• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Hijacked browsers

M

Matt2277

Newbie
At 1st was only chrome that went to different pages about a virus but now also firefox and firefox private along with stock browser. Even clicking on Twitter link at an official site takes me to the site then after 1 minute goes to some gif site
Have gone to clear apps cache etc. Didn't work. Did factory reset still no joy
Any advice. No anti virus malware finding anything

Thanks
 
Oh Man, I had almost the exact same problem the other day on My Windows PC.

it came down to a Little Nasty called
Search.Bind virus.
Click to expand...
it infects browsers and migrates... A real pain to get rid of...usually comes bundled in some other thing you downloaded at some point.

I had to Nuke my whole Windows HDD and reinstall to get clear of it.

but what ever it takes to not have something like that on my devices right?

not sure if you've got search.bind but i figured it out by google searching part of the first redirect url it pushes up...

hope something here helps, not sure how but...

Good Luck

Astr4y4L
Team_Astr4y4L
 
Astr4y4L said:
Oh Man, I had almost the exact same problem the other day on My Windows PC.

it came down to a Little Nasty called
it infects browsers and migrates... A real pain to get rid of...usually comes bundled in some other thing you downloaded at some point.

I had to Nuke my whole Windows HDD and reinstall to get clear of it.

but what ever it takes to not have something like that on my devices right?

not sure if you've got search.bind but i figured it out by google searching part of the first redirect url it pushes up...

hope something here helps, not sure how but...

Good Luck

Astr4y4L
Team_Astr4y4L
Click to expand...
I've looked and cant find anything suspicious to remove that's the problem
 
Matt2277 said:
At 1st was only chrome that went to different pages about a virus but now also firefox and firefox private along with stock browser. Even clicking on Twitter link at an official site takes me to the site then after 1 minute goes to some gif site
Have gone to clear apps cache etc. Didn't work. Did factory reset still no joy
Any advice. No anti virus malware finding anything
Click to expand...

Just offhand, and this is just a probable but not an absolute, but it sounds like from all the things you have done to address the problem that this is a matter where some exploit has compromised the Android OS on your phone.
To fix something like this, you'll need to re-flash the stock ROM. Flashing a ROM is basically similar to a 'restore from image' process on a computer, where the original operating system replaces the problematic operating system. Stock ROMs are very model specific, so what is the exact model I.D. of your S7 Edge, which version of Android is it running, and who is your cellular carrier?

Regarding some of the things you already tried
-- Your phone's internal storage is divided into several partitions. Most are protected system partitions, and there's one that's the user data partition. The data partition is where all your data and apps you install are stored. As for the operating system partitions, unless you root your phone you only have very limited access to anything stored on them.
That's an important point because an anti-virus/anti-malware app that you install yourself is installed without system privileges so while it has complete access to that entire data partition, it can do very little to those system partitions. Another thing to keep in mind is there is no AV or malware cleanup utility in existence that can detect everything, and even more importantly never assume just because some app found and claimed to fix a problem that means there aren't others still there.
-- Also, a Factory Reset will only wipe that data partition clean, it does not have any affect on the system partitions. If the exploit was located in the data partition than it will get deleted but an OS that was infected before a Factory Reset will remain infected afterwards.
 
svim said:
Just offhand, and this is just a probable but not an absolute, but it sounds like from all the things you have done to address the problem that this is a matter where some exploit has compromised the Android OS on your phone.
To fix something like this, you'll need to re-flash the stock ROM. Flashing a ROM is basically similar to a 'restore from image' process on a computer, where the original operating system replaces the problematic operating system. Stock ROMs are very model specific, so what is the exact model I.D. of your S7 Edge, which version of Android is it running, and who is your cellular carrier?

Regarding some of the things you already tried
-- Your phone's internal storage is divided into several partitions. Most are protected system partitions, and there's one that's the user data partition. The data partition is where all your data and apps you install are stored. As for the operating system partitions, unless you root your phone you only have very limited access to anything stored on them.
That's an important point because an anti-virus/anti-malware app that you install yourself is installed without system privileges so while it has complete access to that entire data partition, it can do very little to those system partitions. Another thing to keep in mind is there is no AV or malware cleanup utility in existence that can detect everything, and even more importantly never assume just because some app found and claimed to fix a problem that means there aren't others still there.
-- Also, a Factory Reset will only wipe that data partition clean, it does not have any affect on the system partitions. If the exploit was located in the data partition than it will get deleted but an OS that was infected before a Factory Reset will remain infected afterwards.
Click to expand...

Have to say this info is absolutely correct.
the cleanest thing you can do to it now probably is to re-flash it to stock firmware using ODIN.

BE VERY CAREFUL THERE....
you can easily turn the annoying device into an annoying paperweight, by flashing the wrong image...

post your device details as suggested and someone here will help you to find the Correct firmware for the operation, if it's available, some carriers do not release the firmware for devices...
 
Refreshing the stock rom? My phone isnt rooted and I haven't the faintest idea how to Do this. Is my phone compromised now or is it just a hijacked browser?

Im.on 3 in the UK is this a difficult task. What do I need?

Thanks
 
When flashing a stock ROM onto your S7 E you do not need to be rooted. Third-party, custom ROMs require rooting.
As you already pointed out, you don't have just a hijacked browser, you have several. Since you've cleared caches, and done a Factory Reset, your options are getting more limited.
Unless you want to be more forthcoming about your phone model details, relevant suggestions are going to be even more limited.
 
I have adguard in just wondered if what's on my phone that's malicious and can see bank details emails or if it's just a browser hijack
 
I've got to send my phone back before my warranty runs out to Samsung as having graphics problems will they get rid of the virus and flash it for me if I ask? Or don't they do that as its not a hardware problem??
 
This revelation could be very beneficial. If you're sending it in anyway request it to be re-flashed. Do word things to minimize anything you might have done (don't just outright lie, there are lot of things that can be de-bunked while the phone is being examined) and hopefully that'll just be added in for nothing extra. Although if the graphics issue isn't hardware related flashing the ROM will be done anyway.
If you haven't backed up all your personal files and data since you did that Factory Reset, be sure to do so before sending it off.
Good luck.
 
What do you mean when you say Do word things to minimize anything you might have done ?
Will they flash it for me. The warranty is valid until June. Do I mention going on a forum ? I've a novice so they may thunk how does he know the phone needs flashing

Thanks
 
Maybe it would better phrased as, "... just don't state anything they can use against you."
You don't want them to be able to turn this around from being a warranty repair they have to pay for to one where you have to pay up because it was 'determined to be owner-instigated'.
 
Apologies, I shouldn't have mentioned any of that. Just tell them the truth, there's some kind of graphics issue plus you have different hi-jacked browsers and you already tried clearing caches and a Factory Reset. Let them take care of things.
 
got my phone back, got a letter saying they had fixed the touchscreen but nothing about the browser, i knew this would happen, samsung engineers have are so arrogant and know best, I told the person on the phone to make sure they sorted it, nothing mentioned
im guessing as they havent mentioned it they wont have flashed it like I asked?
 
still got the notes I made in memo on the phone, so that answers that. God forbid they might actually do what I ask instead of ignoring me
 
Standard procedure is often to flash the original firmware as part of the quality assurance testing. Are you sure they didn't do that?
 
The phone still has passwords and notes I've written in my memo app. Wouldn't it just nuke everything so nothing was left?

Was on a site tonight and couldn't watch a race and it kept going to another race
 
You must log in or register to reply here.
Back
Top Bottom