Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

istart123 browser hijacked


  • Please log in to reply
9 replies to this topic

#1 browserhijack

browserhijack

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:40 AM

Posted 23 February 2015 - 08:03 PM

Thank you for your time :thumbup2:  My laptop got infected so I run Adw cleaner, malwarebytes anti-malware, hitman pro 3 then run TFC and cleared all old system restore points. Laptop seems to be much better now is there anything else I need to do or program to run ??



BC AdBot (Login to Remove)

 


m

#2 buddy215

buddy215

  • BC Advisor
  • 12,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:40 PM

Posted 23 February 2015 - 08:43 PM

Welcome to BC !

 

istart hijacks your browser(s) shortcuts on your desktop, task bar and start menu. You should check to be sure that is still not the case.

Right click on a browser shortcut/ icon and choose properties. Look to see what is listed as Target and if you see something similar to what is

in the image below then you will need to clean ALL browser shortcuts.

 

istart123-hijack.jpg


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 browserhijack

browserhijack
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:40 AM

Posted 23 February 2015 - 08:51 PM

Thanks for your reply buddy :thumbup2: all browser shortcuts are now as they should be. The duplicated ones have been deleted :)



#4 buddy215

buddy215

  • BC Advisor
  • 12,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:40 PM

Posted 23 February 2015 - 09:10 PM

Good....you're welcome.

 

I always recommend a scan using Eset Online Scanner. It seems to always find adware and malware that gets missed by MBAM and adware programs.

It will take more than an hour to run it but I think it is well worth it.

 

Hold down Control and click on this link to open ESET OnlineScan in a new window. (Eset can take more than an hour to run so plan accordingly)

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#5 browserhijack

browserhijack
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:40 AM

Posted 23 February 2015 - 09:39 PM

Sorry for the daft question probably doesn't matter but Eset requested i disable microsoft security essentials as it may cause a conflict. Should i disable it from the program or do i need to do it from ms config? :unsure:



#6 buddy215

buddy215

  • BC Advisor
  • 12,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:40 PM

Posted 23 February 2015 - 09:41 PM

disable it from the program...that should do it.

 

From the web:

 

1. Find the Security Essentials icon in your System Tray (usually it's represented by a little green house with a flag on top). Right-click it and choose Open.

2. Click the Settings tab.

3. Click Real-time protection.

4. Uncheck the box next to Turn on real-time protection (recommended).

5. Click the Save changes button.

 

Remember to reenable after Eset finishes....


Edited by buddy215, 23 February 2015 - 09:46 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#7 browserhijack

browserhijack
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:40 AM

Posted 23 February 2015 - 10:21 PM

ESET Results

 

C:\AdwCleaner\Quarantine\C\ProgramData\208c7cc2000021a2\208c7cc2000021a2.dll.vir a variant of Win32/SProtector.O potentially unwanted application deleted - quarantined

 

C:\AdwCleaner\Quarantine\C\ProgramData\Browser\prompt.exe.vir a variant of MSIL/Adware.PullUpdate.H application cleaned by deleting - quarantined

 

C:\AdwCleaner\Quarantine\C\ProgramData\pdhelakepjpejaipeaphpnmdkncdbede\gqPmm.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined

 

C:\AdwCleaner\Quarantine\C\ProgramData\pjfalpibjpbpbbhggakfceahhplcmjda\FG.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined

 

C:\AdwCleaner\Quarantine\C\Users\Glenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlglfagpfndbagniapkbcndgiifknnib\1.8\UhHk0s.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined

 

run c cleaner

 



#8 buddy215

buddy215

  • BC Advisor
  • 12,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:40 PM

Posted 23 February 2015 - 10:29 PM

How's the computer running...up to par? If so, you're good to go. Happy surfin' !


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#9 browserhijack

browserhijack
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:40 AM

Posted 23 February 2015 - 10:52 PM

Thanks for all your help Buddy :thumbup2:



#10 buddy215

buddy215

  • BC Advisor
  • 12,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:40 PM

Posted 24 February 2015 - 08:32 AM

You're welcome.....


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users