Jump to content

reimage browser hijack


Recommended Posts

Hi, I have been asked to have a look at a computer that has been infected with the reimage browser hijack. I have run all my usual programs that would normally rid the computer of these type of infections, but unfortunately it is stubborn and remains. I have run RKill, adwcleaner (nothing) JRT (nothing) Malwarebytes (nothing) hitman pro (nothing) and lastly emisoft  emergency repair kit. Nothing shows up in these logs and yet as soon as I use google chrome to access the internet I get redirects and a new tab inviting me to download and buy the reimage program also adverts of a very explicit nature.

 

Apparently the computer was infected just before xmas and the girls father reset it back to factory settings with the option to retain files and documents, so any programs have been lost that may have given a clue as to how this infection got onto the laptop in the first instance.

 

PS I have checked the extensions in chrome and there is no sign of anything untoward in there either.

 

Hope you can help and I wish you all well for the new year.

The farbar logs are attached

Addition.txt

FRST.txt

Link to post
Share on other sites

Thats right its not the first time. I could be dishonset and create a new account every time but i dont and i also donate and subscribe to the malwarebytes premium version on three of my own computers and advise customers to do the same. I am asking for help and hope you will help me, I often give help free of charge should a customer call with an issue that I can talk them through or if a customer calls in with a problem I can fix in a few minutes.

 

I could just wipe the laptop and reinstall windows but I like to figure things out and learn so I may help others, but on this occasion it has me stumped, will you help me please.

Link to post
Share on other sites

Okay, that's fine. This PC doesn't have active infection, but there are some infection leftovers that we will remove in the next step:
 
 
FRST.gif Fix with Farbar Recovery Scan Tool
 

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 
Download attached fixlist.txt file and save it to the Desktop:
 
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

fixlist.txt

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.