Groups

    Search engine hijacked ? advise needed please,

    I'm having problems with google, when i use it to search something, it opens up another search engine & my anti-virus (Avast) screams at me that a trogan was stopped & then it shuts the page down for me. The odd thing is if i go through my favourites tabs they all open up fine.Just seems to be when i go through google. I've done system restore back to the start of the month, i thought that had sorted it, but it didnt.

    I'm on windows xp, ive done a scan with Avast but it hasnt thrown anything up.

    any ideas guys/gals. Ive just downloaded Malwarebytes is that any good or is there any other recommendations I could do

    many thanks.

    16 Comments

    Malwarebytes is the best

    Original Poster

    tonyg1962;7276204

    Malwarebytes is the best



    Just as im typing this the box has popped up saying nothing found, but there is definantly something not right :thinking:

    richp;7276261

    Just as im typing this the box has popped up saying nothing found, but … Just as im typing this the box has popped up saying nothing found, but there is definantly something not right :thinking:


    [FONT=Verdana]
    I would suggest using the following utility to scan your computer as well and also you should clear out of all of the cookies & temporary internet files on your computer.

    Download Spybot Search & Destroy 1.6.2 - FileHippo.com
    filehippo.com/dow…oy/

    Also check out your start-up items, via MSCONFIG, to see if there are executables listed there that don't match what you should have in place.

    Cheers, Scotty Boy! :thumbsup:[/FONT]

    Banned

    lol this happened to my mum after she installed something...........it was only the ask toolbar search thingy that was bundled

    tonyg1962;7276204

    Malwarebytes is the best

    Do this now.

    worth investing in Norton 360, i was sceptical of the software at first, but it is very smooth and fast and will get things avast and avg miss, the problems w modern trojans is that they leave files all over your hard disk and can be v. difficult to get rid of

    Original Poster

    Scotty Boy;7276300

    [FONT=Verdana]I would suggest using the following utility to scan your … [FONT=Verdana]I would suggest using the following utility to scan your computer as well and also you should clear out of all of the cookies & temporary internet files on your computer.Download Spybot Search & Destroy 1.6.2 - FileHippo.comhttp://www.filehippo.com/download_spybot_search_destroy/Also check out your start-up items, via MSCONFIG, to see if there are executables listed there that don't match what you should have in place.Cheers, Scotty Boy! :thumbsup:[/FONT]



    cheers Scotty boy, did the scan only 2 items come up, got rid of them , but google is still the same, but If i use another search engine its fine as I've now had to set my main search engine as Yahoo.

    the MSCONFIG, to be honest means nothing to me, in the respect of I've no idea what im looking at :oops:

    this is possibly the last resort but would a complet restore fix it ? I'm a bit loathed to do this as nothing else is wrong with the PC (as far as im aware), just the web pages. The computer is a Medion akoya netbook, it has one drive but split into 2, with one halve containing a D drive rescue.

    any other suggestions gratefully accepted.

    many thanks to everyone else for the input :thumbsup:

    Banned

    richp;7277176

    cheers Scotty boy, did the scan only 2 items come up, got rid of them , … cheers Scotty boy, did the scan only 2 items come up, got rid of them , but google is still the same, but If i use another search engine its fine as I've now had to set my main search engine as Yahoo.the MSCONFIG, to be honest means nothing to me, in the respect of I've no idea what im looking at :oops:this is possibly the last resort but would a complet restore fix it ? I'm a bit loathed to do this as nothing else is wrong with the PC (as far as im aware), just the web pages. The computer is a Medion akoya netbook, it has one drive but split into 2, with one halve containing a D drive rescue.any other suggestions gratefully accepted.many thanks to everyone else for the input :thumbsup:


    why not just do a system restore to a date before the problems started. Then try google again.

    Original Poster

    csiman;7277282

    why not just do a system restore to a date before the problems started. … why not just do a system restore to a date before the problems started. Then try google again.



    i did that went back to dec 1st, when i knew things were ok , but same thing is happening after the system restore.

    give me a car engine to strip & re-build, i can do that with me eyes shut, but this problem :thinking:

    Banned

    as suggested earlier, install malwarebytes and run a full scan

    majorgeeks.com/dow…756

    use hijackthis, fixed a similar browser problem for me that the others couldn't fix

    free.antivirus.com/hij…is/

    Original Poster

    cheers for all you help guys, I've used/done everything you have all suggested. Malwarebytes 1st scan shows infection, 2nd scan shows clear, to be honest these dont mean much to me just that it shows it all clear & Spybot shows nothing either, so I'm hoping things are clear now. If it does do it again, then it looks like a trip to PC World to let them re-install it again, as I'm not sure how to do that.

    once again guys i really appriciate all your help & taking the time to give me advice.


    Malwarebytes 1st scan

    Malwarebytes' Anti-Malware 1.42Database version: 3392Windows 5.1.2600 … Malwarebytes' Anti-Malware 1.42Database version: 3392Windows 5.1.2600 Service Pack 3Internet Explorer 8.0.6001.1870219/12/2009 12:02:54mbam-log-2009-12-19 (12-02-54).txtScan type: Full Scan (C:\|)Objects scanned: 228787Time elapsed: 39 minute(s), 59 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 11Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:C:\Documents and Settings\dad\Local Settings\Temp\imfwbf.dll (Malware.Packer) -> Quarantined and deleted successfully.C:\Documents and Settings\HelpAssistant.OWNER-33D4A474F\Local Settings\Temp\imfwbf.dll (Malware.Packer) -> Quarantined and deleted successfully.C:\System Volume Information\_restore{238E59AC-91FF-4DB1-81BE-157C8C31B58A}\RP280\A0102547.dll (Malware.Packer) -> Quarantined and deleted successfully.C:\System Volume Information\_restore{238E59AC-91FF-4DB1-81BE-157C8C31B58A}\RP280\A0103550.dll (Malware.Packer) -> Quarantined and deleted successfully.C:\System Volume Information\_restore{238E59AC-91FF-4DB1-81BE-157C8C31B58A}\RP280\A0104552.dll (Malware.Packer) -> Quarantined and deleted successfully.C:\System Volume Information\_restore{238E59AC-91FF-4DB1-81BE-157C8C31B58A}\RP281\A0105551.dll (Malware.Packer) -> Quarantined and deleted successfully.C:\System Volume Information\_restore{238E59AC-91FF-4DB1-81BE-157C8C31B58A}\RP281\A0106018.dll (Malware.Packer) -> Quarantined and deleted successfully.C:\System Volume Information\_restore{238E59AC-91FF-4DB1-81BE-157C8C31B58A}\RP282\A0106674.dll (Malware.Packer) -> Quarantined and deleted successfully.C:\System Volume Information\_restore{238E59AC-91FF-4DB1-81BE-157C8C31B58A}\RP283\A0107749.dll (Malware.Packer) -> Quarantined and deleted successfully.C:\System Volume Information\_restore{238E59AC-91FF-4DB1-81BE-157C8C31B58A}\RP283\A0108705.dll (Malware.Packer) -> Quarantined and deleted successfully.C:\System Volume Information\_restore{238E59AC-91FF-4DB1-81BE-157C8C31B58A}\RP283\A0108824.dll (Malware.Packer) -> Quarantined and deleted successfully.



    2nd malwarebytes scan:

    Malwarebytes' Anti-Malware 1.42Database version: 3392Windows 5.1.2600 … Malwarebytes' Anti-Malware 1.42Database version: 3392Windows 5.1.2600 Service Pack 3Internet Explorer 8.0.6001.1870220/12/2009 00:59:41mbam-log-2009-12-20 (00-59-41).txtScan type: Quick ScanObjects scanned: 155468Time elapsed: 16 minute(s), 1 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected)

    Banned

    does google work now then?

    Original Poster

    csiman;7282485

    does google work now then?



    appears to be fine :thumbsup:

    I have to be honest, I've never had this sort of trouble before with any of my Pc's over the years, just switch on & go.

    Banned

    richp;7282538

    appears to be fine :thumbsup:I have to be honest, I've never had this … appears to be fine :thumbsup:I have to be honest, I've never had this sort of trouble before with any of my Pc's over the years, just switch on & go.


    cool - gd luck :thumbsup:

    Jsut be careful guys, hijackthis is a powerful program, if you dont know what youre doing it could do more harm than good, seek advice from a technical forums such as bleepingcomputer :thumbsup:
    Post a comment
    Avatar
    @
      Text
      Top Discussions
      1. Simply games French cases?22
      2. Is 'Isisue' a fake website/does it sell fake brands55
      3. Iphone 7 - What Case?11
      4. Led light bulbs. Never used them, what do I need to know?36

      See more discussions