Super User Jigfishn10 Posted March 11, 2014 Super User Posted March 11, 2014 My wife got this browser hijacker on her computer, Snap.Do, and I'm having a tough time getting it out. I went to program removal on my control panel and I did not see it in the program population, as a matter of fact, I can't find it in the installed programs in her C drive. I ran a full virus scan last night and it did not detect it as a virus, yet I turn on her browser (Google Chrome) and I have to stop running the program manually. If there is anything you can think of for me to try, please let me know. Quote
Super User Root beer Posted March 11, 2014 Super User Posted March 11, 2014 Run Malware Anti-Malware byte. Google it and it should be at top of search result to their website to download a free version. It's among one best scanners I've used. 1 Quote
Super User Raider Nation Fisher Posted March 11, 2014 Super User Posted March 11, 2014 Dig through the folders and files in C: it should be in there somewhere. May take some searching but its possible to find and delete it that way. 1 Quote
Super User Jigfishn10 Posted March 11, 2014 Author Super User Posted March 11, 2014 Dig through the folders and files in C: it should be in there somewhere. May take some searching but its possible to find and delete it that way. You're probably right, I was trying to avoid that. Root beer, is that the correct name of the program? Quote
stk Posted March 11, 2014 Posted March 11, 2014 Just some helpful advice on the adware. The correct name of the program is Malware Bytes Anti-Malware. As for snap.do, if it's not in the add/remove programs area, it could be located in the extensions area of the browser. For google chrome, go to -> settings, then choose extensions. good luck. 2 Quote
Super User Jigfishn10 Posted March 11, 2014 Author Super User Posted March 11, 2014 Just some helpful advice on the adware. The correct name of the program is Malware Bytes Anti-Malware. As for snap.do, if it's not in the add/remove programs area, it could be located in the extensions area of the browser. For google chrome, go to -> settings, then choose extensions. good luck. Many thanks for your help, stk, I'll give your instructions a whirl. Quote
Super User iabass8 Posted March 12, 2014 Super User Posted March 12, 2014 You will(most likely assuming its a browser hijacker) find the location of the virus and delete it offline via safe mode. Must browser hijackers replicate themselves after a restart making a simple click/delete useless. If you are familiar with your registry (start->run type regedit and it will registry will appear) deleting the file manually in safe mode is a more effective resolution. If you do not know the registry, dont touch it. You can screw a comp OS up so bad if you delete something you shouldn't. Theres no coming back usually. Otherwise, run "hi jack this" which will give you all your systems issues/virus' and then run a solid spyware deletion tool. I cant recommend one because i think they are a joke but im a computer nerd. Malware bytes should work though. As said above, in chrome you can simply remove the browser add on as well assuming thats it. 1 Quote
Super User Jigfishn10 Posted March 12, 2014 Author Super User Posted March 12, 2014 You will(most likely assuming its a browser hijacker) find the location of the virus and delete it offline via safe mode. Must browser hijackers replicate themselves after a restart making a simple click/delete useless. If you are familiar with your registry (start->run type regedit and it will registry will appear) deleting the file manually in safe mode is a more effective resolution. If you do not know the registry, dont touch it. You can screw a comp OS up so bad if you delete something you shouldn't. Theres no coming back usually. Otherwise, run "hi jack this" which will give you all your systems issues/virus' and then run a solid spyware deletion tool. I cant recommend one because i think they are a joke but im a computer nerd. Malware bytes should work though. As said above, in chrome you can simply remove the browser add on as well assuming thats it. I may look into the Registry to see if I can find it and go from there. last night I deleted Chrome and reset Internet Explorer, unfortunately, I think it's still there as her internet is now very slow. I agree with doing repairs in Safe Mode as I was in it last night thinking I could roll my computer back a few days. Quote
Super User Bankbeater Posted March 12, 2014 Super User Posted March 12, 2014 Good luck. I was hijacked 5 years ago. Ended up having to reformat the hard drive to get rid of it. 1 Quote
Super User Jigfishn10 Posted March 12, 2014 Author Super User Posted March 12, 2014 You will(most likely assuming its a browser hijacker) find the location of the virus and delete it offline via safe mode. Must browser hijackers replicate themselves after a restart making a simple click/delete useless. If you are familiar with your registry (start->run type regedit and it will registry will appear) deleting the file manually in safe mode is a more effective resolution. If you do not know the registry, dont touch it. You can screw a comp OS up so bad if you delete something you shouldn't. Theres no coming back usually. Otherwise, run "hi jack this" which will give you all your systems issues/virus' and then run a solid spyware deletion tool. I cant recommend one because i think they are a joke but im a computer nerd. Malware bytes should work though. As said above, in chrome you can simply remove the browser add on as well assuming thats it. I opened the registy and performed a "find" for both Snap.do and Resoft Ltd and came up empty, which is a good thing, I guess. Running Malware Bytes now. Good luck. I was hijacked 5 years ago. Ended up having to reformat the hard drive to get rid of it. That's the kicker Bankbeater, I reformatted and rebuilt the computer a year ago. BTW, I hope all is well with you and your family. My wife's dad passed 3 weeks ago, so we're adjusting as well. Quote
Super User iabass8 Posted March 12, 2014 Super User Posted March 12, 2014 I opened the registy and performed a "find" for both Snap.do and Resoft Ltd and came up empty, which is a good thing, I guess. Running Malware Bytes now. That's the kicker Bankbeater, I reformatted and rebuilt the computer a year ago. BTW, I hope all is well with you and your family. My wife's dad passed 3 weeks ago, so we're adjusting as well. That isn't really "good" but not bad. It most likely wont be named snap.to. You also have to search within the correct index, not all 1 Quote
Super User Jigfishn10 Posted March 12, 2014 Author Super User Posted March 12, 2014 That isn't really "good" but not bad. It most likely wont be named snap.to. You also have to search within the correct index, not all Ah, gotchya...Once Malware Bytes is finished, I'll try again. Many thanks for your help iabass8. Quote
Super User deaknh03 Posted March 12, 2014 Super User Posted March 12, 2014 Ah, gotchya...Once Malware Bytes is finished, I'll try again. Many thanks for your help iabass8. John, did you try fixing it with a hammer and chisel? 1 Quote
Super User Jigfishn10 Posted March 12, 2014 Author Super User Posted March 12, 2014 John, did you try fixing it with a hammer and chisel? I'm ready to file it in a big blue filing cabinet I have on the jobsite...LOL... Quote
Super User Jigfishn10 Posted March 12, 2014 Author Super User Posted March 12, 2014 I did a quick scan and I got a lot of pup.optional type errors. I'm running full scan now. Quote
Super User .dsaavedra. Posted March 13, 2014 Super User Posted March 13, 2014 You need to delete System32 ASAP. Nah MBAM should fix you up. 1 Quote
Super User Jigfishn10 Posted March 13, 2014 Author Super User Posted March 13, 2014 You need to delete System32 ASAP. Nah MBAM should fix you up. And it did! Thanks for all your help guys! 2 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.