1. Yes, that could be. But we'll try to help you out.
2. This can be done by malware by using several ways. Mostly the DNS is hijacked or something like that.
3. Please follow the instructions below these answers. I would ask you to do nothing unless I ask you to do, because I can't get a clear view else.
Please download SDFix
and save it to your Desktop.
Double click SDFix.exe
and it will extract the files to C:\SDFix
You may wish to print out these instructions or copy them to a notepad document since you will be unable to access the Internet while in Safe Mode to read from this site.
Please then reboot your computer in Safe Mode
(tap F8 just before Windows starts to load and select Safe Mode from the list).
- Open the extracted SDFix folder and double click RunThis.bat to start the script.
- Type Y to begin the cleanup process.
- It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
- Press any Key and it will restart the PC.
- When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
- Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum).
- Finally paste the contents of the Report.txt back on the forum with a new HijackThis log