HELP! Browser Hijacker in My System

[Anthony J.]

Hello,

I sent the following message to support (see below), and they replied with instructions on what to do. And so I did everything they asked me to do to the letter, but sadly, the problem persisted. I still got this WARNING window coming up the minute I connected to the internet. And so I sent another query to Support and they asked me to connect with this forum. Strangely enough, I've been online about 15 minutes now and that WARNING has not come up, it usually hits me up every five minutes!

Please take a look at the correspondence below, and kindly do your best to assist me.

Thank you,

Anthony

====LETTER TO SUPPORT=====

Hello,

I am constantly being attacked it would seem, because Avast alerts me every time with the following message. Please help!

OBJECT

hxxp://fitovitnatural.com/tmp/dll.exe

INFECTION

URL: Mal

PROCESS

C:\Windows\System32\svchost.exe


====REPLY FROM SUPPORT====

Hello Anthony,

Please accept my apologies for the delay in handling your request.

We're sorry to hear that you've been getting detection messages from Avast. Please note that these are correct and the accessed URL is actually malicious.

It seems that there's a browser hijacker present in your system. Could you please try to clean it up? You can do so by following these steps:

First please make sure that you have the most recent version of Avast - 17.3.2291:
Open Avast and go to > Settings > Update > Program > Update and update your Virus definitions as well.

Then please turn on scanning of Potentially Unwanted Programs (PUPs):
In Avast, go to > Settings > General > check the option 'Scan for potentially unwanted programs (PUPs)' > OK.

After that please perform a Boot-time scan:
Please open Avast and go to > Protection > Antivirus > Other scans > Boot-time scan > Run on next PC reboot.
This will reboot your machine and perform the Boot-time scan.

Then that please reset your web browser to its default settings:
Google Chrome: https://support.google.com/chrome/answer/3296214?hl=en
Mozilla Firefox: https://support.mozilla.org/en-US/kb/refresh-firefox-reset-add-ons-and-settings

Finally please run an Avast Cleanup scan:
Open Avast and go to > Performance > Cleanup > Start Cleanup.

Please let me know if you encounter any issues.

Best Regards,
Prokop
 
The Avast Support Team

[Eddy]

https://forum.avast.com/index.php?topic=194892.0

[Anthony J.]

I've taken a look at your "guideline" link. 

[Pondus]

I've taken a look at your "guideline" link. 

You should do more then look   

[Anthony J.]

A tad overwhelming first instance, but I'm giving it a go today. Thanks!

[Anthony J.]

https://forum.avast.com/index.php?topic=194892.0

Hello Eddy,

Thanks for the help. I downloaded Malwarebytes and did the scan and here's the mbam.txt file attached herewith for you. Please let me know if I should go ahead and do the Next... Farbar Recovery Scan Tool.


Anthony

[Eddy]

Yes, we need the two logs from Farbar also (FRST.txt and Addition.txt)

[Anthony J.]

I tried both files, and a warning comes up that says "This type of file can harm your computer. Do you want to keep FRST64 anyway?" What do I do now? Please advise.

[Pondus]

This is normal, just continue

[Anthony J.]

Hi,

Here we are. Done! Files attached herewith. Awaiting you news.

Thanks!

Anthony

[dbrisendine]

FIRST >>>>

Please go to START (Windows Orb) >> Control Panel >> Uninstall a Program or Programs and Features and remove the following (if listed):

DefaultTab
FlvPlayer
MyFreeCodec
Settings Manager
Yahoo! Search Protection
Yahoo! Toolbar

To do so, left clicking on the name once and then click Uninstall/Change at the bar above the list window. 

Follow the prompts of the uninstaller BUT please read carefully any questions it asks before answering; some uninstallers will try and deceive you into keeping the software.

SECOND >>>>

Fix with Farbar Recovery Scan Tool
This fix was created for this user for use on that particular machine.
Running it on another one may cause damage and render the system unstable. Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

• Right-click on icon and select Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
• Press the Fix button just once and wait.
• If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
• When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

[Anthony J.]

FIRST >>>>

Please go to START (Windows Orb) >> Control Panel >> Uninstall a Program or Programs and Features and remove the following (if listed):

DefaultTab
FlvPlayer
MyFreeCodec
Settings Manager
Yahoo! Search Protection
Yahoo! Toolbar

To do so, left clicking on the name once and then click Uninstall/Change at the bar above the list window. 

Follow the prompts of the uninstaller BUT please read carefully any questions it asks before answering; some uninstallers will try and deceive you into keeping the software.

SECOND >>>>

Fix with Farbar Recovery Scan Tool
This fix was created for this user for use on that particular machine.
Running it on another one may cause damage and render the system unstable. Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

• Right-click on icon and select Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
• Press the Fix button just once and wait.
• If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
• When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

Hello,

Is this meant for me after my last post that all was done? Just checking. And I checked your FIRST item and none of these are present:

Please go to START (Windows Orb) >> Control Panel >> Uninstall a Program or Programs and Features and remove the following (if listed):

DefaultTab
FlvPlayer
MyFreeCodec
Settings Manager
Yahoo! Search Protection
Yahoo! Toolbar


Anthony

[Pondus]

Is this meant for me after my last post that all was done?

Yes, nothing has been done yet, this is your fix instructions

[Anthony J.]

I Can't find these

DefaultTab
FlvPlayer
MyFreeCodec
Settings Manager
Yahoo! Search Protection
Yahoo! Toolbar

Do I go ahead with....

SECOND >>>>

 Fix with Farbar Recovery Scan Tool

[Anthony J.]

Oops! I FOUND them. Uninstalling now!