Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 558
  • Last Modified:

Browser appears to have been hijacked

I am trying to advise my brother on a problem he's got with his PC running IE and Vista.  It's recently taken on a life of it's own and keeps popping up porn site windows.  Lots of us have fallen victim to stuff like this over the years but these sites are utterly vile.

He runs Panda Cloud Antivirus (which found nothing) and I've also told him to hit it with MalwareBytes, AdAware and Advanced SystemCare Pro.  However, nothing seems to touch it.  The only thing I've seen that was this resilient was a rootkit virus (TDSS I think) that a specific Kaspersky utility looked for and got rid of.  The behaviour of that was totally different though in that browser links would simply re-direct to other sites - but not this vile stuff.

I'm going to remote connect to it and see what HijackThis comes up with but I just wondered if anyone else out there has experienced similar recently and found success in getting rid of it? Some idea of how the thing might be getting in would also be helpful as I tell him to patch everything as a routine and he does so religiously.

Many thanks
0
funasset
Asked:
funasset
  • 2
  • 2
2 Solutions
 
bluemelnCommented:
When nothing else works, use Kaspersky. If you don't want to buy the license (although very affordable), they have a malware removal tool that you can download from another computer and run from a USB stick if you can no longer use the Internet on the infected machine. If you can only boot up in safe mode, still start the scan from the USB and Kaspersky will direct you to reboot. http://www.kaspersky.com/antivirus-removal-tool-register

Kaspersky has found what Malwarebytes, TrendMicro's OfficeScan, McAfee, PC Doctor, and Nod32 did not find. What's also nice is that it does not weigh down the system, especially if it's an older computer.
0
 
willcompCommented:
I recommend using ComboFix. It is usually effective in removing such infections. Be sure to follow instructions at link.
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
0
 
funassetAuthor Commented:
Cheers for the advice - I won't have time to remote in to it until tomorrow so I'm collating all the ammo I can to get rid of this disgusting thing.

I'll let you know how I get on!

Thanks
0
 
funassetAuthor Commented:
It seems to have gone - I'm not 100% sure what got rid of it as I kind of hit it with everything.  I wish the people who write these things would just get a life!!

Thanks
0
 
willcompCommented:
Glad to help and glad it's gone.
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now