Google Links Hijacked

By CaptainKirk
Jan 13, 2009
  1. Hello,

    First off, this site is awesome.

    Next off, I think my dad has picked up a rather nasty beastie on his laptop. The symptom that tipped me off was that every Google/Yahoo link redirects to a different site (usually affiliated with AV2009). I see that this problem has cropped up several times on the first page of threads, but I do not want to hijack another thread.

    I have followed the 8 steps and attached are the logs. Any help is greatly appreciated.
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Okay, let's start here:
    Andy and Joni need to get their Cookies under control. I do think they each have every Tracking Cookie on the internet!
    Each account on this system needs this done:
    Reset Cookies:

    Put the following two Firefox add-ons on EACH account:
    AdBlock Plus:
    Easy List:
    Get all three lists

    Update Java:
    Update Adobe:
    Please re-open HiJackThis and scan.*Check* the boxes next to all the entries listed below.
    Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis and reboot into Safe Mode:

    The following are all "nuisance startups". They aren't needed on boot. Some will require additional file handling but we'll do that on next log.
    Start> Run> msconfig> enter> Selective Startup> Startup tab> UNCHECK all of the following:
    When through> click on Apply> OK

    Control Panel> Add/Remove Programs> remove the following:
    Reboot into Normal mode.
    Run a new scan with HijackThis and attach the new log.
    Please advise of what problem still exist since the cleaning programs were run.

    Please explain to them that when they go to the game site PopCap and use the coupon sites, they are picking up numerous Tracking Cookies each time. So it's important to put those add-ons on Firefox.

  3. CaptainKirk

    CaptainKirk TS Rookie Topic Starter

    Thanks for the help. It seems to be functioning normally (and much faster!) now.

    I actually competitively use WhatPulse, but the other tips were right on. Attached is the new HJT file.

    AVG detected the kit in sys restore, so I wiped the points and set a new one. I will probably do that again before all is said and done.

    Thanks again.

    Attached Files:

  4. JoanEB

    JoanEB TS Rookie

    awesome thread

    This thread is so full of the information I am looking for at this time.
    The steps to take, the cautions needed
    And I agree, this site is truly awesome, and I have been reading thru many of them in the past 2 days.
    Anyway, I am going to take into account the 8 steps, take my time and post things correctly and I'm sure I will also get this mess cleaned up toot sweet.

    One question
    How the heck did I get this darn av2009 in the first place. My McAffee is up to date and runs constantly with auto updates. Is this one of those things that sneak in the back door on emails? Sure would like to know how it came to live on my computer

    Thanks for all the info in your thread
  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Antivirus 2009 (formerly 2008) is readily available on the internet. It uses social networking to appear as though it is a reputable program:
    Official Looking: HERE HERE[/B]

    With another downlaod HERE: HERE
  6. CaptainKirk

    CaptainKirk TS Rookie Topic Starter

    Alright, I don't know if this is related to the original problem, but it now does not boot and instead displays hard disk failure errors. Could this be some form of virus trickery, or is it just a brick?
  7. JoanEB

    JoanEB TS Rookie

    Thanks for the info Bobbye - I was wondering how I got this.
  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    You're welcome Joan.

    Capt. Kirk, nothing we did should have caused a hard disc failure. But I need more information. Please read the information on the site below:
    There is an apparent failure of the hard disk; the hard disk is not bootable nor accessible at all

    Please note links to look for more specific error messages.

    How far did you get in the instructions in my Post #2?
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...