ie seems to be hijacked- any suggestions on what to do?

Discussion in 'malware problems & news' started by robinb, Dec 3, 2010.

Thread Status:
Not open for further replies.
  1. robinb

    robinb Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    456
    Location:
    NJ
    I am working on a client's computer that it seems his internet explorer has been hijacked. If you try to do a search or even try to type in a website it goes to an add website and this happens over and over.
    I ran superantispyware pro and it found 1,896 adware but it will not get rid of this problem. I even ran it in safe mode
    the browser is still hijacked
    I ran malwarebytes and it found nothing
    I ran ccleaner prior to running the two antispyware programs
    Got any ideas how to fix this?
    I had to download superantispyware and malwarebytes on a flash drive and bring it over to the computer because ie kept looping and looping and would not go to any of the program websites
    I did this also with Avast free which i also ran and states no viruses no nothing
    robin
     
  2. atomomega

    atomomega Registered Member

    Joined:
    Jul 27, 2010
    Posts:
    1,285
    try a Force Breach with Hitman Pro.... and then try Norton Power Eraser
     
  3. philby

    philby Registered Member

    Joined:
    Jan 10, 2008
    Posts:
    940
    Hi robinB

    People will laugh, but you should try system restore - seriously!

    I tried to help an elderly relative with an IE redirect issue only last week. I found, suspended and removed the bad processes using Process Explorer and Autoruns but then scans with Prevx and MBAM kept throwing up new suspect files after every manual clean up and reboot, mostly in %temp%.

    After several hours of amateur sleuthing, chasing re-spawning files and start-up entries, I tried system restore for the hell of it and it worked.

    Just try it, worth a shot - I felt a right lemon not having done the simple thing first.

    philby

    EDIT You've probably already done so, but check IE for an unwelcome proxy setting under Tools > Internet Options > Connections...
     
    Last edited: Dec 3, 2010
  4. illicit

    illicit Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    91
    Check the hosts file. Had a similar issue recently, even after removing all malware, issue persisted. Had to unlock and reset the hosts file.
     
  5. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    Run a scan with DrWeb Cureit in Safe Mode to see if it detects anything.
     
  6. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,213
    I would also try DrWeb and Avira from CD without starting Windows.
     
  7. scott1256ca

    scott1256ca Registered Member

    Joined:
    Aug 18, 2009
    Posts:
    144
    Just for kicks, check what DNS server is being used. Perhaps try OpenDNS or Norton or something and see if that changes things.
     
  8. FiOS Dan

    FiOS Dan Registered Member

    Joined:
    May 24, 2006
    Posts:
    86
    Location:
    Redondo Beach, CA
    Have you checked the proxy settings?
     
  9. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    DNS cache, Router DNS.
    If you set DNS at the computer you can disable DNS caching in services of Admin Tools.
    If it's the router, reset with pin on back, create all new passwords set router DNS to something like OpenDNS.

    There is a batch script at Geeks to Go for checking the router.
    Check their cleaning forum for "Google redirect .bat".

    Is there a good firewall installed?
    OA and Comodo Firewalls/HIPS have different qualities of protection for networking. OA is the stronger of the two but not impervious.

    Just for fun rename mbam.exe in the Malwarebytes folder, run a FULL scan.
    I had a malware file sitting on my desktop, wasn't detected during quick scan but was detected during full scan.
     
  10. BG

    BG Registered Member

    Joined:
    Jun 14, 2003
    Posts:
    214
  11. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
  12. robinb

    robinb Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    456
    Location:
    NJ
    i tried all your suggestions and still nothing

    this laptop is 6yrears old and has a very hardware problems on top of it and i advised my client to purchase a new one because for what i would charge to reformat this drive he could purchase a new computer, and with the cd not working and some of the keys keep popping out- and the age since it is running xp home, it is just worth the non aggrivation and price it would cost for him to fix this and find that once it is reformated and everything put back on, something else could go on it
    I did backup his data and scanned it on my test machine for viruses/trojans, etc
    thanks anyway for all your help
    robin
     
  13. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Very interesting indeed. Some stealth malware might be there. It might be a fun to find it.
     
Loading...
Thread Status:
Not open for further replies.