Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser hijacked


  • Please log in to reply
2 replies to this topic

#1 annaz1

annaz1

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:55 PM

Posted 08 December 2010 - 09:46 AM

Hello there,

Hoping someone can help me with this problem as I am tearing my hair out over it!

I have a netbook which has somehow suffered a browser hijack. Generally, URLs typed in load fine, but if I do a Google Search and click on a result, I normally (not always) get redirected to another site. These sites include admarketplace.com (then redirects to qandca.com) and information-seeking.com, stopzilla.com, plus a few others.

I am on Windows XP SP3 and using IE8, although I also downloaded Google Chrome and the same thing is happening.

I've been reading through these forums and elsewhere online, so tried running and using MalwareBytes Anti-Malware, Super AntiSpyware, Ad-Aware and Spybot Search & Destroy to scan and remove items (if any found) but the browser is still hijacked.

I've thought of booting up into Safe Mode to run these scans, though always came across and error that wouldn't let me do so. Now, a different error is showing - "STOP: c0000137 {Privilege Failed} The I/O permissions for the process could not be changed." - which, well, I don't know what that means.

I've now discovered that I can use the "Bootsafe" utility from SuperAntiSpyware and this does let me boot into Safe mode. I did this and ran MBAM quick scan (nothing found), then Super AntiSpyware quick scan (77 ad tracking cookies found - including some of the names mentioned above). Removed everything found in Super AntiSpyware, restarted and still the same problem!

Any help greatly appreciated! Thanks!

BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:55 AM

Posted 08 December 2010 - 06:03 PM

Try this:

http://www.bleepingcomputer.com/virus-removal/remove-tdss-tdl3-alureon-rootkit-using-tdsskiller
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 annaz1

annaz1
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:55 PM

Posted 10 December 2010 - 07:53 AM

Thanks SO much for your help - this appears to have done the trick! (Hooray, my computer is back to normal! This little menace was very frustrating!)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users