Calgarypuck Forums - The Unofficial Calgary Flames Fan Community
Old 04-22-2011, 12:14 PM   #1
LChoy
First Line Centre
 
LChoy's Avatar
 
Join Date: Feb 2007
Location: Toronto
Exp:
Default Google/Firefox re-direct - B00kmark
Hey CP

Was looking for some malware help. The Fiancée's computer has this annoying google/firefox redirect. Every search request on google goes to the B00kmark search site (hxxp://search.us.b00kmarks.com).
Normally, I would just run rkill and use Malwaerbytes in safe mode and it clears everything up. However, Malwarebytes haven't been able to find anything wrong. Google searches (using my clean computer) hasn't been able to dig up anything useful unless you count a half a dozen suspicious sites with fixes to download to solve the problem. I don't trust those sites, especially since all of have the same date stamp (Feb 21, 2011).
Wondering if anyone from CP have dealt with this particular malware

Thanks
__________________
LChoy is offline   Reply With Quote
Old 04-22-2011, 12:53 PM   #2
OilKiller
Lifetime Suspension
 
OilKiller's Avatar
 
Join Date: Feb 2004
Exp:
Default
Try a Hitman Pro scan and see if it finds anything: http://www.surfright.nl/en

SuperAntiSpyware as well if that doesn't: http://www.superantispyware.com/superantispyware.html

Last but not least, Norton Power Eraser: http://us.norton.com/support/DIY/index.jsp
OilKiller is offline   Reply With Quote
Old 04-22-2011, 01:01 PM   #3
Crazy Bacon Legs
Scoring Winger
 
Crazy Bacon Legs's Avatar
 
Join Date: Jul 2010
Location: Nice try, NSA
Exp:
Default
There are a few similar topics on the Bleeping Computer forums. It appears you're not the only one with the problem, and you may want to either follow some of the advice there.

This thread seems to involve someone actually solving and removing the infection:

http://www.bleepingcomputer.com/forums/topic391685.html

I'm not sure if this will help, but some of the scanners and tools referred to in that thread may help you out.
__________________
@crazybaconlegs ***Mod edit: You are not now, nor have you ever been, a hamster. Please stop claiming this.***
Crazy Bacon Legs is offline   Reply With Quote
Old 04-23-2011, 10:25 PM   #4
LChoy
First Line Centre
 
LChoy's Avatar
 
Join Date: Feb 2007
Location: Toronto
Exp:
Default
Thanks guys
it's getting more frustrating with it. It made all her program files "hidden" so it looks like everything has disappeared.
__________________
LChoy is offline   Reply With Quote
Old 04-23-2011, 10:31 PM   #5
Hack&Lube
Atomic Nerd
 
Join Date: Jul 2004
Location: Calgary
Exp:
Default
Dr. Web CureIt! has never failed me. Fixes host file too.

https://www.freedrweb.com/download+cureit+free/?lng=en
Last edited by Hack&Lube; 04-23-2011 at 10:43 PM.
Hack&Lube is offline   Reply With Quote
Old 04-23-2011, 10:38 PM   #6
ken0042
Playboy Mansion Poolboy
 
ken0042's Avatar
 
Join Date: Apr 2004
Location: Close enough to make a beer run during a TV timeout
Exp:
Default
Once you fix the computer- you will also need to fix your computer's host file. I'm on my iPhone now so can't tell you where it is; but basically it is telling all google requests to go to a different IP address.

Edit- looks like it can be found in XP at C:\WINDOWS\system32\drivers\etc (Open with Notepad)
Mine has a bunch of REM statements (start with #) then the only line is:
127.0.0.1 localhost
Last edited by ken0042; 04-23-2011 at 11:23 PM. Reason: Added info
ken0042 is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -6. The time now is 04:46 PM.
Calgary Flames
2024-25



Contact Us - Calgarypuck Forums - Unofficial Calgary Flames Community - Archive - Privacy Statement - Top

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
Copyright Calgarypuck 2021 | See Our Privacy Policy