Author Topic: Browsers hijacked ... ?  (Read 12090 times)

0 Members and 1 Guest are viewing this topic.

Offline jdsaggiefan

  • Newbie
  • *
  • Join Date: Feb 2013
  • Posts: 1
  • Karma: 0
    • View Profile
Browsers hijacked ... ?
« on: February 13, 2013, 04:32:22 am »
The Google browser has been hijacked by AVG and Firefox by Babylon. They both block all attempts to reset the homepages. Malwarebytes and my other antivirus software does not find anything. When I attempt to download other spyware/malware program to try to fix the problem, the downloads are interrupted by error messages that the download is being blocked by a program on my computer. (I do not recall the exact wording, sorry. I can get it again, if it is needed.) I have all but stopped using the computer for fear of giving up personal/financial information.

What can I do get rid of these and clear my computer.

Any suggestions would be very much appreciated! Thank you!

Offline Shane

  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9281
  • Location: USA
  • Karma: 137
  • "Knowledge should be shared not hidden."
    • View Profile
Re: Browsers hijacked ... ?
« Reply #1 on: February 13, 2013, 11:23:14 am »
The system sounds infected. You may have to download these tools on a another computer, put them on a thumb drive then run them on yours.

Try all 3 of these.

tdsskiller.exe
http://support.kaspersky.com/5350

Malwarebytes Anti Rootkit (THis is different than there main program)
http://www.malwarebytes.org/products/mbar/

Combofix.exe
http://www.bleepingcomputer.com/download/combofix/

Let me know how those go :wink:

Shane

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: Browsers hijacked ... ?
« Reply #2 on: February 13, 2013, 09:32:11 pm »
Hi,     Besides the method advised by sr. shane, i would like to share this. It may seem funny, but malware bytes do not catch babylon, a nasty browser hijack. I would advise you to go to my firefox link.
          1. turn off system restore on all the drives thro going to my computer properties
           2. Search babylon in search box and delete all those possible entries. Some could not be deleted
             3Boot the computer in safe mode, and then on Run, type regedit  and go to edit menu. In find menu, check for babylon and delete the first entry, and then go on to find babylon by using f3 and delete all those entries.
                 4. Get your windows cd , and start windows from cd and when starting window menu comes choose R for repair and go to c: windows, You have to give 1 and then if pass word is protected , give the pass word to go to c: windows. Type fixmbr and say yes to default change of mbr. There it deletes those stained entries the program does to the master boot record.
                       5. Uninstall the firefox, or google including private settings and then reinstall.
                          6.Now your problem is gone. I have given these after clearing these bhjacks from fellow computers to 100 success. No second thought about it. Shane, sir, This is why i am asking you to include some special protection.
           
The Bottom line is "Check your hardware first if it supports the task you try".

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: Browsers hijacked ... ?
« Reply #3 on: February 13, 2013, 09:37:42 pm »
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Evan

  • Newbie
  • *
  • Join Date: Oct 2011
  • Posts: 11
  • Karma: 1
    • View Profile
Re: Browsers hijacked ... ?
« Reply #4 on: February 13, 2013, 11:55:22 pm »
Run all of Shane's fixes via Safe Mode. Do you know how to boot into Safe Mode?

Evan

Offline Shane

  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9281
  • Location: USA
  • Karma: 137
  • "Knowledge should be shared not hidden."
    • View Profile
Re: Browsers hijacked ... ?
« Reply #5 on: February 14, 2013, 05:29:23 pm »
Evan he is asking for me to make a program that would monitor and protect things that change the browsers. I answered this in another thread of his :wink:

Shane

Offline Evan

  • Newbie
  • *
  • Join Date: Oct 2011
  • Posts: 11
  • Karma: 1
    • View Profile
Re: Browsers hijacked ... ?
« Reply #6 on: February 15, 2013, 09:54:34 pm »
Oh. my bad. Problem solved then.  :wink:

Evan

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: Browsers hijacked ... ?
« Reply #7 on: February 18, 2013, 01:51:37 am »
Hi, Thanks shan. But babylon tool bar malware or trojan, is not being captured by either tdskiller, . Malware bytes only catches funmoods, when i run. I have asked to provide some solution, as these programs are being injected when downloading mostly free software from reputed sites like cnet, softonic etc. So, shan, sir, may try to give a kind-a-warning message when downloading programs., not as a whole monitoring tool. I think he has been giving tools which are provided by others on monetary basis. He is also giving immediate replies to any concern. Thanks once again
The Bottom line is "Check your hardware first if it supports the task you try".

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: Browsers hijacked ... ?
« Reply #8 on: March 19, 2013, 12:52:54 am »
Hi,   Have you tried  in this regard. Since all the downloads except major geeks, which i think is secure, all other downloads carry with them the browser hijack tool bar programs. Even selecting custom installation tab, and dis selecting the tool bar options would not prevent them from being installed automatically thro, backdoor hidden processes. A status bar will be there to see. Nothing else before the installation is complete. Then unnecessary hijacks of the browser, warning of default user browsers to continue their browser etc . and then hazardous manual removing of these registry entries take much valuable hours of computer time and also a "not sure secured safe searching of web pages".Hence in this connection, iand most members and users would request that some kind of warning at the downloading processes would be helpful for the users to stop them installing malicious trojans and discriminate data entries in the registry also.
The Bottom line is "Check your hardware first if it supports the task you try".