Browser hijacker - redirect "virus"

rangedunits said:

I use OSX, not affected.

Click to expand...

Same here. The only problem I have ever had on this site was when like 50 copies of the same ad would appear on the bottom of the screen thus slowing me down. I ad block filtered them. Are they still there?

Yup me too. I got it yesterday and it kept on opening a web page saying Id won an iphone...

Eventually got rid of it by booting in safe mode and deleting the temp internet files from all users, in the local settings (hidden) folder. I had to use safe mode from the admin account, because I had lost privileges to the temp internet files as a user even with admin privilages...:gun::beer:

I should also add I suppose... I have a tendency to clear all temp files, internet, windows, etc, on a regular basis.

InfinitusEquitas said:

I should also add I suppose... I have a tendency to clear all temp files, internet, windows, etc, on a regular basis.

Click to expand...

I do that too, but as I mentioned I realised something was awry when I tried to open the temporary internet file folder. Somehow I no longer had access to it and hence why I rebooted in safe mode as a different user to delete the contents.

BTW there were 10 or so files all relating to "rstrui.exe"? :beer:

No problems here on this end.

Using ESET Internet security and AdBlock plus on Mozilla Firefox.

I do clear out my temp files every now and then with CCleaner.

It's back. WTF It does seem to come from here. I have not clicked on any ads .

It came back for me too. Id switched off noscript for a couple of mins and 6 new tabs opened all on their own... Noscript back on and all quitet...:beer:

BTW only had my bank page, email, a local garage webpage and LPF open, so common denoninator here is LPF.

I think certainly something is coming from LPF. Malwarebytes has popped up with a warning several times recently while I've been loading LPF.
I believe a couple warnings were for trojan.exploit.9
Edit: just did it with trojan.happili as well...

It hit me two days ago and plays music and opens windows but i close them immediately and go on about my business, the
sound tracks from the adds are annoying they come and go with out any windows opening, it's scary like a ghost in the machine.

I have been on no other web site that I think would have this, could youtube be infected ?

AVG has popped up twice and said it killed something.

So what's the best way to get rid of this crap and keep it away, sounds like nothing works so far :thinking:

I hate anything that Hijacks my computer and
SPAMS it...

I've been lucky and it hasn't happened again since the 16th.


Jerry

You can contact us at any time on our Website: J.BAUER Electronics

I'm a dumb IT guy so here's something you may be able to do to resolve it...

Type msconfig into the run command. Go to the startup tab and look for any suspicious programs and uncheck them and hit the apply button. If you get an access denied error don't worry it still worked.

Type regedit into the run command. Go to Hkey Local Machine -> Software -> Microsoft -> Shared Tools -> MSconfig

The things that you unchecked should show up under the folders startupreg or startupfolder below MSconfig. You should be able to see what those programs correspond with when you expand those two folders. If one of the programs looks like it goes with something you use don't mess with it...if it looks vague and obscure go ahead and delete it. This does not delete a program from your computer! All it does it is remove the program from the list of programs that startup when your computer starts up. Usually this will remove the symptoms of the virus/spyware (pretty sure you've actually got spyware but I could be wrong).

Once you can use the internet again try to download the following two free programs...malwarebytes and combofix. Malwarebytes is great at removing spyware and I use it a lot at work. Combofix is really used as a measure of last resort as it's a bit powerful and can accidentally delete something you need (I've never had that happen to me but I've heard it's happened so I'm at least acknowledging it as a possibility). I tend to use it only on severely affected machines. Combofix is really good at removing really malicious things called Rootkits.

I just got it AGAIN about an hour ago.
I go to Google;
Type in a search'
Results show up.
Click on a link and I am redirected to another site.
Here are some samples if you want to see:
Pogo.com - The Ultimate Online Gaming Experience!

searchding.com - search engine Resources and Information. This website is for sale!

Actually could do this all night.
GOOGLE gets hijacked.
I can't use it because I am constantly redirected.

Google is unusable. I tried Malwarebytes and it got rid of it for a day and now it’s back. Yahoo works but Google is hosed. Norton will not find it.
I have cleaned all temp files also. I need to find something that works.

I don't know how you guys keep getting this thing.
I go all over the internet and Google, without any antivirus anything (minus Adblock Plus on Chrome), and never have seen this ever.

I'll try to remember malwarebtyes for when my family gets this on their computers though (bound to happen sooner or later, every time I come back into town I do IT work for them lol).

The people having this problem could you please tell us what OS and browser/s you are using. Is this issue just hitting Windows and if so what version. Same with the browser type and version. Could you also tell us step by step what you did just before you are jacked. What page on LPF you are on last etc?

All the best

I am using Windows 7 & IE 8. McAfee anti virus.
I can not tell you where I was page by page, minute by minute.
I don't know I have it until I use Google.
It could have been there for a few minutes or a day.