HELP! Hijacked redirected browser

View previous topic View next topic Go down

Re: HELP! Hijacked redirected browser

Post by Belahzur on Wed May 04, 2011 10:14 pm

Hello.

Download the [You must be registered and logged in to see this link.]. Unzip it to your Desktop.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any
"<--- ROOKIT" entries unless advised!

If possible rootkit activity is found, you will be asked if you would like to perform a full scan.

  • Click NO
  • In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
  • Now click the Scan button.
    Once the scan is complete, you may receive another notice about rootkit activity.
  • Click OK.
  • GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
  • Save it where you can easily find it, such as your desktop.

Post the contents of GMER.txt in your next reply.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: HELP! Hijacked redirected browser

Post by milmat1 on Wed May 04, 2011 11:37 pm

OK Will Do !!

milmat1
Novice
Novice

Posts Posts : 44
Joined Joined : 2010-06-12
OS OS : XP Pro
Points Points : 24286
# Likes # Likes : 0

View user profile

Back to top Go down

Re: HELP! Hijacked redirected browser

Post by milmat1 on Thu May 05, 2011 2:26 am

Scan took approx 2 hours. Hope i done this cor5rectly. After the scan I did not see any seperate box or info, Just what was on the mainscreen. I clicked save and saved the log copied and paisted it below:
GMER 1.0.15.15627 - [You must be registered and logged in to see this link.]
Rootkit scan 2011-05-04 22:21:11
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 TOSHIBA_MK8026GAX rev.PA002D
Running: gmer.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kftyyfoc.sys


---- System - GMER 1.0.15 ----

SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xAA682620]

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Files - GMER 1.0.15 ----

File C:\WINDOWS\KB2497640-IE8.log 6003 bytes
File C:\WINDOWS\LastGood 0 bytes
File C:\WINDOWS\LastGood\INF 0 bytes
File C:\WINDOWS\LastGood\INF\oem27.inf 0 bytes
File C:\WINDOWS\LastGood\INF\oem27.PNF 0 bytes

---- EOF - GMER 1.0.15 ----

milmat1
Novice
Novice

Posts Posts : 44
Joined Joined : 2010-06-12
OS OS : XP Pro
Points Points : 24286
# Likes # Likes : 0

View user profile

Back to top Go down

Re: HELP! Hijacked redirected browser

Post by Belahzur on Thu May 05, 2011 6:24 pm

Hello.

Run ESET Online Scan
Please do an online scan with [You must be registered and logged in to see this link.]. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: HELP! Hijacked redirected browser

Post by milmat1 on Fri May 06, 2011 7:52 am

After I clic AGREE and hit the download button, after about 5 mins the I.E. status bar will say "Done" ... Then I.E. Closes the window and gives the warning
"Internet Explorer has closed this webpage to help protect your computer
A malfunctioning or malicious add-on has caused Internet Explorer to close this webpage"

All IE Security and Privacy setting are set to there default MED/HI setting and the advanced tab is at "Restore advanced Settings"..

WTF Is going on with this PC....I am having trouble not shooting this darn machine !!

milmat1
Novice
Novice

Posts Posts : 44
Joined Joined : 2010-06-12
OS OS : XP Pro
Points Points : 24286
# Likes # Likes : 0

View user profile

Back to top Go down

Re: HELP! Hijacked redirected browser

Post by Belahzur on Fri May 06, 2011 7:20 pm

Hello.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

C:\Program Files\Internet Explorer\iexplore.exe" -extoff

This will open IE, but it will be running under no add-ons option, let me know how you get on, I suspect there is an IE browser addons causing trouble.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: HELP! Hijacked redirected browser

Post by milmat1 on Sat May 07, 2011 6:18 pm

Cannot download ESET scanner with addons disabled !

Is there a way to reinstall or repair the addons..?

I am Lost !

milmat1
Novice
Novice

Posts Posts : 44
Joined Joined : 2010-06-12
OS OS : XP Pro
Points Points : 24286
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum