Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I am infected with redirects and popups.


  • Please log in to reply
3 replies to this topic

#1 yamahonduki

yamahonduki

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Location:birmingham, england.
  • Local time:06:15 AM

Posted 21 April 2006 - 06:26 PM

hi, i have internet explorer 6 on my pc, and i also have mozilla firefox.
my IE6 seemed to have some kind of hijacker/redirecter attatched to it, and as a consequence i could not go to the sites that i wanted to.
instead it sent me to a wonderfull array of financialy oriented sites, offering me loans and extortionate rates of interest.
i tried everything i had in my antivirus arsenal, to no avail.
i tried, webroot spysweeper, adaware, spybot, asquared, and kaspersky av pro, to no avail.
i even tried using the search assistant to locate files on my pc which matched the names of the offending sites i was sent to, and as fast as i was deleting all their components, they were returning with new urls for me to visit.
so i downloaded mozilla firefox, which works okay.
what i need to know is,, can i remove IE6 from my pc, and if i do, will it remove the offending nasty with it?
and if i can, and it does, can i then reinstall a new IE6, and will it be clean?
thanks for any help.

yamahonduki, steve. :thumbsup:

BC AdBot (Login to Remove)

 


m

#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:15 AM

Posted 21 April 2006 - 08:44 PM

I suggest you read and follow all instructions in the pinned topic titled Preparation Guide For Use Before Posting A Hijackthis Log.

When you have done that, post a log in the HijackThis Logs and Analysis Forum, not here, for assistance by the HJT Team Experts.

It may take a while to get a response because the HJT Team members are very busy. Please be patient as they are volunteers who will help you out as soon as possible. Once you have made your post, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have not been replied as this makes it easier for them to identify those who have not been helped. If you post another response, a team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 yamahonduki

yamahonduki
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Location:birmingham, england.
  • Local time:06:15 AM

Posted 23 April 2006 - 06:39 PM

hi.

i feel like a bit of a fraud.
i seem to have sorted out my problem now.
seems like i had something called "winbrume.dll" in my system32 files.
once i isolated it, it was just a matter of changing the permissions.
after that, i simply erased it all with my eraser.
then i ran another hijack this scan, and low and behold, it said the file was missing :thumbsup:
just to be sure, i ran several search assistant searches, and they came up as no results found.
by IE6 is working fine again now and the wife can surf her auction sites again :flowers:

i will just add that i did this fix myself, and i would warn others that eraser is a dangerous program in the wrong hands.

also, i hope i havent caused anybody any unnessassary work in trying to research my problem.

steve.

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:15 AM

Posted 24 April 2006 - 04:11 AM

winbrume.dll is a variant of the Dropper.GF trojan which is a browser hijacker. Glad to hear you were able to resolve the problem.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users