You will probably find it creates a registry file which sets the home page each time you launch your infected browser. This is why companies like malwarebytes launched anti root kit
https://www.malwarebytes.org/antirootkit/
malware is getting more and more sophisticated when removing complicated spyware/malware this is the stages I do (trust me I try not to do all of it if i dont have too but it generally works 95% of the time and this is what i pretty much spend my day doing virus/alware removal )
download and run steve Gould clean up it is an old tool but does a vey good job even works with windows 8
direct download as soon as link is clicked.
http://stevengould.org/downloads/cleanup/CleanUp452.exe
Do not run it in demo mode and no need to log off once it has completed as it will not serve the purpose as malware in temp files will reload on a relog
This itself is not a spyware or virus removal tool it does however clear all your temporary files a place where many naughty bits of malware tends to hide and wait
never really seen much benefit to this stage but it cant hurt run ccleaner available at
http://www.piriform.com/ccleaner/download run cleaner and check everything
then on the next tab registry scan and fix all issues
now lets start looking at malware removal
download and launchas admin ADWCLEANER found here
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
once again a direct download link I am doing this in case you are having redirects from malware and dont want you accidentally downloading further malware
Run it as administrator and then after scan just click clean and reboot computer. now you can also run malwarebytes as well as that often finds stuff left over from ADW brutal approach to removal
test internet browser
still having problems ??
go to your browser and reset all settings back to default and change your home page to
www.google.com or another trusted site
go to control panel select internet options . set your home page I know this is mainly for internet explorer but whilst your here you will check an advanced setting which can carry over to all browsers under the connections tab select lan settings at the bottom and check the box automatically detect settings the top box if the bottom box is checked use a proxy server then that is likely to be the problem.
ok that and save
test browser if you still get problems then you can go more advanced go to device manager and uninstall and adapters under network that are not the 2 main 1s usually wireless and ethernet. Some antiviruses also install some so be careful. Also they may not show up in normal mode so may require a reboot into safe mode. It is normal to have 4-6 adapters visible by microsoft in safe mode but rarely ever seen unless a problem is there with the adapter.
You can also uninstall your main network drivers and restart your computer and they will reinstall that can fix a lot of problems.
If you are still getting problems then it is time to step up your game
download hitman pro
http://get.hitmanpro.com/ very good software however downside is it is only free for 30 days and once trial is used cant be used again without purchasing it unless you do a clean install of windows (and I am not sharing otherways)
you may want to also use the usb boot kickstart version as well available at the bottom left of the application when launched it lets you boot into windows in a special mode and will clear any unauthorised startup applications etc.
you really shouldnt need to do anything else but I will keep going just incase
Uninstall firefox/chrome the effected browsers and make sure you delete temp files and the program folder after it has been uninstalled also make sure you have the setup application somewhere to hand in case you are left without an internet browser
system restore I dont like doing it but it has helped me out a few times and it is simple to rollback your system a couple of days
google netsh reset not stating anymore on this as if done wrong you can make life very bad for your computer, but follow a good tut and you will be fne
there is more options but to tired to go into more for now.
