Browser Hi-jacking
polycounter lvl 18
My browser is being hi-jacked and redirected when ever I do a search and sometimes when I click a link . I have tried all I know for finding the ad-ware-trojan-spyware-malware but I can't seem to find what is doing it . I use Internet explorer because Firefox has several issues I don't like at least on my computer . What I would like to know is if anyone else has had this problem and what they did about it ?
I have used
Microsoft Anti-spyware beta
Ewido ( which found a bunch of spyware but not the problem causer )
Bazooka
Adaware...
nothing seems to be able to find anything and I have a program called winpatrol that monitors any changes to my computers settings and it also has not popped up anything . If you know of a program that is not mentioned and works well let me know ..or maybe another way to track it down ? I'll use Firefox until I figure out what is wrong .
I have used
Microsoft Anti-spyware beta
Ewido ( which found a bunch of spyware but not the problem causer )
Bazooka
Adaware...
nothing seems to be able to find anything and I have a program called winpatrol that monitors any changes to my computers settings and it also has not popped up anything . If you know of a program that is not mentioned and works well let me know ..or maybe another way to track it down ? I'll use Firefox until I figure out what is wrong .
Replies
Scott
norton might be nice too if you can get your hands on it
Malcolm it varies depending on search query . I forgot to mention that while I was surfing around "certain" pages I went to a page and IE flipped out and my Winpatrol let me know several changes were being made and zonealarm let me know several programs were trying to acess the internet . I went through and found those and thought I removed everything but turns out I was wrong something is still here . All of the prgrams scanned the registry but did not come up with anything ?
Had a good guide and links to tools which helped a lot when trying to get rid of a browser hi-jack on the in-laws machine.
Wasn't porn that aused that infection though. Free knitting patterns. Damn those scamps!
http://www.snapfiles.com/get/coolwebshredder.html
It's for removing a nasty redirection browser infection.
And STOP using IE. What don't you like about Firefox?
Also, careful with downloading random anti-spyware tools from the net, many infect your system with malware.
Works wonders.
Good luck getting rid of it, man. That stuff is nasty.
I don't use Firefox because well , Flash simply won't work , Quicktime movies won't work . It downloads stuff and sometimes the downloads disappear
[/ QUOTE ]
I've had this - it was Windows, my PC was knacked. A reinstall and Firefox worked like a dream.
worst thing was , when I deleted the exe , it came straight back .
took me days to sort it out and it left IE crippled anyway. I am now using firefox.
check u this link,http://www.pcstats.com/articleview.cfm?articleid=1579&page=6
It might help, but just google browser hijack and aside fro all the anti spyware stuff, you will find good advice how to fix it manually
[edit]
Check C:\Windows\System32\drivers\etc folder for a "hosts" file, if you see anything other than 127.0.0.1 that's your problem.
I don't use Firefox because well , Flash simply won't work , Quicktime movies won't work.
[/ QUOTE ]
Yeah, that's normally a user error. Flash and Quicktime work perfect for me after some tweaking. It's windows media files I have problems with.
I install AVG, Spybot, Sygate, and Winpatrol, and use a good updated HOST file, then uninstall IE (even tho it doesn't completely) before I connect my PC to the internet after a new build or reformat. I keep a close watch on programs I find running after I close them, or don't recognize, and keep my startup programs minimal. Then I lock the doors, batten down the hatches, and hide the children.
I haven't had a virus or spyware in a long time.
I mostly use Firefox by habit now, but I also switch to Opera sometimes, and it's awesome.
http://www.sysinternals.com/Utilities/Autoruns.html
Autoruns utility lets you look at what is loading with windows, and has an integrated google searcg so you can query which processes should be there, and which shouldn't.
And don't be affraid of safe mode
Best thing to do is run it and copy+paste the report it gives on a forum where people know what they are doing. They should be able to tell you what you need to delete.
That stinks you can't get Flash and QT to work with Mozilla. I'm sure others have had problems like you, just do a search and I'm sure youll be able to figure it out.
The link I posted above is for one of those forums that walks you through hijack-this.
I've had a lot of success using security-forums cleaning up screwed up computers here at work. But yeah hijack-this can screw you up if you don't know what to look for.
Anyway, check with Rootkit Revealer, if neither that nor Hijack This finds anything then your OS is beyond all hope.