Browser redirects to Shopica and various sites (Hijacked ?)

Page 3 of 3 Previous  1, 2, 3

View previous topic View next topic Go down

Browser redirects to Shopica and various sites (Hijacked ?)

Post by Resto on Sat 10 Jul 2010, 2:15 pm

First topic message reminder :

Running Windows XP SP2 and IE6.

Browser seems to be hijacked and redirects to Shopica and other similar sites. Seems to be some sort of a Google hijack. Earlier today, I ran MBAM in Safe Mode and found a few issues that I allowed it to fix. I then ran MBAM again in Normal Mode and it found one additional issue that I allowed it to fix. I ran AVG 9 after this and it found a few items that it fixed. Further scans looked like the system was clean, however when I get online and search within Google, it seems that I am redirected when I click on a result. Not sure what to do next, so I ran MBAM and HJT a few minutes ago. The most recent MBAM and HJT Logs are posted below. I can also post the earlier ones if they are needed.

Any assistance will be greatly appreciated. Thank you.
-----------------------------------------------------------------------------------------
Malwarebytes' Anti-Malware 1.46
[You must be registered and logged in to see this link.]

Database version: 4298

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

7/9/2010 10:46:17 PM
mbam-log-2010-07-09 (22-46-17).txt

Scan type: Quick scan
Objects scanned: 142990
Time elapsed: 5 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
------------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:46:58 PM, on 7/9/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\AGRSMMSG.exe
c:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [You must be registered and logged in to see this link.]
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Monitor] "C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [dsocfjro] C:\Documents and Settings\NetworkService\Local Settings\Application Data\patlnrdoh\yupnkditssd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [dsocfjro] C:\Documents and Settings\NetworkService\Local Settings\Application Data\patlnrdoh\yupnkditssd.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O8 - Extra context menu item: Google Sidewiki... - [You must be registered and logged in to see this link.] Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O16 - DPF: Garmin Communicator Plug-In - [You must be registered and logged in to see this link.]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [You must be registered and logged in to see this link.]
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 7907 bytes

Resto

Rookie Surfer
Rookie Surfer

Posts : 63
Joined : 2009-09-17
Operating System : Windows 7 64 bit

View user profile

Back to top Go down


Re: Browser redirects to Shopica and various sites (Hijacked ?)

Post by Resto on Thu 19 Aug 2010, 8:33 am

OK. Here's the log. Thanks.

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 17:32 on 18/08/2010 by HP_Owner (Administrator - Elevation successful)

========== regfind ==========

Searching for "UpperFilters"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}]
"UpperFilters"="PartMgr"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="VolSnap"

Searching for "LowerFilters"
No data found.

-=End Of File=-

Resto

Rookie Surfer
Rookie Surfer

Posts : 63
Joined : 2009-09-17
Operating System : Windows 7 64 bit

View user profile

Back to top Go down

Re: Browser redirects to Shopica and various sites (Hijacked ?)

Post by DragonMaster Jay on Fri 20 Aug 2010, 6:01 am

Please open Notepad and enter in the following:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"=-

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"=-

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"=-
Then, click File > Save as...
Save as upperfilter.reg to your Desktop.
Choose Save as type... All Files.
Click Save.

Then, exit Notepad.

Double-click on upperfilter.reg, and allow it to merge.

Reboot your computer, and try the disc drive again.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Browser redirects to Shopica and various sites (Hijacked ?)

Post by Resto on Fri 20 Aug 2010, 10:01 am

Unfortunately, this action did not work. Things are actually a bit worse and even more confusing. Here's what I can tell you:

E: drive is now titled DVD-RW Drive. Not sure what it was called before. It is actually a DVD/CD Writer, Player, etc. - so I'm not sure if this is correct.

Commercially purchased, recorded CD and DVD media are recognized and will play correctly.

Recorded media that have been burned on my computer are not recognized. When one of these discs is in the E: drive - clicking on properties shows "0" bytes used, "0" bytes free and "0" bytes capacity. Prior to the last action we took, these media would play.

Blank media (both DVD-R and CD) are not recognized. When a disc is inserted into the E: drive, the disc spins continuously. Clicking on properties gives no information and simply causes a continuous hour glass to appear.

When the button is pressed to eject the unreadable and continuously spinning disc, the drawer will frequently open with the disc still spinning at top speed.

I am sorry that this issue is consuming so much of your time and energy. I hope that you can come up with some additional ideas to help rectify this situation.

Thanks.

Resto

Rookie Surfer
Rookie Surfer

Posts : 63
Joined : 2009-09-17
Operating System : Windows 7 64 bit

View user profile

Back to top Go down

Re: Browser redirects to Shopica and various sites (Hijacked ?)

Post by DragonMaster Jay on Fri 20 Aug 2010, 7:31 pm

Ok. That means the solution did indeed work like planned. However, I think there are more steps to take. No biggie.

Right now, I would like to remove the drive from your system, as if the system has never seen it.

What I want to do is to uninstall the device from the Device Manager, reboot Windows, and see if Windows will install the correct device driver for it.

If not, then we will uninstall it again like above, and immediately after, use the correct device driver for it to be installed.

First, I need to know something, before we proceed, for safety reasons.

Do you have a drivers CD, which may have come with your computer?


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Browser redirects to Shopica and various sites (Hijacked ?)

Post by Resto on Sat 21 Aug 2010, 12:16 am

If correct driver is not installed by Windows after a device uninstall from Device Manager and a reboot, the documentation that came with my computer states that factory-installed drivers can be be reinstalled via the following methods if need be.

It appears that Step 1, below, would be the preferred method if we have to go there !

1. By using the HP Application Recovery program: Start -> All Programs -> PC Help & Tools -> HP Application Recovery -> Driver Installation -> Next -> Select Driver to Install -> Install

2. If the first step is unsuccessful, System Recovery can be run from the Hard Disc Drive. There are two options.

Standard Recovery, which recovers factory-shipped programs, drivers and operating system without affecting any data files....or Full System Recovery, which completely erases and reformats the Hard disc drive.

Start -> All Programs -> PC Help & Tools -> HP PC System Recovery -> You are prompted to confirm that Microsoft System Restore and Driver Rollback has been performed -> If you have not performed the Microsoft System Recovery and Driver Rollback, click Microsoft System Restore and follow onscreen instructions -> If Microsoft System Restore and Driver Rollback has been performed, click Yes to start the recovery process -> Follow onscreen instructions.

3. Run from recovery discs (DVDs) created from my hard disc drive. I created these discs as soon as I purchased the computer.

I hope this gives you the information you need to procedd with your recommended next steps. Looking forward to your reply. Thank you.

Resto

Rookie Surfer
Rookie Surfer

Posts : 63
Joined : 2009-09-17
Operating System : Windows 7 64 bit

View user profile

Back to top Go down

Re: Browser redirects to Shopica and various sites (Hijacked ?)

Post by DragonMaster Jay on Sat 21 Aug 2010, 4:43 pm

Good. ;)

Right-click on My Computer, and click on Manage.

Then, on the left, click on Device Manager.

Find DVD/CD-ROM drives, expand it, and for any listed, right-click and select Uninstall.

Reboot your computer.

On Windows logon, it shall prompt for you to install drivers for CD-ROM device(s). Allow the setup wizard to continue, and install its own driver.

Instead of providing disc, either choose to search via Windows Update, or choose from the list of provided drivers.

Let me know how far you get on this.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Browser redirects to Shopica and various sites (Hijacked ?)

Post by Resto on Sun 22 Aug 2010, 6:07 am

DragonMaster Jay,

Thanks a million. You have solved my problem.

The uninstall - reboot worked great. Upon reboot, Windows recognized my DVD/CD device and automatically installed the correct drivers.

The device is working perfectly. It reads and writes as it should. Both DVD and CD media (either recorded or blank) are correctly recognized.

I have now burned two DVDs with data I had been wanting to write since this problem began.

Thanks, again, for your tireless patience and willingness to assist.

Resto

Rookie Surfer
Rookie Surfer

Posts : 63
Joined : 2009-09-17
Operating System : Windows 7 64 bit

View user profile

Back to top Go down

Re: Browser redirects to Shopica and various sites (Hijacked ?)

Post by DragonMaster Jay on Sun 22 Aug 2010, 7:55 am

Yay. Good news.

I'm glad it worked out.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Browser redirects to Shopica and various sites (Hijacked ?)

Post by Sponsored content Today at 2:52 pm


Sponsored content


Back to top Go down

Page 3 of 3 Previous  1, 2, 3

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum