Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser Redirect


  • Please log in to reply
10 replies to this topic

#1 emartin567

emartin567

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 03 January 2010 - 09:59 AM

I'm having a browser redirect problem like many on the forum. It seems the solution is very case specific and complicated. If someone could walk me through the steps to fix the problem, I'd really appreciate it because I'm about at wits end!! Also, if there are steps I can follow on my own, please let me know.

Thanks in advance!

BC AdBot (Login to Remove)

 


#2 swagger

swagger

  • Members
  • 476 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina
  • Local time:12:03 AM

Posted 04 January 2010 - 08:35 AM

Hello emartin567 and welcome to Bleeping Computer! :thumbsup:

Please read and follow the entire instruction set below:

::MBAM::

Please download Malwarebytes Anti-Malware (v1.43) and save it to your desktop.alternate download link 1
alternate download link 2
MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

::GMER::

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

In your next reply, please include the following log(s):
  • MBAM
  • GMER
Regards,
swagger

#3 emartin567

emartin567
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 24 January 2010 - 09:36 AM

This is the MBAM log. The first two times I ran it, it found nothing and the third time it found 19 malware items, which seems odd. THe GMER keeps locking up my computer but I'll try to run it again shortly.

Malwarebytes' Anti-Malware 1.44
Database version: 3510
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

1/24/2010 8:34:26 AM
mbam-log-2010-01-24 (08-34-26).txt

Scan type: Quick Scan
Objects scanned: 132722
Time elapsed: 9 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 6
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 11

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
c:\WINDOWS\system32\fio32.dll (Worm.KoobFace) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fioo32 (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\fio32 (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_FIO32 (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_FIOO32 (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SfX (Rootkit.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\fioo32 (Worm.KoobFace) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\system32\fio32.dll (Worm.KoobFace) -> Delete on reboot.
C:\Documents and Settings\Owner\My Documents\downloads\setup.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\fio32.sys (Worm.Koobface) -> Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\Temp\zpskon_1261268955.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\010112010146103110.xxe (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\010112010146111103.xxe (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\0101120101465348.xxe (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\0101120101465450.xxe (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\fdgg34353edfgdfdf (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\010112010146101105.rx (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\mmsmark3.dat (KoobFace.Trace) -> Quarantined and deleted successfully.

#4 swagger

swagger

  • Members
  • 476 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina
  • Local time:12:03 AM

Posted 24 January 2010 - 11:34 AM

Hello emartin567...

You should update Malwarebytes' and run another quick scan... It is over 100 database versions old!

Regards,
swagger

#5 emartin567

emartin567
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 24 January 2010 - 05:41 PM

Here is the log from the updated MBAM. I'll try to run the GMER again now

Malwarebytes' Anti-Malware 1.44
Database version: 3630
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

1/24/2010 4:40:27 PM
mbam-log-2010-01-24 (16-40-27).txt

Scan type: Quick Scan
Objects scanned: 135517
Time elapsed: 9 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#6 emartin567

emartin567
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 25 January 2010 - 10:57 PM

I had trouble with the GMER program locking up my computer.

Here is the log from running GMER in safe mode:

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-01-25 21:49:32
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\pwliyfob.sys


---- System - GMER 1.0.15 ----

SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF782E87E]
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF782EBFE]

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!ZwYieldExecution + 11A 804E4954 4 Bytes CALL 521A40DB

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \FileSystem\Cdfs \Cdfs F6EB8400

---- EOF - GMER 1.0.15 ----







And this is a log I saved after GMER ran for a couple hours (and before it shut down my computer again):

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-01-25 08:18:48
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\pwliyfob.sys


---- System - GMER 1.0.15 ----

SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF782E87E]
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF782EBFE]

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!ZwYieldExecution + 11A 804E4954 4 Bytes CALL 521A40DB
init C:\WINDOWS\system32\drivers\tifm21.sys entry point in "init" section [0xF7256EBF]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[2852] USER32.dll!CreateWindowExW 7E41FC25 5 Bytes JMP 3E2ED3AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2852] USER32.dll!DialogBoxParamW 7E42555F 5 Bytes JMP 3E2151FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2852] USER32.dll!DialogBoxIndirectParamW 7E432032 5 Bytes JMP 3E3E3C10 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2852] USER32.dll!MessageBoxIndirectA 7E43A04A 5 Bytes JMP 3E3E3B42 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2852] USER32.dll!DialogBoxParamA 7E43B10C 5 Bytes JMP 3E3E3BAD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2852] USER32.dll!MessageBoxExW 7E4505D8 5 Bytes JMP 3E3E3A13 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2852] USER32.dll!MessageBoxExA 7E4505FC 5 Bytes JMP 3E3E3A75 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2852] USER32.dll!DialogBoxIndirectParamA 7E456B50 5 Bytes JMP 3E3E3C73 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2852] USER32.dll!MessageBoxIndirectW 7E4662AB 5 Bytes JMP 3E3E3AD7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!UnhookWindowsHookEx 7E41F21E 5 Bytes JMP 3E2543F6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!CallNextHookEx 7E41F85B 5 Bytes JMP 3E2DCB69 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!CreateWindowExW 7E41FC25 5 Bytes JMP 3E2ED3AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!DialogBoxParamW 7E42555F 5 Bytes JMP 3E2151FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!SetWindowsHookExW 7E42DDB5 5 Bytes JMP 3E2E9521 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!DialogBoxIndirectParamW 7E432032 5 Bytes JMP 3E3E3C10 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!MessageBoxIndirectA 7E43A04A 5 Bytes JMP 3E3E3B42 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!DialogBoxParamA 7E43B10C 5 Bytes JMP 3E3E3BAD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!MessageBoxExW 7E4505D8 5 Bytes JMP 3E3E3A13 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!MessageBoxExA 7E4505FC 5 Bytes JMP 3E3E3A75 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!DialogBoxIndirectParamA 7E456B50 5 Bytes JMP 3E3E3C73 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!MessageBoxIndirectW 7E4662AB 5 Bytes JMP 3E3E3AD7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 3E2ED408 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] ole32.dll!OleLoadFromStream 7753031B 5 Bytes JMP 3E3E3F78 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Common Files\AOL\1159213569\ee\aolsoftware.exe[2928] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1159213569\ee\aolsoftware.exe[2928] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1159213569\ee\aolsoftware.exe[2928] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1159213569\ee\aolsoftware.exe[2928] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1159213569\ee\aolsoftware.exe[2928] @ C:\WINDOWS\system32\MSVCRT.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1159213569\ee\aolsoftware.exe[2928] @ C:\WINDOWS\system32\MSVCRT.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1159213569\ee\aolsoftware.exe[2928] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1159213569\ee\aolsoftware.exe[2928] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1159213569\ee\aolsoftware.exe[2928] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1159213569\ee\aolsoftware.exe[2928] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1159213569\ee\aolsoftware.exe[2928] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1159213569\ee\aolsoftware.exe[2928] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3064] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Udfs \UdfsCdRom DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\meiudf \MeiUDF_Disk DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\meiudf \MeiUDF_CdRom DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Udfs \UdfsDisk DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB)

Device \FileSystem\Cdfs \Cdfs A9317400
Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

---- EOF - GMER 1.0.15 ----

#7 swagger

swagger

  • Members
  • 476 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina
  • Local time:12:03 AM

Posted 26 January 2010 - 07:57 AM

Hello emartin567,

Your GMER logs look good... Are you still having the redirect problem? I'd like you to test it if you haven't already.

Regards,
swagger

#8 Alf Brunsdon

Alf Brunsdon

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:03 AM

Posted 26 January 2010 - 08:19 AM

Hi Swagger, Emartin567

I hope you can help. I have a similar problem with the "Personal Protector" virus which prevents me from running Mawarebytes. I have a download from September last year and nothing happens when I execute or try to run it. I tried to download the latest version but soon as I download it, it gets redirected and stopped. I have downloaded it to a memory stick and when I try to execute from there it get redirected to the Personal Protector scan. I am thus unable run Malwarebytes to get rid of this virus.

Any help on this will be appreciated.

Cheers
Alf

#9 swagger

swagger

  • Members
  • 476 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina
  • Local time:12:03 AM

Posted 26 January 2010 - 08:59 AM

Hello Alf,

Please start your own topic, describing the very same symptoms and circumstances, you've described here. Each user is entitled to receive help and entitled to having a topic all to their own! Thanks in advance.

Regards,
swagger

#10 emartin567

emartin567
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 26 January 2010 - 11:21 PM

Swagger,

It's actually not redirecting anymore out of google searches. You think the updated malwarbytes knocked it out?

Thanks

Erik

#11 swagger

swagger

  • Members
  • 476 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina
  • Local time:12:03 AM

Posted 27 January 2010 - 07:38 AM

Hey emartin567,

It's very possible. :thumbsup: Let's try one last online scan before you go!

::ESET::

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image
In your next reply, please include the following log(s):
  • ESET
Regards,
swagger




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users