Browser appears to have been hijacked
Posted on 2011-09-29
I am trying to advise my brother on a problem he's got with his PC running IE and Vista. It's recently taken on a life of it's own and keeps popping up porn site windows. Lots of us have fallen victim to stuff like this over the years but these sites are utterly vile.
He runs Panda Cloud Antivirus (which found nothing) and I've also told him to hit it with MalwareBytes, AdAware and Advanced SystemCare Pro. However, nothing seems to touch it. The only thing I've seen that was this resilient was a rootkit virus (TDSS I think) that a specific Kaspersky utility looked for and got rid of. The behaviour of that was totally different though in that browser links would simply re-direct to other sites - but not this vile stuff.
I'm going to remote connect to it and see what HijackThis comes up with but I just wondered if anyone else out there has experienced similar recently and found success in getting rid of it? Some idea of how the thing might be getting in would also be helpful as I tell him to patch everything as a routine and he does so religiously.