Solved

Browser appears to have been hijacked

Posted on 2011-09-29
5
538 Views
Last Modified: 2013-11-22
I am trying to advise my brother on a problem he's got with his PC running IE and Vista.  It's recently taken on a life of it's own and keeps popping up porn site windows.  Lots of us have fallen victim to stuff like this over the years but these sites are utterly vile.

He runs Panda Cloud Antivirus (which found nothing) and I've also told him to hit it with MalwareBytes, AdAware and Advanced SystemCare Pro.  However, nothing seems to touch it.  The only thing I've seen that was this resilient was a rootkit virus (TDSS I think) that a specific Kaspersky utility looked for and got rid of.  The behaviour of that was totally different though in that browser links would simply re-direct to other sites - but not this vile stuff.

I'm going to remote connect to it and see what HijackThis comes up with but I just wondered if anyone else out there has experienced similar recently and found success in getting rid of it? Some idea of how the thing might be getting in would also be helpful as I tell him to patch everything as a routine and he does so religiously.

Many thanks
0
Comment
Question by:funasset
  • 2
  • 2
5 Comments
 
LVL 6

Accepted Solution

by:
bluemeln earned 250 total points
ID: 36817965
When nothing else works, use Kaspersky. If you don't want to buy the license (although very affordable), they have a malware removal tool that you can download from another computer and run from a USB stick if you can no longer use the Internet on the infected machine. If you can only boot up in safe mode, still start the scan from the USB and Kaspersky will direct you to reboot. http://www.kaspersky.com/antivirus-removal-tool-register

Kaspersky has found what Malwarebytes, TrendMicro's OfficeScan, McAfee, PC Doctor, and Nod32 did not find. What's also nice is that it does not weigh down the system, especially if it's an older computer.
0
 
LVL 32

Assisted Solution

by:willcomp
willcomp earned 250 total points
ID: 36879206
I recommend using ComboFix. It is usually effective in removing such infections. Be sure to follow instructions at link.
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
0
 

Author Comment

by:funasset
ID: 36890057
Cheers for the advice - I won't have time to remote in to it until tomorrow so I'm collating all the ammo I can to get rid of this disgusting thing.

I'll let you know how I get on!

Thanks
0
 

Author Comment

by:funasset
ID: 36904389
It seems to have gone - I'm not 100% sure what got rid of it as I kind of hit it with everything.  I wish the people who write these things would just get a life!!

Thanks
0
 
LVL 32

Expert Comment

by:willcomp
ID: 36904614
Glad to help and glad it's gone.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
The related questions "How do I recover the passwords for my Q-See DVR" and "How can I reset my Q-See DVR to eliminate a password" are seen several times a week.  Here we discuss the grim reality of the situation.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question