Attached Files

Yet another browser hijacking and all that comes with it.txt (10.5 KB, 1 views)

Hi Sumo,

Welcome back. Let me take a look at your log. Be back in a bit.

TTFN

LGW

Hi Sumo,

Wow, you got yourself really infected. One of your problems is that you are not properly updated. You aren't even updated as far as SP1, this leaves you open to all kinds of problems. It also appears that you are not running any protection software at all. Before beginning your fix, print out the PCHF Protecting Your PC article in my signature. You can read it while you are running all the scans and fixes you are going to have to do.


OK please download this removal tool from Symantec ]Look2me Fix[/url]

Next I need you to download the following from my signature. CCleaner, Spybot S&D, Spy Sweeper, RegSupremePro, and Housecall.

Install them all, with Spybot and Spy Sweeper, please update their definitions.

You will need to boot into Safe Mode for this fix and stay there until completed.

Before beginning please do the following;

Show hidden files and folders:
For XP:

1.On the Tools menu in Windows Explorer, click Folder Options.
2.Click the View tab.
3.Under Hidden files and folders, click Show hidden files and folders.
4.If you see a warning message, click Yes.
5.Click Apply.
6.Click OK.

Disable system restore to prevent re-infection.
(if you have/use it.)
(you can turn it back on when youre pc is clean).


How to disable system restore:

WinXP.

Click the Start button.
Right-click My Computer, and then click Properties.
On the System Restore tab, check Turn off System Restore or Turn off System Restore on all drives.

Run Housecall, this is an online virus scanner, allow it to fix whatever it finds.

Now boot into Safe Mode, on bootup continually click the F8 key until a menu appears, use your arrow keys to manuver until Safe Mode is selected, hit Enter.

Pre-work clean up

Run CCleaner. Make sure that all options are checked including Advanced, click OK to all warnings. Click on the Analyze button, let it run. When it is finished, click on the Run Cleaner button, exit CCleaner.

Run Ewido Security Suite.

If you have an "always on" connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode.
Close all open windows/programs/folders and then run Ewido.* Have nothing else open while ewido performs its scan!

• Click on Scanner , Settings
• Under "How to scan" all boxes should be selected
• Under "Possibly unwanted software" all boxes should be selected
• Under "What to scan" select scan every file
• Click OK, Complete system scan
• Let the program scan the machine
• If ewido finds anything, it will pop up a notification. Click on Perform Action with All Infections.

Save the log, this is important.

Next run the Look2me Fix that you downloaded previously.

Run Spybot S&D Run a full system scan and fix all items that show up in Red

Next Run Spy Sweeper, click on Options, Sweep Options, make sure that all options except Do Not Scan System Restore Files, are checked. Click on Sweep Now, Start. Quarantine everything that it finds.

Now run CCleaner again.

Reinstall HijackThis so that it is in its own folder, not running from the desktop. Run HijackThis and put a checkmark next to, and fix the following if they are still there. Delete any items in bold if they are still present on your computer.

Run CCleaner again. Reboot into regular mode.

Clean your registry

Run RegSupremePro. It will want to make a backup of your cache, let it. When it has finished, click on Registry Cleaner and select Aggressive. Let it run. When it has finished, click on Select, choose All. Click on Fix, let it fix everything that it has found.

Run HijackThis again, and post both the new HJT log and the saved ewido log back here. We'll worry about getting you updated and protected later.

Look forward to your post.

TTFN

LGW

well what had happend was i was reformatting this pc and I was serching for the USB controller driver and found a bad page wich in turn gave me all this trouble. i am almost wondering if it would be easyer to just formatte agen. I didnt even make it to the first windows update... as you already saw lol. What do you think. Just do another fresh install? or deal with this ****!

:cheesy: Sumo, with all of the garbage you have infecting this computer. If reformatting is an option, I say go for it. It will save you hours of fixes.
However, I do recommend that you follow the instructions for the multi-partition XP install in my signature. It makes XP sing, and I know I used it on a VERY problematic PC.

Let me know if you have any questions about which to choose, or if you have any confusion about the install.

Look forward to your reply,

TTFN

LGW

I would definitely say that that is the best option , there are so many different infections on there that even if it wasn't just newly formatted i would still do that if it was my own pc.

Its gona safe you alot of trouble to just install windows again , but before connecting to the net again this time i would first install youre AV and firewall , and then the first thing to do would be to go to windows update and then after that , see what else needs to be done.

how can they get away with this kind of stuff. Like that happend so fast that it made my head spin literally. You would think that there would be alot more "Good" hackers that would be a step ahead of these guys. How do they sleep at night!?!