Hijacking issue

professorj · Aug 30, 2010

Hi all,

I wanted to thank everyone here for help I previously received with a Trojan Vundo issue. You all are awesome!
Now, I'm having a much more benign issue, except it's annoying. The following are my symptoms, dr.:
1. If I run a Google search, the links I click on take me to random sites.
2. I can not get onto anti-malware sites, such as the one to download spybot and/or malwarebytes.
3. I can't run my anti-spyware - I have tried changing the names of the exe files and then I can run them, but they find nothing, perhaps because they are out of date. I can't update them either, it gives me an error message.

This is an old Dell computer and I'm running windows XP. If you have any suggestions, please let me know. Otherwise, I will download some updated anti-spyware from a different computer, and try to install/run it on my pc.

Best regards,
Professorj

Kestrel13! · Aug 30, 2010

Go to TDSSKiller and Download TDSSKiller.zip to your Desktop

Extract its contents to your Desktop so that you have TDSSKiller.exe directly on your Desktop and not in any subfolder of the Desktop.

Now double click the TDSSkiller.exe file to run it ( if using Vista or Windows 7 do not double click on it but rather, right click and select Run As Administrartor.

Allow the application to run and a window will open showing that it is TDSSkiller from Kaspersky

Click Start scan

It will run rather quickly and will notify you of whether anything is found or not.

Follow the instructions to delete/quarantine if asks you what to do when if finds something.

Whether an infection is found or not, a log file should be created on your C: drive ( or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run. Please attach this log to your next reply. (See: HOW TO: Attach Items To Your Post )

Also answer this:

Would SUPERantispyware run in either normal mode or safe mode?

Would Malware Bytes run in either normal mode or safe mode?

Have you run RootRepeal?

Is your copy of windows 7 64 bit or not?

If not then why did you not run combofix?

What about MGTools.exe?

Attach the TDSSKiller log and tell me how things are running.
Also address any questions that I asked.

professorj · Aug 30, 2010

thank you kestral!
and just to clarify, I have run the read first diagnostics, and am unable to complete the scanning steps, as I couldn't run those before.

now it appears I can run my anti-spyware software, and can access my links, but still can not access sites like Spybots or Malwarebytes or update the software. If there is an easy fix to this, please help me. If not, and it looks like I'll be okay, I can live with this.

again, thank you!

professorj · Aug 30, 2010

whoops, i just saw your full post. my apologies. will respond fully in a moment.

professorj · Aug 30, 2010

1. I ran Superantispyware in normal mode, but it found nothing and is out of date. I did not try in safe mode. Significantly out of date.
2. I ran Malware after changing file name but found nothing. I did not try in safe mode. Significantly out of date as well.
3. No, have not run it.
4. Windows XP Home 32 bit.
5. Sorry. Should I run it now?
6. Should I run it now?

Kestrel13! · Aug 30, 2010

Yes. Run everything that I asked you to run. You will need to update SAS and MBAM and attach those logs too even if they do not find anything.

You may find that you can run through the steps more smoothly now considering what TDSSKiller dealt with.

Log in or Sign up

Hijacking issue

professorj Private E-2

Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

professorj Private E-2

professorj Private E-2

professorj Private E-2

Attached Files:

TDSSKiller.2.4.1.3_30.08.2010_10.20.06_log.txt

Kestrel13! Super Malware Fighter - Major Dilemma Staff Member