Browser Hijacker
- Thread starter mretzloff
- Start date
- Status
howard_hopkinso
Posts: 21,238 +17
As I`ve just said. All you do with Spyware Blaster is update it, enable all protection and close the programme, that`s it.
You can`t scan with it, that`s not how it works. Read the tutorial I linked to and all will be revealed.
Regards Howard
This thread is for the use of mretzloff only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
You can`t scan with it, that`s not how it works. Read the tutorial I linked to and all will be revealed.
Regards Howard
This thread is for the use of mretzloff only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
momok
Posts: 2,127 +6
Hi,
A good firewall will naturally have those pop ups to inform you of any potential compromise to your internet security. If you do not wish to have those pop ups, then you would need to set the firewall to be fully automated. In such a case, for it to do its job really well it would have to restrict several things in your system, even if they were legit. It always has to be some sort of balance in between if you wish to retain some sort of control over your internet habits.
To draw an analogy, the strongest, strictest terrorist measures will result in more red tape, less freedom, more restrictions etc. But a laxer system will increase the risk inevitably.
Regards,
Your friendly Momok =)
A good firewall will naturally have those pop ups to inform you of any potential compromise to your internet security. If you do not wish to have those pop ups, then you would need to set the firewall to be fully automated. In such a case, for it to do its job really well it would have to restrict several things in your system, even if they were legit. It always has to be some sort of balance in between if you wish to retain some sort of control over your internet habits.
To draw an analogy, the strongest, strictest terrorist measures will result in more red tape, less freedom, more restrictions etc. But a laxer system will increase the risk inevitably.
Regards,
Your friendly Momok =)
momok
Posts: 2,127 +6
Hi,
Personally I use Comodo. It has several settings for you to choose, even including learning mode. If I'm not wrong, you can also set it to be fully automated. It is definitely a useful firewall if you know how to tweak the settings well. How you wish to tweak it is again subject to user preference and needs.
There are two other firewalls commonly recommended:
Zone Alarm
Kerio
You may try them out if you wish. But do note that it is not recommended to run more than one firewall at any point of time.
Regards,
Your friendly Momok =)
This thread is for the use of mretzloff only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Personally I use Comodo. It has several settings for you to choose, even including learning mode. If I'm not wrong, you can also set it to be fully automated. It is definitely a useful firewall if you know how to tweak the settings well. How you wish to tweak it is again subject to user preference and needs.
There are two other firewalls commonly recommended:
Zone Alarm
Kerio
You may try them out if you wish. But do note that it is not recommended to run more than one firewall at any point of time.
Regards,
Your friendly Momok =)
This thread is for the use of mretzloff only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
I've been experiencing some problems again. Sometimes when I search on Google and I click on a link, I'm redirected to another search engine that searches for whatever I searched for on Google. Also, today the date and time format changed by itself.
Here's a HJT logfile from today:
View attachment 20964
Thank to to whoever helps
Here's a HJT logfile from today:
View attachment 20964
Thank to to whoever helps
howard_hopkinso
Posts: 21,238 +17
Your system has been hijacked.
Please download FixWareout from one of these sites:
http://downloads.subratam.org/Fixwareout.exe
http://www.bleepingcomputer.com/files/lonny/Fixwareout.exe
Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.
Please download FixWareout from one of these sites:
http://downloads.subratam.org/Fixwareout.exe
http://www.bleepingcomputer.com/files/lonny/Fixwareout.exe
Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.
Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
O17 - HKLM\System\CCS\Services\Tcpip\..\{2DEA6FDA-024F-41B1-833E-D3E369DB2E8B}: NameServer = 85.255.114.78,85.255.112.120
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5AB3BCB-87F3-452E-BD45-209DE3386BC5}: NameServer = 85.255.114.78,85.255.112.120
O17 - HKLM\System\CS3\Services\Tcpip\..\{2DEA6FDA-024F-41B1-833E-D3E369DB2E8B}: NameServer = 85.255.114.78,85.255.112.120
O17 - HKLM\System\CS4\Services\Tcpip\..\{2DEA6FDA-024F-41B1-833E-D3E369DB2E8B}: NameServer = 85.255.114.78,85.255.112.120
Click on the fix checked button.
Close HJT and reboot your computer.
Post a fresh HJT log as well as the C:\fixwareout\report.txt.
Regards Howard
This thread is for the use of mretzloff only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Please download FixWareout from one of these sites:
http://downloads.subratam.org/Fixwareout.exe
http://www.bleepingcomputer.com/files/lonny/Fixwareout.exe
Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.
Please download FixWareout from one of these sites:
http://downloads.subratam.org/Fixwareout.exe
http://www.bleepingcomputer.com/files/lonny/Fixwareout.exe
Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.
Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
O17 - HKLM\System\CCS\Services\Tcpip\..\{2DEA6FDA-024F-41B1-833E-D3E369DB2E8B}: NameServer = 85.255.114.78,85.255.112.120
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5AB3BCB-87F3-452E-BD45-209DE3386BC5}: NameServer = 85.255.114.78,85.255.112.120
O17 - HKLM\System\CS3\Services\Tcpip\..\{2DEA6FDA-024F-41B1-833E-D3E369DB2E8B}: NameServer = 85.255.114.78,85.255.112.120
O17 - HKLM\System\CS4\Services\Tcpip\..\{2DEA6FDA-024F-41B1-833E-D3E369DB2E8B}: NameServer = 85.255.114.78,85.255.112.120
Click on the fix checked button.
Close HJT and reboot your computer.
Post a fresh HJT log as well as the C:\fixwareout\report.txt.
Regards Howard
This thread is for the use of mretzloff only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Thanks.
Here are the logfiles:
View attachment 20979
View attachment 20980
Do I need to change any passwords or anything? Would I have these problems if I was using a Mac?
Here are the logfiles:
View attachment 20979
View attachment 20980
Do I need to change any passwords or anything? Would I have these problems if I was using a Mac?
D
DelJo63
mretzloff said:
(a) no; your system needs security and better usage patterns,
eg: avoid IM, chat
(b) Macs can be attacked too, but there's less activity on that platform
primarily due to the small percentage of users.
FOR A CERTAINTY, attacks aimed at the registry would never work on a Mac
howard_hopkinso
Posts: 21,238 +17
Your HJT log is now clean.
Unless you`re having further problems, you should be good to go.
Turn off system restore.(XP/ME only) See how HERE.
Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of mretzloff only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Unless you`re having further problems, you should be good to go.
Turn off system restore.(XP/ME only) See how HERE.
Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of mretzloff only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
Just uninstall the Fixwareout programme.
Regards Howard
This thread is for the use of mretzloff only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Regards Howard
This thread is for the use of mretzloff only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
Go to C:\Fixwareout and delete the folder.
Regards Howard
This thread is for the use of mretzloff only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Regards Howard
This thread is for the use of mretzloff only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
My computer is running somewhat slow and restarts itself every 5 minutes or so. Could someone help me? I'll post a HJT log. I just wanna get this post in before it restarts itself.
EDIT: Here's the logfile:
View attachment 21542
Thank you!
EDIT: Here's the logfile:
View attachment 21542
Thank you!
howard_hopkinso
Posts: 21,238 +17
howard_hopkinso
Posts: 21,238 +17
A minidump is a snapshot of what was happening when Windows crashed and can contain useful info as to what caused the crash.
You will find you mindumps in the C:\windows\minidumps folder.
Regards Howard
You will find you mindumps in the C:\windows\minidumps folder.
Regards Howard
howard_hopkinso
Posts: 21,238 +17
I`d say every six months or sooner if you think there`s a chance it`s been compromised.
Regards Howard
Regards Howard
TimeParadoX
Posts: 2,222 +4
I change all my passwords ( including TechSpot's ) around every other month or so, But that's just me
howard_hopkinso
Posts: 21,238 +17
Is Windows setup to write minidumps?
Right click my computer, and select properties, and then the advanced tab.
Under startup and recovery click on settings. Make sure the write debugging information box is set to small memory dump. Also make sure that the overwrite any existing file box isn`t checked. Click ok/apply/ok.
Reboot your computer.
Now when your system crashes, Windows should write a minidump to the folder c:\windows/minidump
Regards Howard
Right click my computer, and select properties, and then the advanced tab.
Under startup and recovery click on settings. Make sure the write debugging information box is set to small memory dump. Also make sure that the overwrite any existing file box isn`t checked. Click ok/apply/ok.
Reboot your computer.
Now when your system crashes, Windows should write a minidump to the folder c:\windows/minidump
Regards Howard
I'm sorry that this has nothing to do with security, but how do you erase your hard drive? I'm thinking about donating my old computers to Goodwill but don't want my tax returns and all that stuff to remain on my hard drive. How can I erase EVERYTHING on the hard drive and how can I be 100% sure it is truly erased?
Thanks.
Thanks.
- Status
