Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser Hijacked


  • This topic is locked This topic is locked
2 replies to this topic

#1 bmeche

bmeche

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:40 AM

Posted 24 October 2012 - 08:13 PM

This computer's browser is redirected to every search, I have attached a hijackthis log, thanks in advance,

Bret

*Moderator Edit: Moved topic from XP to the more appropriate forum. ~ Queen-Evie*

Attached Files


Edited by Queen-Evie, 24 October 2012 - 08:27 PM.


BC AdBot (Login to Remove)

 


#2 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:04:40 PM

Posted 24 October 2012 - 09:02 PM

Hello bmeche and welcome to BC. Please do not attach logs unless instructed.



:step1: Download GMER Rootkit Scanner from here.
  • Extract the contents of the zipped file to the desktop.
  • Double click GMER.exe and if you are asked if you want to allow gmer.sys driver to load, please allow it to do so.
  • If it gives you a warning about rootkit activity and asks if you want to run scan, please click on NO.
  • In the right panel you will see several boxes that have been checked. Unchecked the following checkboxes:
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
  • Now click on the Scan button and wait for it to finish.
  • Once done click on the [Save..] button, and in the File name area, type in ark.txt and save it to your desktop.
  • Post the contents of that report when you reply.



:step2: Download OTL by OldTimer from one of the links below:

Link 1
Link 2

  • Save it to your desktop.
  • Close all open windows on the Task Bar.
  • Double click the OTL icon to run the program (run as Administrator for Windows Vista/7).
  • Put a check mark on Scan All Users.
  • Click the Run Scan button and let it run uninterrupted.
  • It will create two reports namely OTL.txt (will be opened) and Extras.txt (will be minimized).
  • Post the contents of both reports when you reply.
  • Exit OTL.

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#3 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:04:40 PM

Posted 29 October 2012 - 12:26 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users