Browsers Hijacked not able to remove

My browsers are hijacked (when I search and click on the link it takes to totally different pages etc) I thought its an IE problem so tried installing Chrome, Mozilla and Safari but its happening with all of these browsers.

I checked viertually all the tools on this forum and ran them but this thing is just not going away

Please help

 

Once you get a serious infection , it is best to copy off all personal stuff and recover using recovery partition or do a format and re-install your os.

 

I got something similar on Saturday evening. My browser crashed (IE8) and cpu was running at zero, and my system was running so slow. I did a scan with AVG and it took an horrendously 3 and half hours as opposed to the usual 30 - 40 mins. I also installed Firefox on Sunday night and now this seems to be crashing as well. Scans are not finding anything. My computer seems to be running fine now process wise, it's just my internet browsers keep freezing on me.

 

You have a rootkit, which is not normally detected by conventional AV programs.

download and run gmer

www.gmer.net

This will not fix it but give you an indication where the rootkit is.

For example, I have run into this twice in the last week where the legitimate atapi.sys file was replaced with a bogus one


Report back the results

 

Back-up your important DATA and do a clean install. It's the only way to be sure.

 

By installing all the different browsers, you effectively let the virus take advantage of all their compromises and security holes (which they all have).

Do a clean install as suggested many times.

Cheers!

 

Have you tried scanning the system within Safe Mode?
Also, which protection software are you using exactly?
You might benefit from having MSE and MBAM.
Update them, restart computer in safe mode, and scan away.

I had a similar issue years ago myself, and the issue didn't go away until I installed decent software that was able to remove it (ad-aware at the time) and ran it from Safe Mode.

 

Try out ComboFix. Click on the link on the following page that says "Bleeping Computer."

We use Combofix at work to get rid of rootkits. It does a fine job, but it isn't for the faint of heart, it can sometimes break a Windows install, requiring a Hive restore (commonly known as a system restore from a restore point) or chkdsk or system file check.

95% of the time it gets the job done.

Tips:
1. After downloading combofix, rename it iexplore
2. Try to run combofix in safe mode (do this by pressing f8 at boot, select Safe Mode with Networking).
3. Make sure you have an internet connection while running ComboFix. It needs access to the net to install the Windows Recovery Console, for use in case things go from bad to worse.
4. Follow ComboFix's instructions, don't press any buttons or mess with anything while it is running. If a virus of piece of malware seems to be going insane, ignore it. ComboFix was designed to plough through that crap no matter what. Let it do it's thing.

Most of the time, Combofix will nuke whatever is causing the issue, and we follow up with a MalwareBytes Free scan.

 

You could also try scanning your system with Hitman Pro.

You will need an active internet connection while scanning. Its very fast and very light. If it does find an infection, you will need to activate the free 30-day licence key to remove it. Sanning is free for for the lifetime of the product.

Cheers and good luck.