears to be a new site. Again I really think Spyhunter 4 and the exploit are within the same family. Thanks for your help.
