TechSpot

Search links redirecting me to unwanted sites

By KaiserSosay
Dec 6, 2008
  1. Hey, I ran all of the steps, didnt find anything that fixed the problem, so Im hoping there is something here that someone cna help me with. Thanks


    I had to attach the hijack this log
     
  2. rf6647

    rf6647 TS Maniac Posts: 829

    Your description is vague. I am trying to anticipate your needs.

    Overview of next steps
    1. Uninstall old versions of ComboFix – if used previously
    2. Download ComboFix
    3. Disconnect from local network (router / modem).
    4. Turn off all Internet security programs, including FW, AV, AS
    5. 2 runs of combofix. Each run followed with a restart.
    6. Turn on appropriate Internet Security programs.
    7. Protect from contamination
      • Disconnect all other computers from router / modem (local network)
      • Power cycle router / modem
      • Power cycle infected computer.
    8. Attach only infected computer to local network.
    9. Reply with logs.
    10. Restore other computers to the local network.
    Details -
    1. Uninstall old versions of ComboFix
    2. Download ComboFix
    3. Disconnect infected computer from local network (router / modem).

    4. Turn off all Internet security programs, including FW, AV, AS

    5. 2 runs of combofix
      • Follow ComboFix instructions referenced before.

      • Examine the last few lines in the log for ‘Completion time:’ ……. ‘machine was rebooted’

      • Restart the computer, if first run of ComboFix did not concluded with ‘reboot’.

      • Repeat ComboFix.

      • Restart the computer

      • Scan with HJT. (part of instructions for ComboFix)

    6. Turn on appropriate Internet Security programs.

    7. Protect from contamination of unknown origin- . This is where I grasp at straws. Folklore…
      I offer some consideration of the folklore. Power cycle (poc) of the router is different than the ‘hard reset’ using the microswitch somewhere on the router. The latter technique forces factory defaults & it a guaranteed cleaning. POC cleans volatile memory on the router. Once the exploits alter router settings, the hard reset is indicated. Passwords assigned by user are better than leaving it defaulted.​
      Skip this if it is not practical.
      • Disconnect all computers from the router (local network).
      • Power cycle the router (remove power, restore power).
      • Power cycle the infected computer.

    8. Attach only infected computer to local network.

    9. Reply with logs.

    10. Restore other computers to the local network.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...