Home | Community | Message Board


This site includes paid links. Please support our sponsors.


Welcome to the Shroomery Message Board! You are experiencing a small sample of what the site has to offer. Please login or register to post messages and view our exclusive members-only content. You'll gain access to additional forums, file attachments, board customizations, encrypted private messages, and much more!

Shop: Unfolding Nature Unfolding Nature: Being in the Implicate Order   PhytoExtractum Maeng Da Thai Kratom Leaf Powder   Kraken Kratom Red Vein Kratom

Jump to first unread post Pages: 1 | 2 | Next >  [ show all ]
Offlinemakaveli8x8
Stranger
Male User Gallery
Registered: 02/28/06
Posts: 21,636
Last seen: 7 years, 11 months
my browser is being hijacked
    #14639069 - 06/19/11 06:19 PM (12 years, 10 months ago)

so sometimes when i click on a link it takes me to a search engine and does a search instead.  It takes me to this website

http://www.search-results.com

i couldn't find much info on it there website disclaimer says that its NOT spyware or anything bad and i think it said something along the lines that i installed it or something which all seems like a load of bullshit.

anyways the only thing that seems to help is clearing my browser history but that only seems to be a temp fix.

i ran spybox search and destory and that didn't help

i just can't seem to shake this shitty program so thats why im here


--------------------
We were sent to hell for eternity :hellfire: Ø:omgawesome:h®
We play on earth to pass the time :foreheadslap:

Over-population the root of all Evil-brings the Elites Closer to the gates.

Extras: Filter Print Post Top
OfflineGibson33
Male


Registered: 06/11/10
Posts: 400
Loc: Seattle
Last seen: 9 years, 6 months
Re: my browser is being hijacked [Re: makaveli8x8]
    #14639080 - 06/19/11 06:21 PM (12 years, 10 months ago)

sounds like a virus.


--------------------

Extras: Filter Print Post Top
OfflineScarab74
Warminatrix
Female

Registered: 07/06/09
Posts: 1,554
Loc: Conchs & Coconuts, USA Flag
Last seen: 10 years, 1 month
Re: my browser is being hijacked [Re: makaveli8x8] * 2
    #14639096 - 06/19/11 06:25 PM (12 years, 10 months ago)

Download and run malware bites. It should take care of it.


--------------------
~Scarab74
We are such stuff as dreams are made of.
                W. Shakespeare - The Tempest

Extras: Filter Print Post Top
Offlinegshock50
 User Gallery

Folding@home Statistics
Registered: 04/24/11
Posts: 389
Last seen: 7 years, 3 months
Re: my browser is being hijacked [Re: Scarab74]
    #14639196 - 06/19/11 06:49 PM (12 years, 10 months ago)

Try CCleaner and if that doesn't work... People claim this removes it:

Quote:

http://www.surfright.nl/en/hitmanpro




Best of luck.


--------------------
"It is the nature of the wise to resist pleasures, but the foolish to be a slave to them. "

Extras: Filter Print Post Top
OfflineYthanA
ᕕ( ᐛ )ᕗ
Male User Gallery

Registered: 08/08/97
Posts: 18,840
Loc: NY/MA/VT Borderlands Flag
Last seen: 11 hours, 1 minute
Re: my browser is being hijacked [Re: Scarab74]
    #14639501 - 06/19/11 08:09 PM (12 years, 10 months ago)

Quote:

Scarab74 said:
Download and run malware bites. It should take care of it.




Yup agreed. http://www.malwarebytes.org/mbam-download.php

Extras: Filter Print Post Top
Offlinemakaveli8x8
Stranger
Male User Gallery
Registered: 02/28/06
Posts: 21,636
Last seen: 7 years, 11 months
Re: my browser is being hijacked [Re: Ythan]
    #14639652 - 06/19/11 08:41 PM (12 years, 10 months ago)

just ran a full scan with malware didn't see anything that looked out of place:sad:

ill try that hitman someone suggested as ive ran ccleaner before altho there''s so many settings with ccleaner i might not have ran it right


--------------------
We were sent to hell for eternity :hellfire: Ø:omgawesome:h®
We play on earth to pass the time :foreheadslap:

Over-population the root of all Evil-brings the Elites Closer to the gates.

Extras: Filter Print Post Top
InvisibleHeavyToilet
The Heaviest OfThem All
Male

Registered: 08/06/03
Posts: 9,458
Loc: British Columbia
Re: my browser is being hijacked [Re: makaveli8x8]
    #14640660 - 06/20/11 12:09 AM (12 years, 10 months ago)

HijackThis! is quite good at unhijacking browsers. You just have to be knowledgeable about what you're removing when you use it.

Extras: Filter Print Post Top
Offlinemakaveli8x8
Stranger
Male User Gallery
Registered: 02/28/06
Posts: 21,636
Last seen: 7 years, 11 months
Re: my browser is being hijacked [Re: HeavyToilet]
    #14640800 - 06/20/11 12:49 AM (12 years, 10 months ago)

the weirdest thing about it is that it doesn't do it all the time.  i ran the hitman program and all it found were tracker cookies

it hasn't done anything since then but i have no reason to suspect its gone. 

its very weird that these programs won't find it, i have ran hijackthis but like u say it takes some time to read it.  Nothing popped out at me but there were a handful of exe's i have to google

guess my next step is to run a full virus scan but the thing is again that website says its not spyware or virus or anything so maybe thats why none of these programs are finding it i dunno


--------------------
We were sent to hell for eternity :hellfire: Ø:omgawesome:h®
We play on earth to pass the time :foreheadslap:

Over-population the root of all Evil-brings the Elites Closer to the gates.

Extras: Filter Print Post Top
InvisibleBacchus
Lurker
Male User Gallery


Folding@home Statistics
Registered: 10/10/06
Posts: 914
Loc: ::1
Re: my browser is being hijacked [Re: makaveli8x8]
    #14644677 - 06/20/11 07:04 PM (12 years, 10 months ago)

Update and scan with your antivirus and several of the popular spyware cleaners (all in safemode). Then generate a hijackthis log and post it on the malwarebytes hijackthis log forum.

Edit: And check out your hosts file too.


--------------------


Living on a no-Flash diet is way easier than you think. Give it a shot.

Edited by Bacchus (06/20/11 07:05 PM)

Extras: Filter Print Post Top
Offlinedzza
Male

Registered: 12/31/10
Posts: 143
Loc: Midwest
Last seen: 5 years, 8 months
Re: my browser is being hijacked [Re: Bacchus]
    #14645377 - 06/20/11 09:28 PM (12 years, 10 months ago)

Try all the programs everyone suggested.  That should fix it.

Just FYI, you could also check your add/remove software and see if there's shit on that list that you don't recognize.  Also you could check for bogus programs running in task manager.

Extras: Filter Print Post Top
Offlinesnoot
look alive ∞
Male User Gallery


Folding@home Statistics
Registered: 01/30/05
Posts: 9,644
Loc: 45º parallel Flag
Last seen: 20 hours, 19 minutes
Re: my browser is being hijacked [Re: dzza]
    #14646626 - 06/21/11 02:04 AM (12 years, 10 months ago)

Quote:

dzza said:
Try all the programs everyone suggested.  That should fix it.

Just FYI, you could also check your add/remove software and see if there's shit on that list that you don't recognize.  Also you could check for bogus programs running in task manager.





lol yeah you may need to use more then one AV in order to find that malicious lil fucker that is causing you grief. When I bought my first windows machine in like ten years, I bought it used from some kid who used it for like 4hrs, it came with like 15 toolbars and a whole shit load of virii, of which I've had come back and come back and come back. The only thing I've found to totally destroy it is to nuke the HD. Not saying this is what you need to do, but malicious lil nuggets of shit can cause lots of trouble. Best to find it and isolate the thing before it can cause anymore trouble. In a situation like yours if it is a virii, it could potentially cause all kinds of havoc.


--------------------



I am incapable of conceiving infinity, and yet I do not accept finity.
- Simone de Beauvoir -

Extras: Filter Print Post Top
Invisiblemycomyst
Alchemist
Male
Registered: 12/30/10
Posts: 167
Re: my browser is being hijacked [Re: snoot]
    #14656810 - 06/22/11 09:48 PM (12 years, 10 months ago)

If those suggestions don't get the job done, try TDSS killer. It could be a nasty rootkit.

Extras: Filter Print Post Top
Offlineivander
Paragon of Animal
Male


Registered: 11/01/08
Posts: 1,519
Last seen: 1 year, 2 months
Re: my browser is being hijacked [Re: makaveli8x8]
    #14664095 - 06/24/11 06:46 AM (12 years, 10 months ago)

TRy reinstalling you browser.. or your OS, that should do the trick :cool:


--------------------
Those who were seen dancing were thought to be insane by those who could not hear the music. - Nietzsche

I've never faked a sarcasm in my life. True story.

Extras: Filter Print Post Top
Invisibleluvdemshrooms
Two inch dick..but it spins!?
 User Gallery

Registered: 11/29/01
Posts: 34,247
Loc: Lost In Space
Re: my browser is being hijacked [Re: makaveli8x8]
    #14664134 - 06/24/11 07:06 AM (12 years, 10 months ago)

This happened to a friend. He was clueless, so I helped. The only thing that worked for me was Hitman Pro.


Had that failed, it would have been format and reinstall time.


--------------------
You cannot legislate the poor into prosperity by legislating the wealthy out of prosperity. What one person receives without working for another person must work for without receiving. The government cannot give to anybody anything that the government does not first take from somebody else. When half of the people get the idea that they do not have to work because the other half is going to take care of them and when the other half gets the idea that it does no good to work because somebody else is going to get what they work for that my dear friend is the beginning of the end of any nation. You cannot multiply wealth by dividing it. ~ Adrian Rogers

Extras: Filter Print Post Top
Offlinesnoot
look alive ∞
Male User Gallery


Folding@home Statistics
Registered: 01/30/05
Posts: 9,644
Loc: 45º parallel Flag
Last seen: 20 hours, 19 minutes
Re: my browser is being hijacked [Re: luvdemshrooms]
    #14665828 - 06/24/11 02:32 PM (12 years, 10 months ago)

Finding out what has infected you is key. Isolate other computers and if you are sure you are infected I wuold cut off its communication i.e internet/wireless etc.. even local networks. Completely isolate it, then determine how you were infected and whats infected you. Then you can begin disinfection. After you're clean its then time to figure out how it happened, and fix that hole and determine new practices to now let it happen again.


--------------------



I am incapable of conceiving infinity, and yet I do not accept finity.
- Simone de Beauvoir -

Extras: Filter Print Post Top
Invisiblearainbow
Hippy


Registered: 02/04/08
Posts: 691
Loc: Palnet Earth
Re: my browser is being hijacked [Re: snoot]
    #14669845 - 06/25/11 10:37 AM (12 years, 10 months ago)

what browser ?
internet exploiter has a built in language 
called active x controls that can be run from cookies
M$ claims it can be turned off
BUT it has undocumented codes that can override your settings
and allow even an email to tack over your computer to do
ANYTHING !!!!EVEN THINGS THAT WINDOWS WILL NOT ALLOW THE ADMIN TO DO !!!!
the one and only thing you can do about active x controls is

use another browser and set it as the default browser

cleaning out your cookies may help for a little while


--------------------
There is more joy in heaven over one of us perfected,
  than over ninety-nine naturally evolved angels.

Extras: Filter Print Post Top
Offline5HTSynaptrip
Dopamine Enthusiast
 User Gallery

Folding@home Statistics
Registered: 09/14/08
Posts: 4,360
Loc: USA Flag
Last seen: 6 years, 1 month
Re: my browser is being hijacked [Re: arainbow]
    #14670279 - 06/25/11 12:29 PM (12 years, 10 months ago)

If you have a 64-bit OS then you may have a problem with a lot of the typical scanners.  HijackThis is particularly outdated and most of the time you'll get help from malware sites by showing the log from it.  A lot of redirectors that don't show up from any scans like MalwareBytes or even your antivirus software are rootkits.  They infect your computer to the point that they fuck up everything from detecting them... I just had the shittiest time ever of getting rid of one on my computers. 

Some programs can tell you if do have a rootkit.  TDSKiller is a pretty good one, as well as aswMBR.exe.  Aside from TDSKiller I wouldn't use any of the really good programs from places like gmer.net, but there are a lot of sites where you can get help from really smart people.  For me it's always easier to just format and reinstall since it's something I do at least twice a year anyways, and a lot of fixes can leave shit fucked up on your computer.  Foolishly, I realized that some rootkits will remain even after formatting and installing.  I even rebuilt the Win 7 master boot record from the recovery command console and then formatted and that didn't do it... no programs said I had TDS or Aleureon or anything but I was infected and simply rebuilding the MBR didn't fix it.  So it may have been in an HPA or something on my storage drives. 

The only way I ended up getting rid of all the bullshit was to run the secure ATA erase command in Linux (hdparm).  It can be a pain in the ass because a lot of BIOS' will protect the HDD/SDD from allowing the DCA/HPA from being overwritten or from having an ATA erase command initialized (the ATA erase is something that SATA storage drives do on their own and it is independent of the BIOS/OS).  To get around the BIOS problem you have to have your SATA controller set to AHCI and once in your Linux distro of choice, you can unplug the power to the SATA drive and wait like 30 seconds and plug it back in.  I had to do my laptop drives on my desktop that has an ASUS Sabertooth x58, which luckily allows you to set whether or not the BIOS locks the drives like that.  I also wouldn't backup or transfer shit you want to backup in any Windows environment if you have something like this.  My computers were infected from stupidly connecting to my mother-in-laws network with my firewall set to low, and I assume I got infected then because the date of all sorts of file modifications are correlated to the same exact time as her fucking laptop tried connecting to mine endlessly while on the network.  When I put my laptop on my homegroup all of my computers were infected.  :frown: 

So it's best to do the secure erase (I used Parted Magic LiveCD) on a storage drive, then mount the drives you need data from and xfer it, then proceed to wipe them all, and finally reinstall.  Good luck, and I hope if you have anything close to what I had that my mistakes can maybe save you some time.  I wasted fucking hours.


--------------------


Science is a way of thinking much more than it is a body of knowledge. - My hero, who will be forever remembered, Carl Sagan.


Extras: Filter Print Post Top
Offlinesnoot
look alive ∞
Male User Gallery


Folding@home Statistics
Registered: 01/30/05
Posts: 9,644
Loc: 45º parallel Flag
Last seen: 20 hours, 19 minutes
Re: my browser is being hijacked [Re: 5HTSynaptrip]
    #14670312 - 06/25/11 12:45 PM (12 years, 10 months ago)

Quote:

5HTSynaptrip said:
If you have a 64-bit OS then you may have a problem with a lot of the typical scanners.  HijackThis is particularly outdated and most of the time you'll get help from malware sites by showing the log from it.  A lot of redirectors that don't show up from any scans like MalwareBytes or even your antivirus software are rootkits.  They infect your computer to the point that they fuck up everything from detecting them... I just had the shittiest time ever of getting rid of one on my computers. 

Some programs can tell you if do have a rootkit.  TDSKiller is a pretty good one, as well as aswMBR.exe.  Aside from TDSKiller I wouldn't use any of the really good programs from places like gmer.net, but there are a lot of sites where you can get help from really smart people.  For me it's always easier to just format and reinstall since it's something I do at least twice a year anyways, and a lot of fixes can leave shit fucked up on your computer.  Foolishly, I realized that some rootkits will remain even after formatting and installing.  I even rebuilt the Win 7 master boot record from the recovery command console and then formatted and that didn't do it... no programs said I had TDS or Aleureon or anything but I was infected and simply rebuilding the MBR didn't fix it.  So it may have been in an HPA or something on my storage drives. 

The only way I ended up getting rid of all the bullshit was to run the secure ATA erase command in Linux (hdparm).  It can be a pain in the ass because a lot of BIOS' will protect the HDD/SDD from allowing the DCA/HPA from being overwritten or from having an ATA erase command initialized (the ATA erase is something that SATA storage drives do on their own and it is independent of the BIOS/OS).  To get around the BIOS problem you have to have your SATA controller set to AHCI and once in your Linux distro of choice, you can unplug the power to the SATA drive and wait like 30 seconds and plug it back in.  I had to do my laptop drives on my desktop that has an ASUS Sabertooth x58, which luckily allows you to set whether or not the BIOS locks the drives like that.  I also wouldn't backup or transfer shit you want to backup in any Windows environment if you have something like this.  My computers were infected from stupidly connecting to my mother-in-laws network with my firewall set to low, and I assume I got infected then because the date of all sorts of file modifications are correlated to the same exact time as her fucking laptop tried connecting to mine endlessly while on the network.  When I put my laptop on my homegroup all of my computers were infected.  :frown: 

So it's best to do the secure erase (I used Parted Magic LiveCD) on a storage drive, then mount the drives you need data from and xfer it, then proceed to wipe them all, and finally reinstall.  Good luck, and I hope if you have anything close to what I had that my mistakes can maybe save you some time.  I wasted fucking hours.





Yeah if you can figure out if you actually have a rootkit that is a major step forward. Once you have it figured out you can take steps in trying to destroy it. It may not even matter really if you ID it, just knowing its a rootkit can help, and ultimately youll have to nuke your HD. Tis what I had to do. Use DBAN's boot'n'nuke. Wipes everything. Youll have to reconfigure your partitions and what not and reinstall everything. Rootkits are the suck. Its best to keep your computer offline, as it could potentially be sending and receiving highly malicious things.


--------------------



I am incapable of conceiving infinity, and yet I do not accept finity.
- Simone de Beauvoir -

Extras: Filter Print Post Top
Offline5HTSynaptrip
Dopamine Enthusiast
 User Gallery

Folding@home Statistics
Registered: 09/14/08
Posts: 4,360
Loc: USA Flag
Last seen: 6 years, 1 month
Re: my browser is being hijacked [Re: snoot]
    #14670332 - 06/25/11 12:51 PM (12 years, 10 months ago)

I'm pretty sure DBAN doesn't wipe HPAs/DCAs.  You can see some programs that do by looking at the wiki for HPA/DCA, but for sure you can use the ATA Erase via hdparm in Linux, or a bootable like BCWipe TotalWipeout (and maybe HDDErase).

Parted Magic is good because you can use the console to rune "hdparm -I /dev/sdx" to see if the drive is locked from the BIOS.  It also has a simple GUI to run hdparm instead of command line.


--------------------


Science is a way of thinking much more than it is a body of knowledge. - My hero, who will be forever remembered, Carl Sagan.


Extras: Filter Print Post Top
InvisibleBlimeyGrimey
Collector of Spores
Male


Folding@home Statistics
Registered: 08/24/05
Posts: 3,799
Loc: Puget Sound
Re: my browser is being hijacked [Re: 5HTSynaptrip]
    #14672988 - 06/26/11 12:29 AM (12 years, 10 months ago)

I've used avast! to remove rootkits from the computers of my friends. The avast! boot-time scan did the job every time for me. I believe it uses GMER technology to deal with rootkits.


--------------------
Message me for free microscopy services on Psilocybe, Panaeolus, and Gymnopilus species.

Looking for wild Panaeolus cinctulus and Panaeolus olivaceus prints.

Extras: Filter Print Post Top
Jump to top Pages: 1 | 2 | Next >  [ show all ]

Shop: Unfolding Nature Unfolding Nature: Being in the Implicate Order   PhytoExtractum Maeng Da Thai Kratom Leaf Powder   Kraken Kratom Red Vein Kratom


Similar ThreadsPosterViewsRepliesLast post
* Got spyware? popups? hidden files? annoying programs? ShroomismM 2,455 9 04/13/04 04:39 PM
by SkorpivoMusterion
* all my url links are hijacked by a search engine psilocyben 907 5 06/29/05 05:13 PM
by CptnGarden
* Homepage Hijacker Help ToTheSummit 2,280 10 12/14/03 05:30 PM
by AlienPrimate
* Sigh, Computer Infected..What should i do?
( 1 2 all )
Catalysis 3,777 29 11/24/04 10:24 PM
by Vvellum
* Quick Question - Changing Default Browser MisterKite 1,258 3 06/15/04 02:09 PM
by MisterKite
* Infected by evildoers *DELETED* dorkus 662 4 02/22/06 08:09 AM
by OJK
* please help with spyware/virus protection programs Edge 2,100 19 04/06/05 09:26 AM
by trendal
* favorite programs Vvellum 2,352 18 07/09/04 09:51 AM
by matts

Extra information
You cannot start new topics / You cannot reply to topics
HTML is disabled / BBCode is enabled
Moderator: trendal, automan, Northerner
4,071 topic views. 0 members, 0 guests and 1 web crawlers are browsing this forum.
[ Show Images Only | Sort by Score | Print Topic ]
Search this thread:

Copyright 1997-2024 Mind Media. Some rights reserved.

Generated in 0.028 seconds spending 0.008 seconds on 16 queries.