|
makaveli8x8
Stranger

Registered: 02/28/06
Posts: 21,636
Last seen: 7 years, 11 months
|
my browser is being hijacked
#14639069 - 06/19/11 06:19 PM (12 years, 10 months ago) |
|
|
so sometimes when i click on a link it takes me to a search engine and does a search instead. It takes me to this website
http://www.search-results.com
i couldn't find much info on it there website disclaimer says that its NOT spyware or anything bad and i think it said something along the lines that i installed it or something which all seems like a load of bullshit.
anyways the only thing that seems to help is clearing my browser history but that only seems to be a temp fix.
i ran spybox search and destory and that didn't help
i just can't seem to shake this shitty program so thats why im here
--------------------
  We were sent to hell for eternity Ø h® We play on earth to pass the time Over-population the root of all Evil-brings the Elites Closer to the gates.
|
Gibson33



Registered: 06/11/10
Posts: 400
Loc: Seattle
Last seen: 9 years, 6 months
|
Re: my browser is being hijacked [Re: makaveli8x8]
#14639080 - 06/19/11 06:21 PM (12 years, 10 months ago) |
|
|
sounds like a virus.
--------------------
|
Scarab74
Warminatrix


Registered: 07/06/09
Posts: 1,554
Loc: Conchs & Coconuts, USA
Last seen: 10 years, 1 month
|
Re: my browser is being hijacked [Re: makaveli8x8] 2
#14639096 - 06/19/11 06:25 PM (12 years, 10 months ago) |
|
|
Download and run malware bites. It should take care of it.
-------------------- ~Scarab74 We are such stuff as dreams are made of. W. Shakespeare - The Tempest
|
gshock50



Registered: 04/24/11
Posts: 389
Last seen: 7 years, 3 months
|
Re: my browser is being hijacked [Re: Scarab74]
#14639196 - 06/19/11 06:49 PM (12 years, 10 months ago) |
|
|
Try CCleaner and if that doesn't work... People claim this removes it:
Quote:
http://www.surfright.nl/en/hitmanpro
Best of luck.
-------------------- "It is the nature of the wise to resist pleasures, but the foolish to be a slave to them. "
|
Ythan
ᕕ( ᐛ )ᕗ


Registered: 08/08/97
Posts: 18,840
Loc: NY/MA/VT Borderlands
Last seen: 11 hours, 1 minute
|
Re: my browser is being hijacked [Re: Scarab74]
#14639501 - 06/19/11 08:09 PM (12 years, 10 months ago) |
|
|
Quote:
Scarab74 said: Download and run malware bites. It should take care of it.
Yup agreed. http://www.malwarebytes.org/mbam-download.php
|
makaveli8x8
Stranger

Registered: 02/28/06
Posts: 21,636
Last seen: 7 years, 11 months
|
Re: my browser is being hijacked [Re: Ythan]
#14639652 - 06/19/11 08:41 PM (12 years, 10 months ago) |
|
|
just ran a full scan with malware didn't see anything that looked out of place
ill try that hitman someone suggested as ive ran ccleaner before altho there''s so many settings with ccleaner i might not have ran it right
--------------------
  We were sent to hell for eternity Ø h® We play on earth to pass the time Over-population the root of all Evil-brings the Elites Closer to the gates.
|
HeavyToilet
The Heaviest OfThem All


Registered: 08/06/03
Posts: 9,458
Loc: British Columbia
|
Re: my browser is being hijacked [Re: makaveli8x8]
#14640660 - 06/20/11 12:09 AM (12 years, 10 months ago) |
|
|
HijackThis! is quite good at unhijacking browsers. You just have to be knowledgeable about what you're removing when you use it.
|
makaveli8x8
Stranger

Registered: 02/28/06
Posts: 21,636
Last seen: 7 years, 11 months
|
Re: my browser is being hijacked [Re: HeavyToilet]
#14640800 - 06/20/11 12:49 AM (12 years, 10 months ago) |
|
|
the weirdest thing about it is that it doesn't do it all the time. i ran the hitman program and all it found were tracker cookies
it hasn't done anything since then but i have no reason to suspect its gone.
its very weird that these programs won't find it, i have ran hijackthis but like u say it takes some time to read it. Nothing popped out at me but there were a handful of exe's i have to google
guess my next step is to run a full virus scan but the thing is again that website says its not spyware or virus or anything so maybe thats why none of these programs are finding it i dunno
--------------------
  We were sent to hell for eternity Ø h® We play on earth to pass the time Over-population the root of all Evil-brings the Elites Closer to the gates.
|
Bacchus
Lurker




Registered: 10/10/06
Posts: 914
Loc: ::1
|
Re: my browser is being hijacked [Re: makaveli8x8]
#14644677 - 06/20/11 07:04 PM (12 years, 10 months ago) |
|
|
Update and scan with your antivirus and several of the popular spyware cleaners (all in safemode). Then generate a hijackthis log and post it on the malwarebytes hijackthis log forum.
Edit: And check out your hosts file too.
--------------------
Living on a no-Flash diet is way easier than you think. Give it a shot.
Edited by Bacchus (06/20/11 07:05 PM)
|
dzza


Registered: 12/31/10
Posts: 143
Loc: Midwest
Last seen: 5 years, 8 months
|
Re: my browser is being hijacked [Re: Bacchus]
#14645377 - 06/20/11 09:28 PM (12 years, 10 months ago) |
|
|
Try all the programs everyone suggested. That should fix it.
Just FYI, you could also check your add/remove software and see if there's shit on that list that you don't recognize. Also you could check for bogus programs running in task manager.
|
snoot
look alive ∞




Registered: 01/30/05
Posts: 9,644
Loc: 45º parallel
Last seen: 20 hours, 19 minutes
|
Re: my browser is being hijacked [Re: dzza]
#14646626 - 06/21/11 02:04 AM (12 years, 10 months ago) |
|
|
Quote:
dzza said: Try all the programs everyone suggested. That should fix it.
Just FYI, you could also check your add/remove software and see if there's shit on that list that you don't recognize. Also you could check for bogus programs running in task manager.
lol yeah you may need to use more then one AV in order to find that malicious lil fucker that is causing you grief. When I bought my first windows machine in like ten years, I bought it used from some kid who used it for like 4hrs, it came with like 15 toolbars and a whole shit load of virii, of which I've had come back and come back and come back. The only thing I've found to totally destroy it is to nuke the HD. Not saying this is what you need to do, but malicious lil nuggets of shit can cause lots of trouble. Best to find it and isolate the thing before it can cause anymore trouble. In a situation like yours if it is a virii, it could potentially cause all kinds of havoc.
--------------------
∞ I am incapable of conceiving infinity, and yet I do not accept finity. - Simone de Beauvoir -
|
mycomyst
Alchemist

Registered: 12/30/10
Posts: 167
|
Re: my browser is being hijacked [Re: snoot]
#14656810 - 06/22/11 09:48 PM (12 years, 10 months ago) |
|
|
If those suggestions don't get the job done, try TDSS killer. It could be a nasty rootkit.
|
ivander
Paragon of Animal



Registered: 11/01/08
Posts: 1,519
Last seen: 1 year, 2 months
|
Re: my browser is being hijacked [Re: makaveli8x8]
#14664095 - 06/24/11 06:46 AM (12 years, 10 months ago) |
|
|
TRy reinstalling you browser.. or your OS, that should do the trick
--------------------
Those who were seen dancing were thought to be insane by those who could not hear the music. - Nietzsche I've never faked a sarcasm in my life. True story.
|
luvdemshrooms
Two inch dick..but it spins!?


Registered: 11/29/01
Posts: 34,247
Loc: Lost In Space
|
Re: my browser is being hijacked [Re: makaveli8x8]
#14664134 - 06/24/11 07:06 AM (12 years, 10 months ago) |
|
|
This happened to a friend. He was clueless, so I helped. The only thing that worked for me was Hitman Pro.
Had that failed, it would have been format and reinstall time.
-------------------- You cannot legislate the poor into prosperity by legislating the wealthy out of prosperity. What one person receives without working for another person must work for without receiving. The government cannot give to anybody anything that the government does not first take from somebody else. When half of the people get the idea that they do not have to work because the other half is going to take care of them and when the other half gets the idea that it does no good to work because somebody else is going to get what they work for that my dear friend is the beginning of the end of any nation. You cannot multiply wealth by dividing it. ~ Adrian Rogers
|
snoot
look alive ∞




Registered: 01/30/05
Posts: 9,644
Loc: 45º parallel
Last seen: 20 hours, 19 minutes
|
|
Finding out what has infected you is key. Isolate other computers and if you are sure you are infected I wuold cut off its communication i.e internet/wireless etc.. even local networks. Completely isolate it, then determine how you were infected and whats infected you. Then you can begin disinfection. After you're clean its then time to figure out how it happened, and fix that hole and determine new practices to now let it happen again.
--------------------
∞ I am incapable of conceiving infinity, and yet I do not accept finity. - Simone de Beauvoir -
|
arainbow
Hippy


Registered: 02/04/08
Posts: 691
Loc: Palnet Earth
|
Re: my browser is being hijacked [Re: snoot]
#14669845 - 06/25/11 10:37 AM (12 years, 10 months ago) |
|
|
what browser ? internet exploiter has a built in language called active x controls that can be run from cookies M$ claims it can be turned off BUT it has undocumented codes that can override your settings and allow even an email to tack over your computer to do ANYTHING !!!!EVEN THINGS THAT WINDOWS WILL NOT ALLOW THE ADMIN TO DO !!!! the one and only thing you can do about active x controls is
use another browser and set it as the default browser
cleaning out your cookies may help for a little while
-------------------- There is more joy in heaven over one of us perfected, than over ninety-nine naturally evolved angels.
|
5HTSynaptrip
Dopamine Enthusiast



Registered: 09/14/08
Posts: 4,360
Loc: USA
Last seen: 6 years, 1 month
|
Re: my browser is being hijacked [Re: arainbow]
#14670279 - 06/25/11 12:29 PM (12 years, 10 months ago) |
|
|
If you have a 64-bit OS then you may have a problem with a lot of the typical scanners. HijackThis is particularly outdated and most of the time you'll get help from malware sites by showing the log from it. A lot of redirectors that don't show up from any scans like MalwareBytes or even your antivirus software are rootkits. They infect your computer to the point that they fuck up everything from detecting them... I just had the shittiest time ever of getting rid of one on my computers.
Some programs can tell you if do have a rootkit. TDSKiller is a pretty good one, as well as aswMBR.exe. Aside from TDSKiller I wouldn't use any of the really good programs from places like gmer.net, but there are a lot of sites where you can get help from really smart people. For me it's always easier to just format and reinstall since it's something I do at least twice a year anyways, and a lot of fixes can leave shit fucked up on your computer. Foolishly, I realized that some rootkits will remain even after formatting and installing. I even rebuilt the Win 7 master boot record from the recovery command console and then formatted and that didn't do it... no programs said I had TDS or Aleureon or anything but I was infected and simply rebuilding the MBR didn't fix it. So it may have been in an HPA or something on my storage drives.
The only way I ended up getting rid of all the bullshit was to run the secure ATA erase command in Linux (hdparm). It can be a pain in the ass because a lot of BIOS' will protect the HDD/SDD from allowing the DCA/HPA from being overwritten or from having an ATA erase command initialized (the ATA erase is something that SATA storage drives do on their own and it is independent of the BIOS/OS). To get around the BIOS problem you have to have your SATA controller set to AHCI and once in your Linux distro of choice, you can unplug the power to the SATA drive and wait like 30 seconds and plug it back in. I had to do my laptop drives on my desktop that has an ASUS Sabertooth x58, which luckily allows you to set whether or not the BIOS locks the drives like that. I also wouldn't backup or transfer shit you want to backup in any Windows environment if you have something like this. My computers were infected from stupidly connecting to my mother-in-laws network with my firewall set to low, and I assume I got infected then because the date of all sorts of file modifications are correlated to the same exact time as her fucking laptop tried connecting to mine endlessly while on the network. When I put my laptop on my homegroup all of my computers were infected.
So it's best to do the secure erase (I used Parted Magic LiveCD) on a storage drive, then mount the drives you need data from and xfer it, then proceed to wipe them all, and finally reinstall. Good luck, and I hope if you have anything close to what I had that my mistakes can maybe save you some time. I wasted fucking hours.
--------------------
Science is a way of thinking much more than it is a body of knowledge. - My hero, who will be forever remembered, Carl Sagan.
|
snoot
look alive ∞




Registered: 01/30/05
Posts: 9,644
Loc: 45º parallel
Last seen: 20 hours, 19 minutes
|
Re: my browser is being hijacked [Re: 5HTSynaptrip]
#14670312 - 06/25/11 12:45 PM (12 years, 10 months ago) |
|
|
Quote:
5HTSynaptrip said: If you have a 64-bit OS then you may have a problem with a lot of the typical scanners. HijackThis is particularly outdated and most of the time you'll get help from malware sites by showing the log from it. A lot of redirectors that don't show up from any scans like MalwareBytes or even your antivirus software are rootkits. They infect your computer to the point that they fuck up everything from detecting them... I just had the shittiest time ever of getting rid of one on my computers.
Some programs can tell you if do have a rootkit. TDSKiller is a pretty good one, as well as aswMBR.exe. Aside from TDSKiller I wouldn't use any of the really good programs from places like gmer.net, but there are a lot of sites where you can get help from really smart people. For me it's always easier to just format and reinstall since it's something I do at least twice a year anyways, and a lot of fixes can leave shit fucked up on your computer. Foolishly, I realized that some rootkits will remain even after formatting and installing. I even rebuilt the Win 7 master boot record from the recovery command console and then formatted and that didn't do it... no programs said I had TDS or Aleureon or anything but I was infected and simply rebuilding the MBR didn't fix it. So it may have been in an HPA or something on my storage drives.
The only way I ended up getting rid of all the bullshit was to run the secure ATA erase command in Linux (hdparm). It can be a pain in the ass because a lot of BIOS' will protect the HDD/SDD from allowing the DCA/HPA from being overwritten or from having an ATA erase command initialized (the ATA erase is something that SATA storage drives do on their own and it is independent of the BIOS/OS). To get around the BIOS problem you have to have your SATA controller set to AHCI and once in your Linux distro of choice, you can unplug the power to the SATA drive and wait like 30 seconds and plug it back in. I had to do my laptop drives on my desktop that has an ASUS Sabertooth x58, which luckily allows you to set whether or not the BIOS locks the drives like that. I also wouldn't backup or transfer shit you want to backup in any Windows environment if you have something like this. My computers were infected from stupidly connecting to my mother-in-laws network with my firewall set to low, and I assume I got infected then because the date of all sorts of file modifications are correlated to the same exact time as her fucking laptop tried connecting to mine endlessly while on the network. When I put my laptop on my homegroup all of my computers were infected.
So it's best to do the secure erase (I used Parted Magic LiveCD) on a storage drive, then mount the drives you need data from and xfer it, then proceed to wipe them all, and finally reinstall. Good luck, and I hope if you have anything close to what I had that my mistakes can maybe save you some time. I wasted fucking hours.
Yeah if you can figure out if you actually have a rootkit that is a major step forward. Once you have it figured out you can take steps in trying to destroy it. It may not even matter really if you ID it, just knowing its a rootkit can help, and ultimately youll have to nuke your HD. Tis what I had to do. Use DBAN's boot'n'nuke. Wipes everything. Youll have to reconfigure your partitions and what not and reinstall everything. Rootkits are the suck. Its best to keep your computer offline, as it could potentially be sending and receiving highly malicious things.
--------------------
∞ I am incapable of conceiving infinity, and yet I do not accept finity. - Simone de Beauvoir -
|
5HTSynaptrip
Dopamine Enthusiast



Registered: 09/14/08
Posts: 4,360
Loc: USA
Last seen: 6 years, 1 month
|
Re: my browser is being hijacked [Re: snoot]
#14670332 - 06/25/11 12:51 PM (12 years, 10 months ago) |
|
|
I'm pretty sure DBAN doesn't wipe HPAs/DCAs. You can see some programs that do by looking at the wiki for HPA/DCA, but for sure you can use the ATA Erase via hdparm in Linux, or a bootable like BCWipe TotalWipeout (and maybe HDDErase).
Parted Magic is good because you can use the console to rune "hdparm -I /dev/sdx" to see if the drive is locked from the BIOS. It also has a simple GUI to run hdparm instead of command line.
--------------------
Science is a way of thinking much more than it is a body of knowledge. - My hero, who will be forever remembered, Carl Sagan.
|
BlimeyGrimey
Collector of Spores




Registered: 08/24/05
Posts: 3,799
Loc: Puget Sound
|
Re: my browser is being hijacked [Re: 5HTSynaptrip]
#14672988 - 06/26/11 12:29 AM (12 years, 10 months ago) |
|
|
I've used avast! to remove rootkits from the computers of my friends. The avast! boot-time scan did the job every time for me. I believe it uses GMER technology to deal with rootkits.
-------------------- Message me for free microscopy services on Psilocybe, Panaeolus, and Gymnopilus species. Looking for wild Panaeolus cinctulus and Panaeolus olivaceus prints.
|
|