Reading over a few recent posts on re-direct. (not to be mean)

View previous topic View next topic Go down

Reading over a few recent posts on re-direct. (not to be mean)

Post by TheHebe on 14th April 2010, 12:54 pm

I too have this issue of re-directing. Goes crazy! I can't log into my website (own domain - Hebenstreit.org: look it's NOT there!) and webpage (verizon account allotment) with any ftp program. Also for my website I can get to the support page of the server, but as soon as I log in, I get the page not found error. Moreover a 'search' shows it's a chached view from 6 April for Cpanal activated on server. It seems this mal-ware logs your 'viewing pleasure' and re-directs with certain actions (passwords). I have not attempted paypal, ebay or any banking (finance) sites.

Reading over the 'helps' I see the Geek Officers requesting folks go to a site to download certain programs. (MY pain is Malbytes program. I (I suspect WE) can't access that site! This mal-ware seems to block or re-direct these helpful sites. bleepingcomputer is such a site it is as if it knows what is there! ha ha ADDED NOTE: I tried : Download OTL by OldTimer to your Desktop. as Belahzur had posted to [You must be registered and logged in to see this link.] Which is another one the mal-ware won't allow.

((It would seem the mal-ware allows 'prior to infestation visited sites, unless and up to the point you have keyed in a password.))

I did get combofix from a friend who uploaded it to their server or I'd not have gotten it.

I don't know your view on this, but it would seem to be easier if such programs (free anyway) were provided through this server (since we are logging in here with success) - perhaps in a stickie? You know your going to ask people to post the logs to a program they can't get through links, searches...

****This may interest the Geek Police also... I couldn't find my first post so I tried the Search Forums feature, results page showed, but upon clicking the desired entry I was ReDirected as it does with major search engines. ****

The lack of being able to obtain the programs required for diagnosis to gain help from Geek Police (and many see you as the last Great Hope), is beyond frustrating...

I've spend last night copying files I wish saved off my c: drive to prepare to format that drive and re-install to start from scratch!

TheHebe
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2010-04-13
Gender Gender : Female
OS OS : Windows XP Home SP3
Points Points : 24336
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Reading over a few recent posts on re-direct. (not to be mean)

Post by Belahzur on 14th April 2010, 9:13 pm

Please download exeHelper from one of the two links.
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

  • Double-click on exeHelper.com or exeHelper.scr to run the fix.
  • A black window should pop up, press any key to close once the fix is completed.
  • Post the contents of log.txt (Will be created in the directory where you ran exeHelper.com)
Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245079
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Reading over a few recent posts on re-direct. (not to be mean)

Post by TheHebe on 14th April 2010, 9:48 pm

Managed to get it! (surprised me)

Here it is:

exeHelper by Raktor
Build 20100414
Run at 17:45:55 on 04/14/10
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

TheHebe
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2010-04-13
Gender Gender : Female
OS OS : Windows XP Home SP3
Points Points : 24336
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Reading over a few recent posts on re-direct. (not to be mean)

Post by Belahzur on 14th April 2010, 10:44 pm

Hello.

  • Download combofix from here
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See [You must be registered and logged in to see this link.] for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245079
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum