Browser hijacked

[guncrasher]

Just got my browser hijacked not sure how but related to glarysoft update.   Then home page got switched to glarysoft search.   I was able change home page and deleted glarysoft ms essential and malwarebytes found nothing.  If I just delete firefox will that just be me? Or do I have to reinstall windows to be safe.


Semp

[Bino]

Check your web proxy setting: Internet Explorer, "Internet Options", "Connections", "LAN Settings".  I've seen malware hijack "home" pages this way.

After you check IE, go to Firefox, too: "Tools", "Options", "Advanced", "Network", "Settings".

Make sure you have both set to "no proxy".

[Bizman]

Glarysoft is a legitimate family of computer maintenance programs. Their free versions need to be paid somehow and that's why they want you to install extras. That's not hijacking, you did it yourself. Read before clicking next and untick if necessary:

[guncrasher]

Bizman been using glarysoft.   I always check no for the toolbar as it always comes up. Same goes for any other install.   I never rush it.



Semp

[Bizman]

All right, somehow I didn't read who posted the question. Somehow I tend to think "Guncrasher" is some young no-tech, whilst "Semp" has gained reputable know-how in computers.  Ok, so it seems that Glarysoft has taken the shortest route in updating, making decisions on behalf of you about wanting their toolbar and search page. If it helps, you're not alone with that problem: Yesterday on Cnet someone had just the same experience at the last third of the page. I've seen that happen before, but can't remember which program it was. Anyway, it most probably isn't an intended browser hijack, rather a poorly coded update. A nice mail to Glary might give more light to this issue.

[guncrasher]

It's a hijack alright.  Spybot, malwarebytes and ms essential didn't find anything.  But esetonline did.  I have 2 win32/agent.lzhtoyu Trojan.   Crap,  gonna spend all day reformatting and reinstalling everything.  

Gonna dump essential and go back to eset.

Most likely the infection happened either looking at work pics on their bb, as that's where they are located.
Unless cnet has been hijacked as it was during an update that I found it.

edit: false alarm:  no troyan virus on my system.  what it found was the msihq bios installer and treated it as a variation of win32trojan.  I think glarysoft itself hijacked my browser w/o permission while downloading from cnet update.  as I I am pretty safe on this computer since i use it for paying my bills.  and this is the only one in my network.   I am paranoid now  still gonna reformat.

Semp

[Bizman]

Just what I thought: Glarysoft "helped" you in the update a little too much.

False positives are a PITA, luckily we have Google to find the truth. 

[cattb]

It's a hijack alright.  Spybot, malwarebytes and ms essential didn't find anything.  But esetonline did.  I have 2 win32/agent.lzhtoyu Trojan.   Crap,  gonna spend all day reformatting and reinstalling everything. 

Why don't you make a shadow copy or a image file.

I just installed windoze 7 pro 64 bit today and one of the first things I do after a fresh install is to make a image with ghost.

There are other programs which will do the same thing.

I will make about 4 images as build windoze 64 bit, then if the need arises which I need to reformat and install, the base is there ( Basic OS and some programs, drivers , and etc). So when disaster strikes, insert disk, get started with new format and image. Go have coffee, come back and finished.

[guncrasher]

It's a hijack alright.  Spybot, malwarebytes and ms essential didn't find anything.  But esetonline did.  I have 2 win32/agent.lzhtoyu Trojan.   Crap,  gonna spend all day reformatting and reinstalling everything.  

Why don't you make a shadow copy or a image file.

I just installed windoze 7 pro 64 bit today and one of the first things I do after a fresh install is to make a image with ghost.

There are other programs which will do the same thing.

I will make about 4 images as build windoze 64 bit, then if the need arises which I need to reformat and install, the base is there ( Basic OS and some programs, drivers , and etc). So when disaster strikes, insert disk, get started with new format and image. Go have coffee, come back and finished.

oh I have several.  but acronis refused to install a drive image saying it was invalid.   none of the image copies worked.  otherwise I would have just lost 2 weeks worth of films.



semp

edit:  I have two drives one is a wd 750g the other 1 tb hitachi deskstar.  the problem i had was windows was installed on the hitachi and for some reason this time it wouldnt let me install the image on the hitachi.  which is weird because i have transfered them between both of them before.  last time was about 1 year ago.  even though both hd are different sizes program will adjust.  anyway, i just moved all the data I had on the wd to cds which was about 3k ah movies and a few hundred vacation pics I had.

[MrRiplEy[H]]

That's the problem with backups and imaging, you constantly need to check the images actually work when restoring.

[Wayout]

Just got my browser hijacked not sure how but related to glarysoft update.   Then home page got switched to glarysoft search.   I was able change home page and deleted glarysoft ms essential and malwarebytes found nothing.  If I just delete firefox will that just be me? Or do I have to reinstall windows to be safe.
Semp

The newest version of glarysoft has a new checkbox added.  On the page that contains the checkboxes for the desktop icon and quich start icon there is a new on to make glarysoft search your homepage. It's checked by default.  Reinstall glarysoft and uncheck this box and you should be OK.

[guncrasher]

The newest version of glarysoft has a new checkbox added.  On the page that contains the checkboxes for the desktop icon and quich start icon there is a new on to make glarysoft search your homepage. It's checked by default.  Reinstall glarysoft and uncheck this box and you should be OK.

now somehow I missed that one.  like i said before all virus/trojan scans came back clean from ms essentials, malwarebytes and esset online.  I am just paranoid when it comes to computer as I once found 1000's of virus/trojans when my daughter was living with us and she would just disable av because it would interfeer with some of the d/l's she was sent.  I normally reinstall windows every six months anyway.  just a way to keep my system clean until i learn more about how to skuzzify my puter.  thanks to all for your help .


semp

[MrRiplEy[H]]

now somehow I missed that one.  like i said before all virus/trojan scans came back clean from ms essentials, malwarebytes and esset online.  I am just paranoid when it comes to computer as I once found 1000's of virus/trojans when my daughter was living with us and she would just disable av because it would interfeer with some of the d/l's she was sent.  I normally reinstall windows every six months anyway.  just a way to keep my system clean until i learn more about how to skuzzify my puter.  thanks to all for your help .


semp

Use windows for games only and let your family browse the internet safely using linux. They can do all the basic things, watch videos, listen to music, see powerpoints etc. without the danger of catching a virus.

It's an act of futility to install 20 different antiviruses and antimalwares because it's a losing battle. Either you adopt safe habits (not possible with women and kids in the family) or you change your environment to a safe one.

[Bruv119]

muppets hacked your computer when you went on their website I bet.

[guncrasher]

muppets hacked your computer when you went on their website I bet.

.


semp