Firefox Hijacked, Now Seems Slow

Discussion in 'Malware Help (A Specialist Will Reply)' started by AddyDog, Sep 30, 2018.

  1. AddyDog

    AddyDog Private E-2

    Hello,
    My Firefox browser was hijacked today by some kind of Malware (it played audio saying my credit card information was going to be stolen unless I called their phone number). I used the task manager to close Firefox and went through the read & run me first instructions in Edge. I have since opened Firefox and have not been hijacked again, but it seems slow to load pages now and the scans did find some files that I have not removed, per instructions.

    I've attached the logs. I did make a mistake and ran ADW cleaner out of sequence. I'd opened multiple tabs and lost my place. My apologies and thanks in advance for any assistance.
     

    Attached Files:

    AddyDog, Sep 30, 2018
    #1
  2. dr.moriarty

    dr.moriarty Malware Super Sleuth Staff Member

    Hello, AddyDog

    Please rerun RogueKiller and remove this detection. When it is finished, there will be a log on your desktop called "RKreport[2].txt", please upload that.
    ¤¤¤ Registry : 1 ¤¤¤
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{3f414bcd-993f-4f2f-bdf9-dc7e7ec0a2b6} | DhcpNameServer : 10.1.1.34 10.160.4.21 ([][]) -> Found

    Next, download ZHPCleaner to your desktop.
    • Close all applications (including your web browsers and antivirus)
    • Double-click on ZHPCleaner to run the tool.
    • If you are using Windows Vista, 7/8/10; instead of double-clicking, right-mouse click ZHPCleaner and select "Run as Administrator".
    • Please click the "J'accepte/I agree" button.
      • First press the "Scanner" button. Be patient, the scan may take awhile.
      • Do NOT fix/repair anything yet! Please upload that logfile with your next reply.

    Your MGLogs.zip is very incomplete - run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator). Make sure that you watch for the license agreement for TrendMicro HijackThis and click on the Accept button TWICE to accept ( yes twice ). Let it run until it is finished. Upload the new MGLogs.zip.
     
    dr.moriarty, Sep 30, 2018
    #2
  3. AddyDog

    AddyDog Private E-2

    Thank you very much for your help! Here is my status:

    1. I ran Rogue Killer and deleted the detection. There was a second one that I did not remove (a Firefox file). The program didn't put a log on my desktop so I saved the file manually and attached it below.
    2. I am having a problem running ZHP. It gives the message "This app can't run on your PC." It may be because I can't turn off Webroot SecureAnywhere (I didn't even know it was on my machine until I looked. I might have to contact my IT.)
    3. I thought I would also try running MG and got a new message in the DOS prompt screen when I double-clicked the exe icon: Error accessing the registry. Access is denied. I also got into an endless cycle where a Windows 10 pop-up asked me if I wanted to let MG make changes to my registry editor and I clicked yes, and the same window opened again. When I clicked to run it as an admin (that was the mistake I made the first time I think), it takes about a second to come up with the message that a 64 bit OS was found, and that's it.

    Though my settings show me as an administrator on this laptop, I wonder if there are some other settings/permissions that have been shut off. :/
     

    Attached Files:

    AddyDog, Oct 1, 2018
    #3
  4. dr.moriarty

    dr.moriarty Malware Super Sleuth Staff Member

    You're welcome

    Is this a personal PC or a business one? Not knowing how software has gotten installed (i.e. Webroot SecureAnywhere) is a problem that needs solving.
     
    dr.moriarty, Oct 1, 2018
    #4
  5. AddyDog

    AddyDog Private E-2

    It's a business one, and I'm not seeing Webroot in the programs list in the control panel. If I could see the date it was installed, I would have a good idea of if it came with the computer or not. I can also ask IT. (They are very hands off so finding there is a restriction on access is out of character.) I will let you know what I found out about Webroot. I believe it's likely from IT, but I don't actually know.
     
    AddyDog, Oct 1, 2018
    #5
  6. dr.moriarty

    dr.moriarty Malware Super Sleuth Staff Member

    As I am an unpaid volunteer working here to help with malware removal for personal PCs, I suggest that you have your IT department solve your malware issues... that would eliminate possible legal complications involving violations of company rules, proprietary software or company/customer privacy issues.

    I hope that you get things sorted!
     
    dr.moriarty, Oct 1, 2018
    #6
  7. AddyDog

    AddyDog Private E-2

    Thanks! I'll have them check it out (though you guys are always the best... :) ).
     
    AddyDog, Oct 1, 2018
    #7
  8. numbersguy

    numbersguy Private E-2

    I know this is a post from 2018 but after a Firefox update i have been unable to use Firefox on my Dell Inspirion running Windows 7. Does Firefox no longer work on a windows 7 computer? I had to download Google Chrome but i would rather use Firefox. My PC is also very, very slow now.
     
    numbersguy, Mar 11, 2019
    #8
  9. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    TimW, Mar 11, 2019
    #9

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds