Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

google redirecting to B00kmarks.

Status
Not open for further replies.

1043

Vendor
Jan 7, 2004
1,791
US
Any recomended programs to remove this malware.(B00kmarks 7search)... Malewareabytes,Spybot,Trojan Remover find no problem.AVG Antivirus finds nothing.
 
1. Download ComboFix onto a USB flash drive or onto computer.
2. Boot into SAFE MODE or regular mode (if required) and uninstall your anti-virus software. Yes - remove it. Reboot.
3. Clean out temp files and registry with CCleaner. Save before making registry changes each time until no more errors.
4. Reboot computer in Safe Mode with networking (hopefully you can attach the PC to a wired/ethernet connection vs. wireless because some wireless will not work in safe mode and you NEED internet).
5. Launch combofix and allow it to do its thing. Follow screen prompts and do what it says to do/NOT to do.
6. When computer has restarted for the last time, check things out.
7. Turn OFF system restore to flush out anything left
8. Reinstall anti-virus and MalwareByte's Anti-Malware. Run a full scan using each (at different times) and see if things are clean.
9. Turn System Restore ON.

Fair warning: Combofix will hose a few computers out of every hundred or so. Not likely, but possible.
 
Thanks man. I'll try and let you know.
 
On second thought, before running combofix, how do you know it's actually malware and not some setting or malfunction within Firefox?

Does it happen in IE?

I can't find anything on the internet like that. If that was malware, it wouldn't be any good to the producer. They want to take you to THEIR site of choice, not your bookmarks.
 
It is a XP CPU running IE8. She had her antivirus expire and left it go. She told me that everytime she Googles it takes her somewhere else. I verified. Sometime to B00kmarks.com sometimes to search7.com. I checked LAN settings in IE settings to make sure proxy server wasn't set, I ran cleanup to arase temp files and ran Trojan Remover,Malewareabytes, and Spybot , removed old Antivirus and installed AVG ,all found nothing. If I type the URL out I get website under construction or website not reachable.

Its not my bookmarks its a B00kmarks.com website.

 
Not sure of the websites posted in link so I wanted to run it by tek-tips forum first.
 
I thought it went to one of HER BOOKMARKS. Yeah, sounds virus-y then. Do what I suggested.
 
Thanks for the help.
ComboFix kept seeing my antivirus even after it was uninstalled completely and scared the crap out of me. I didn't feel like reinstalling software so I keep looking and found the following software link for "TDS SKiller"

fixed the problem in 2 minutes.
 
Forgot to mention this also had something to do with the dreaded "just in time debug maleware" the program fixed everything.
 
Normally I recommend TDSSKiller before Combofix. Not sure why I didn't this time.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top