Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My Desktop PC Browser has been hijacked


  • Please log in to reply
7 replies to this topic

#1 leeri83

leeri83

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:37 PM

Posted 10 January 2009 - 02:29 PM

My computer has been constantly bombarded with messages on the bottom right corner in the tray icon (red circle with white "x" mark) saying that "Warning! Security report: Your computer is infected! It is recommended to start spyware cleaner tool." As some time passes by same icon says: "Your computer is in Danger! Windows Security Center has detected spyware/adware infection! It is strongly recommended to use special antispyware tools to prevent data loss." The icon continues blaring: "Warning! Security report: Warning! Spyware files: Win32.Banker.FS Trojan.SpyAgent.DA and other detected on your computer! It's highly recommended to scan the system immediately to remove all spyware and adware programs."

These messages continue to cycle every few seconds. Soon a "Windows Security Center" window pops up saying: "System files and register changing are detected. Your PC is under the threat of loss of data! It is recommended to start the guard scanner." Occasionally whenever I'm on Internet Explorer a movie advertisement will start playing with several other pop ups.

When this first happened, my computer froze. With no other choice, I restarted the computer. Unfortunately the computer never got close to even starting up. All I had was a blinking "_" in dos mode. I shut off the computer again, and waited for about a minute before turning it back on. My PC finally made it to the Windows screen, but now my desktop has drastically changed colors and design. It's now surrounded with blue/yellow/green/red rectangles all over.

I'm currently using Windows XP Home Edition. I'm scanning using Malwarebytes' Anti-Malware software. Do you have any other suggestions?

Thank you.

**I also forgot to mention that I can no longer access Task Manager. A "Task Manager" window pops up saying: "Task Manager has been disabled by your administrator."

Edited by leeri83, 10 January 2009 - 02:36 PM.


BC AdBot (Login to Remove)

 


#2 ePost

ePost

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:11:37 PM

Posted 10 January 2009 - 02:36 PM

You did the right thing and started Malwarebytes' Anti-Malware. When the scanning is done you should run one more with SUPERAntiSpyware. Here: http://www.superantispyware.com/

Those 2 would be anyones first choise and it's also what's recommended.

#3 leeri83

leeri83
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:37 PM

Posted 10 January 2009 - 02:37 PM

Thanks for your response ePost. I'll do that.

#4 ePost

ePost

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:11:37 PM

Posted 10 January 2009 - 02:42 PM

Is this what it looks like? It's fake as you already know. let's see what the 2 scannings can do. Maybe it will be necessary to ask BleepingComputers to move your thread to one of the malware forums here.

http://community.ca.com/blogs/securityadvi...e-one-real.aspx

#5 ePost

ePost

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:11:37 PM

Posted 10 January 2009 - 02:49 PM

The Malwarebyte's company also produces the free RogueRemover. It is a very fine tool and will check for other rouge installs. I think you should run that also. Link: http://www.malwarebytes.org/rogueremover.php

When all this is over RougeRemover can be uninstalled again but you should keep Malwarebyte's Anti-Malware and SUPERAntiSpyware. They are the best on the freeware marked right now. Perhaps the best out there - free or not free...

#6 leeri83

leeri83
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:37 PM

Posted 10 January 2009 - 02:53 PM

Is this what it looks like? It's fake as you already know. let's see what the 2 scannings can do. Maybe it will be necessary to ask BleepingComputers to move your thread to one of the malware forums here.

http://community.ca.com/blogs/securityadvi...e-one-real.aspx


I didn't even bother clicking on the warnings, just in case. So I wouldn't know.

#7 ePost

ePost

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:11:37 PM

Posted 10 January 2009 - 03:28 PM

Just open your Security Center. Start -> Control Panel -> Security Center. It's almost certainly been hijacked...

#8 leeri83

leeri83
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:37 PM

Posted 11 January 2009 - 12:07 PM

Just open your Security Center. Start -> Control Panel -> Security Center. It's almost certainly been hijacked...


ePost, you're absolutely right. It seems my PC has been hijacked. All my security settings have been switched off, leaving me vulnerable to more attacks. I finally used the SUPERAntiSpyware Free Edition program, and it found almost 114 Trojan-related infections! It seems I'm clean for now, but I am re-scanning after SUPERAntiSpyware asked me to reboot to finish cleaning up the Trojan mess.

Would this explain why my Internet browser was moving more slowly and the constant "Internet Explorer must shutdown due to unexpected errors" messages?

Thanks again.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users