Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijacked Browser


  • Please log in to reply
9 replies to this topic

#1 Ross_Mc

Ross_Mc

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 15 December 2008 - 05:51 PM

Hi there! :thumbsup:

First time poster, got a problem and i was told that this is the best place for computer advice!!

Anyway, the problem is: everytime i type www.google.com or www.google.co.uk into internet explorer, i am redirected to a webpage pretenting to be from Microsoft Security Centre. The website claims that "my computer is infected and i should download their anti-virus" i know this is a fake and i have NOT downloaded the software.

I have tried different methods of removing the unwanted spyware/malware/virus (to be honest a dont know what it is :flowers: ) i searched online (with another search engine and not google) and i stumbled across www.majorgeeks.com i found a topic on malware/spyware removal http://forums.majorgeeks.com/showthread.php?t=139313 i followed all instructions until i was asked to run combofix.exe where i was redirected here.....

so i have tried several different anti-spyware software packages running full system scans with no result! I am worried about entering credit card details online or any personal information due to this problem.

I would really appreciate any help guys as i have spent the best part of 2 days trying to remove the problem!

Thanks, Ross

BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:07 AM

Posted 15 December 2008 - 06:00 PM

If you ran Malwarebytes please post the log.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 Ross_Mc

Ross_Mc
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 15 December 2008 - 06:11 PM

If you ran Malwarebytes please post the log.

Malwarebytes' Anti-Malware 1.31
Database version: 1501
Windows 5.1.2600 Service Pack 2

15/12/2008 17:25:56
mbam-log-2008-12-15 (17-25-56).txt

Scan type: Quick Scan
Objects scanned: 66412
Time elapsed: 6 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:07 AM

Posted 15 December 2008 - 06:20 PM

Try this scan:

http://www.bleepingcomputer.com/forums/t/131299/how-to-use-sdfix/
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 Ross_Mc

Ross_Mc
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 15 December 2008 - 07:18 PM

Try this scan:

http://www.bleepingcomputer.com/forums/t/131299/how-to-use-sdfix/

Scan worked a treat, thanks very much for ur help! the problem was really starting to annoy me!

:thumbsup:

#6 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:07 AM

Posted 15 December 2008 - 07:20 PM

If you’re clean, you should create a new Restore Point to prevent possible re-infection from an old one.

Go Start > Programs > Accessories > System Tools and click System Restore. Choose the radio button marked Create a Restore Point on the first screen then click Next. Give the Restore Point a name and then click Create. Then use Disk Cleanup to remove all but the most recently created Restore Point. Go Start > Run and type: "Cleanmgr" (without the quotes). Click Ok > More Options tab > Clean Up in the System Restore section to remove all previous restore points except the newly created one.

Also, go Start > Control Panel and double-click Add or Remove Programs. Post back and report any Java entries that you have.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#7 Ross_Mc

Ross_Mc
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 15 December 2008 - 07:28 PM

Created a system restore point like you said, i only have one java entry and it is : Java™ 6 Update 7 there dosnt appear to be any other entries.

#8 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:07 AM

Posted 15 December 2008 - 07:31 PM

That Java is out of date. You should remove it and download the latest:

http://www.java.com/en/download/manual.jsp
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#9 Ross_Mc

Ross_Mc
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 15 December 2008 - 07:44 PM

removed the old java and installed the update!

i still have the anti-spyware/malware software on my computer recommended by www.majorgeeks.com the software is:

super anti-spyware
spybot search and destroy
malware bytes anti-malware
ccleaner

should i keep any of these? or should i uninstall them?

#10 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:07 AM

Posted 15 December 2008 - 07:50 PM

They're all good and you could run them from time to time.

CCleaner is not really an anti-malware application. It just cleans out temp files, browser history, cookies and the like. I would stay away from the registry cleaner function in CCleaner.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users