Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect homepage


  • Please log in to reply
10 replies to this topic

#1 john8008

john8008

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 21 February 2015 - 08:51 AM

Problem : Suddenly when i open any browser(firefox and chrome) i started getting some weird home page , default is google.com
 
OS : vista sp1
 
Steps i have taken
1. Cleaned firefox and chrome cookies / cache
2. Mbam version 2 ( nothing found )
3. Temp file cleaner
4. antivirus Norton ( nothing found )
 
After all that now when i open Firefox i get google.com and for
 
Chrome i get this warning
 
"Your connection is not private
Attackers might be trying to steal your information from ssoauth.cignex.com (for example, passwords, messages, or credit cards)."
 
So far i have noticed it comes only when i start the browser ( chrome) and nothing while browsing.
I think there is some homepage redirect issue ?
 
thanks im advance for help.
 


BC AdBot (Login to Remove)

 


#2 john8008

john8008
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 21 February 2015 - 09:37 AM

Update : I changed chrome settings 

Settings > search > manage search engine , and deleted all other engines and left google and now i dont get the warning in chrome also ,

but im not sure if my system is clean or not 

 

thanks



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:02 PM

Posted 24 February 2015 - 05:58 PM

:thumbup2: Good move and thanks for the update


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 john8008

john8008
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 25 February 2015 - 02:06 AM

hi boopme , thanks for reply :)

 

im still not sure if my system is clean and was thinking of running ADWcleaner but never used it before :]



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:02 PM

Posted 25 February 2015 - 12:21 PM

For confidence do these....
 
3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Hold down Control and click on this link to open ESET Online Scanner in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE: Sometimes if ESET finds no infections it will not create a log.
>>>
51a46ae42d560-malwarebytes_anti_malware.Malwarebytes Anti-Malware
  • Download MalwareBytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.exe to start the installation of Malwarebytes Anti-Malware.
  • Follow the instructions on your screen to complete the installation. You can find the complete installation procedure here.
  • Click the Scan Now button, a threat scan will start automatically.
  • MalwareBytes Anti-Malware will now check for the latest updates. Click Update Now if new updates are available.
  • Your computer is now being scanned, please do not use your computer during the scan.
    • If no threats were found, click View detailed log.
      • Click Export and save the log as a .txt file on your Desktop or another location.
    • If the scan detected any threats, click Apply Actions.
      • To complete any actions taken you will be prompted to restart your computer...click on Yes.
      • After reboot, start Malwarebytes Anti-Malware again and click the History Tab at the top and select Application Logs.
      • Check the box next to Scan Log. Choose the most current scan and click View.
      • Click Export and save the log as a .txt file on your Desktop or another location.
  • Providing the MalwareBytes' Anti-Malware log file
    • Attach the log file you just saved to your next reply for further review.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 john8008

john8008
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 25 February 2015 - 05:34 PM

my internet explorer started crashing on launch suddenly 

i could not paste the logs so please check here

Eset no log created

http://www.sendspace.com/filegroup/iGRmoSGMrt3yv7VekixeQQ%2BxhYAuAZ98zpUUVjtI%2Brg

 

thanks

 

update on internet explorer

http://www.symantec.com/connect/blogs/corrupt-ips-definition-package-impacted-32-bit-versions-internet-explorer

 

it seems this is the problem after update will try to check if it fixed 

 

update 2 : fix was right here :D 

http://www.bleepingcomputer.com/forums/t/567858/norton-internet-security-antivirus-update-borke-internet-explorer/

updated and and iexplorer is working fine now .


Edited by john8008, 25 February 2015 - 05:49 PM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:02 PM

Posted 25 February 2015 - 08:26 PM

That's great.. we still need to remove what ADWcleaner found

Double click on AdwCleaner.exe to run the tool again. Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • >>>>

    Empty your temp folders using TFC (Temporary File Cleaner)
    • Please download TFC by Old Timer and save it to your desktop.
      alternate download link
    • Save any unsaved work. (TFC will close ALL open programs including your browser!)
    • Double-click on TFC.exe to run it. (If you are using Vista or above, right-click on the file and choose "Run As Administrator".)
    • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
    • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 john8008

john8008
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 26 February 2015 - 02:42 AM

Adwcleaner[S0].txt = 

 
 
 
also i wanted to ask , since i already have NIS , mbam/mbae pro , do i need hitmanpro with cryto guard and cryptoprevent and will they run with other programs .
 
thanks

Edited by john8008, 26 February 2015 - 03:06 AM.


#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:02 PM

Posted 26 February 2015 - 04:01 PM

Probably won't need HitMan..

Did you see this?
http://www.bleepingcomputer.com/forums/t/542235/30-off-cryptoprevent-and-dmaintenance-home-edition-from-foolish-it/#entry3431560
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 john8008

john8008
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 27 February 2015 - 02:26 AM

Thanks for help and plus the link :)



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:02 PM

Posted 27 February 2015 - 02:50 PM

You're welcome!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users