HELP! Hijacked redirected browser

Page 2 of 2 Previous  1, 2

View previous topic View next topic Go down

HELP! Hijacked redirected browser

Post by milmat1 on Sat 30 Apr 2011, 3:49 pm

First topic message reminder :

I am trying to get this posted but having terrible time. I Posted a Thread I thought was in the intro section but it was in this same section...I cannot seem to get the logs posted at all...So Here goes another try without the files.
I will paiste the logs into seperate replies if this works..

I have been hours here so dont be too rough on me....

I have redirects that send me to all kinds of different pages....At seemingly random times. About the time I think it has stopped it shows again..

I have run:
1, CCLEANER
2,SUPERANTISPYWARE
3,MALEWAREBYTES

Will try logs in a reply....

THANKS FOR BEING PATIENT WITH ME !!

milmat1

Newbie Surfer
Newbie Surfer

Posts : 44
Joined : 2010-06-12
Operating System : XP Pro

View user profile

Back to top Go down


Re: HELP! Hijacked redirected browser

Post by Belahzur on Thu 05 May 2011, 9:14 am

Hello.

Download the GMER Rootkit Scanner. Unzip it to your Desktop.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any
"<--- ROOKIT" entries unless advised!

If possible rootkit activity is found, you will be asked if you would like to perform a full scan.

  • Click NO
  • In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
  • Now click the Scan button.
    Once the scan is complete, you may receive another notice about rootkit activity.
  • Click OK.
  • GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
  • Save it where you can easily find it, such as your desktop.

Post the contents of GMER.txt in your next reply.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: HELP! Hijacked redirected browser

Post by milmat1 on Thu 05 May 2011, 10:37 am

OK Will Do !!

milmat1

Newbie Surfer
Newbie Surfer

Posts : 44
Joined : 2010-06-12
Operating System : XP Pro

View user profile

Back to top Go down

Re: HELP! Hijacked redirected browser

Post by milmat1 on Thu 05 May 2011, 1:26 pm

Scan took approx 2 hours. Hope i done this cor5rectly. After the scan I did not see any seperate box or info, Just what was on the mainscreen. I clicked save and saved the log copied and paisted it below:
GMER 1.0.15.15627 - [You must be registered and logged in to see this link.]
Rootkit scan 2011-05-04 22:21:11
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 TOSHIBA_MK8026GAX rev.PA002D
Running: gmer.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kftyyfoc.sys


---- System - GMER 1.0.15 ----

SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xAA682620]

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Files - GMER 1.0.15 ----

File C:\WINDOWS\KB2497640-IE8.log 6003 bytes
File C:\WINDOWS\LastGood 0 bytes
File C:\WINDOWS\LastGood\INF 0 bytes
File C:\WINDOWS\LastGood\INF\oem27.inf 0 bytes
File C:\WINDOWS\LastGood\INF\oem27.PNF 0 bytes

---- EOF - GMER 1.0.15 ----

milmat1

Newbie Surfer
Newbie Surfer

Posts : 44
Joined : 2010-06-12
Operating System : XP Pro

View user profile

Back to top Go down

Re: HELP! Hijacked redirected browser

Post by Belahzur on Fri 06 May 2011, 5:24 am

Hello.

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: HELP! Hijacked redirected browser

Post by milmat1 on Fri 06 May 2011, 6:52 pm

After I clic AGREE and hit the download button, after about 5 mins the I.E. status bar will say "Done" ... Then I.E. Closes the window and gives the warning
"Internet Explorer has closed this webpage to help protect your computer
A malfunctioning or malicious add-on has caused Internet Explorer to close this webpage"

All IE Security and Privacy setting are set to there default MED/HI setting and the advanced tab is at "Restore advanced Settings"..

WTF Is going on with this PC....I am having trouble not shooting this darn machine !!

milmat1

Newbie Surfer
Newbie Surfer

Posts : 44
Joined : 2010-06-12
Operating System : XP Pro

View user profile

Back to top Go down

Re: HELP! Hijacked redirected browser

Post by Belahzur on Sat 07 May 2011, 6:20 am

Hello.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

C:\Program Files\Internet Explorer\iexplore.exe" -extoff

This will open IE, but it will be running under no add-ons option, let me know how you get on, I suspect there is an IE browser addons causing trouble.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: HELP! Hijacked redirected browser

Post by milmat1 on Sun 08 May 2011, 5:18 am

Cannot download ESET scanner with addons disabled !

Is there a way to reinstall or repair the addons..?

I am Lost !

milmat1

Newbie Surfer
Newbie Surfer

Posts : 44
Joined : 2010-06-12
Operating System : XP Pro

View user profile

Back to top Go down

Re: HELP! Hijacked redirected browser

Post by Sponsored content Today at 9:47 am


Sponsored content


Back to top Go down

Page 2 of 2 Previous  1, 2

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum