Firefox Hijacked by "mydomainadvisor".
Somehow, Firefox browser appears to have been hijacked by something called "mydomainadvisor". When I type a web address into Firefox, I am taken to a "file not found" page with a different address. Tried deleting browsing history, temp internet files and any file that includes that word, but no change. Seached for any files with that name on my computer and even done sys restore, but its still there. AVG etc do not find it. Any suggestions?
Solution choisie
Do a malware check with some malware scan programs. You need to scan with all programs because each program detects different malware. Make sure that you update each program to get the latest version of the database before doing a scan.
- http://www.malwarebytes.org/mbam.php - Malwarebytes' Anti-Malware
- http://www.superantispyware.com/ - SuperAntispyware
- http://www.microsoft.com/windows/products/winfamily/defender/default.mspx - Windows Defender: Home Page
- http://www.safer-networking.org/en/index.html - Spybot Search & Destroy
- http://www.lavasoft.com/products/ad_aware_free.php - Ad-Aware Free
See also "Spyware on Windows": http://kb.mozillazine.org/Popups_not_blocked and Searches are redirected to another site
Lire cette réponse dans son contexte 👍 4Toutes les réponses (14)
Solution choisie
Do a malware check with some malware scan programs. You need to scan with all programs because each program detects different malware. Make sure that you update each program to get the latest version of the database before doing a scan.
- http://www.malwarebytes.org/mbam.php - Malwarebytes' Anti-Malware
- http://www.superantispyware.com/ - SuperAntispyware
- http://www.microsoft.com/windows/products/winfamily/defender/default.mspx - Windows Defender: Home Page
- http://www.safer-networking.org/en/index.html - Spybot Search & Destroy
- http://www.lavasoft.com/products/ad_aware_free.php - Ad-Aware Free
See also "Spyware on Windows": http://kb.mozillazine.org/Popups_not_blocked and Searches are redirected to another site
Many thanks for that. Tried all progs and superantispyware was the only one that detected it and removed it. All now sorted. Thanks again!
I tried SuperAntiSpyware and it did not catch it, and worse is that is seems to be of dubious efficacy, in that, it now has a pop up coming up from my taskbar. What? more advertising? This is just the sort of thing I'm trying to get rid of, that is, software that jumps up and takes over parts of my computer to try to sell me something and/or redirects me to some other advertising crap. Anyone else have any idea how to remove partner12.mydomainadvisor.com aka, mydomainadvisor? I've tried sypbot, adaware, malwarebytes, superantispy, avira, Trend Micro's "house call." and I've uninstalled Mozilla, then reinstalled the newest version. This seems to be a pernicious hijack, and there seems to be very little information on the Internet about how to get rid of it. Anyone else have a fix? Thanks, Jim
I have the same problem and I, like judojim, have tried all the malware, spy things. . .EVERYTHING. This mydomainadvisor is a real pain. No matter what I type in the address bar I get taken to their spam page.
Please, can someone help?
Same boat as kincorransw -- I have been running several tools and all of them are telling me "zero threats detected", so apparently this mydomainadvisor is one step ahead of all the antivirus/antispyware/antimalware applications available!
To make matters worse, a search about mydomainadvisor in Google gets a lot of dubious-looking hits...many of the sites look like they're phishing / malicious just as much as mydomainadvisor!! Ditto forum posts---most of the replies and "answers" are meaningless and useless, and many of them tell you to download some unknown PC cleanup tool that I suspect is just MORE malware.
It's horrible, there is so much misinformation out there that it's been impossible to find the basic facts: 1) what files and registry keys need to be deleted to be rid of mydomainadvisor and 2) how can I prevent it from getting on my computer in the future?
No one seems to know anything about it or how to get rid of it. I'll run a restore disk before I pay to get rid of it. There are a couple that say they can. Money back guarantee! Yeah right!!! I've run AVG to Adaware and nothing. Pleas don't suggest anything unless you know it has worked. It's just a waste of time.
For what it matters, this mydomainadvisor.com malware/virus seems to be IP driven. I use this laptop at home and at a public library in town. I'm assuming they are 2 different IP addresses. The last 2 days I have noticed that I have no problem at the library. Only at home. Just a thought.
Ok I think I got it. The problem is something called visicom_antiphishing.exe. I imagine you'll see it running in your task manager. I think I picked it up from something called the blekko tool bar when i installed winamp or an add-on. You'll probably find it at C:\Program Files or here C:\Documents and Settings\All Users\Application Data. You may need to show hidden folders. More good info on this from gadget girl's post here http://pammiepi.blogspot.com/2011/04/steenkin-address-bar-search-redirect-to.html
The important bits:
Finally I looked under Run>MSCONFIG>Startup tab, & began removing suspicious or un-needed entries. I only had 6 or so entries, so I removed all but security related items. Still no go.
Finally, I removed one "security-related" looking entry that I don't recall ever installing. It was called Visicom_antiphishing.exe. Supposedly, this somehow utilizes lists of phishing websites maintained by Panda, which I don't use. Also, I don't use anti-phishing software, just A/V & anti-malware (not at all related to Panda or Visicom). I unchecked it from start-up & rebooted. Well, wouldn't you know, the problem went away. I typed a word into the address bar & Google search results came up! Yay!
This really bugged me.
ZEDMEX, you may be on to something. I use Vista am have the same Mydomainadvisor.com problem. After reading your fix, I went to the program file folder and deleted "Visicom Toolbar Cleaner." Sound familiar? Hope that does it. To early to tell, I just did it a few minutes ago, but I'll report back in a few days! Thank you!!!
Modifié le
It's back (or never left). I get hijacked (most often) when I click on Yahoo! at the top right of MY Yahoo homepage. One thing is a little different after removing the above files. Occasionally, when I click the Yahoo! icon on the top right of myYahoo, instead of a error message, links and a search box, I get a white page with "visicom-91.nationalnet.com " on the top left. Rest of the page is white.
Keep trying!
I never ran into Visicom Toolbar Cleaner, just the antiphishing.exe. You may want to go into msconfig per the above and see if anything unfamiliar is getting launched on startup. Good luck!
Nothing seems to work. I can't find antiphishing.exe anywhere. Not in programs or msconfig.
The only time I get relief is when I am away from my home wifi. I am in town at the Public Library and the different IP address be stopping it.
Keep me informed if anything new comes up.
Thank you.
I have the same problem when I try to access to some pages, also google doesn't load very well, but I never post any anti pishing tools.
If this might work I have panda cloud anti virus
This also seemed to work for me. I used Revo Uninstaller to uninstall Visicom. Also found and deleted blekko toolbar. Do Macs have these constant problems????