Google Hijack. Is that it?

By Shaftmonde ยท 6 replies
Nov 19, 2009
  1. I just want to thank Bobbye for all his help. He has been patient and courteous with me.
    I believe my problem is now solved, but unfortunately our thread itself got hijacked and closed before resolution could be confirmed.
  2. kritius

    kritius TS Guru Posts: 2,084

    Your logs appear clean,

    Did you do an update around the end of October as there are a lot of files appearing on that date.

    Best get an online scan to confirm

    Using Internet Explorer or Firefox, visit Kaspersky Online Scanner

    1. Click Accept, when prompted to download and install the program files and database of malware definitions.

    2. To optimize scanning time and produce a more sensible report for review:
    • Close any open programs
    • Turn off the real time scanner of any existing antivirus program while performing the online scan. Click HERE to see how to disable the most common antivirus programs.
    3. Click Run at the Security prompt.

    The program will then begin downloading and installing and will also update the database.
    Please be patient as this can take quite a long time to download.
    • Once the update is complete, click on Settings.
    • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      • [*]Spyware, adware, dialers, and other riskware
        [*]E-mail databases
    • Click on My Computer under the green Scan bar to the left to start the scan.
    • Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
    • Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
    • Click View report... at the bottom.
    • Click the Save report... button.
    • Change the Files of type dropdown box to Text file (.txt) and name the file KasReport.txt to save the file to your desktop so that you may post it in your next reply
  3. Shaftmonde

    Shaftmonde TS Rookie Topic Starter Posts: 38

    Many thanks Kritius.
    Looks like everything is okay. No threats found.
    This one really has to be copied/pasted as the 'Manage Attachments' button isn't working.

    KASPERSKY ONLINE SCANNER 7.0: scan report
    Friday, November 20, 2009
    Operating system: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
    Kaspersky Online Scanner version:
    Last database update: Thursday, November 19, 2009 23:10:24
    Records in database: 3246240

    Scan settings:
    scan using the following database: extended
    Scan archives: yes
    Scan e-mail databases: yes

    Scan area - My Computer:

    Scan statistics:
    Objects scanned: 94496
    Threats found: 0
    Infected objects found: 0
    Suspicious objects found: 0
    Scan duration: 01:52:50

    No threats found. Scanned area is clean.

    Selected area has been scanned.
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Shaftmonde, I'm so glad you followed up on this. I was surprised to see that the thread had been closed. Haven't seen an OTL log that long!

    You can remove the cleaning tools now and set a new clean restore point:

    Uninstall ComboFix.exe And all Backups of the files it deleted
    • Click START> then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.

    Remove all of the tools we used and the files and folders they created
    • DownloadOTCleanIt by OldTimer
    • Save it to your Desktop.
    • Double click OTCleanIt.exe.
    • Click the CleanUp! button.
    • If you are prompted to Reboot during the cleanup, select Yes.
    The tool will delete itself once it finishes.

    If you are prompted to Reboot during the cleanup, select Yes.

    You should now set a new Restore Point to prevent infection from any previous Restore Points. The easiest and safest way to do this is:
    • Go to Start > All Programs > Accessories > System Tools and click "System Restore".
    • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the Restore Point a name then click "Create". The new Restore Point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
    • Go to "Disk Cleanup" which can be found by going to Start > All Programs > Accessories > System Tools.
    • Click "OK" to select the partition or drive you desire.
    • Click the "More Options" Tab.
    • Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one.

    More details and screenshots for Disk Cleanup in Windows Vista can be found here.

    Here are some tips to help keep the system secure and clean:
    1.Disable and Enable System Restore: This will help you to drop the old restore points and set a new, clean one:

    System Restore Guide

    2.Stay current on updates:
    • Visit the Microsoft Download Sitefrequently.
      You should get All updates marked Critical and the current SP updates:Windows 2000> SP4, Windows XP> SP2, SP3, Vista> SP1
    • Visit this site[Adobe Readeroften and make sure you have the most current update. Uninstall any earlier updates as they are vulnerabilities.
    • Check this site often.Java Updates Stay current as most updates are for security. Uninstall any earlier versions in Add/Remove Programs.

    3.Make Internet Explorer safer. Follow the suggestions HERE
    This Tutorial will help guide you through Configuring Security Settings, Managing Active X Controls and other safety features.

    4.Remove Temporary Internet Files regularly: Use5. Use an AntiVirus Software(only one)
    6.Use a good, bi-directional firewall(one software firewall)
    [*]See Understanding and Using Firewalls including links to download a firewall.

    7.Consider these programs for Extra Security
    • Spywareblaster:
    • SpywareBlaster protects against bad ActiveX. It places kill bits to stop bad Active X controls from being installed. Remember to update it regularly.
    • IE/Spyad
    • This places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.
    • MVPS Hosts files This replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to which is your local computer.
    • Google Toolbar Get the free google toolbar to help stop pop up windows.

    If I can be of further assistance, please let me know. Help and support is only given in the forums but you can send a PM to me and bring my attention
    back to the thread.
  5. Shaftmonde

    Shaftmonde TS Rookie Topic Starter Posts: 38

    Thanks again Bobbye, (Thanks also to Kritius and Kimsland)
    OTCleanIt duly done and everything looks good.
    I had already taken the liberty of clearing and setting a fresh restore point (and testing it's function as well - all okay)
    Those tools you mention sound handy. It strikes me that with a collection of suitable specialised such tools there's hardly any need for the System Mechanic (Which I bought, but uninstalled, as it always seemed to cause complications afterwards)
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    There is so much that can be done from within the system itself that rarely is buying a program to do it worth the money. There is one program though that I have been using for years: The Ultimate Troubleshooter (TUT) ($30)from answersthat work. It gives you access to all parts of the system, allows you to stop, start, remove or change, has several grreat utilities included and has a housekeeping feature that allows you to clean up the system from one section.

    Using the Housekeeping feature which I have set to send the deletions to the Recycle Bin and a free program called Eraser, I have a 5 year old laptop with 88% of resources still free!

    In case you want to look into them:
    The Ultimate Troubleshooter

    One especially good feature of Eraser is that it is available on the right click context menu.
  7. Shaftmonde

    Shaftmonde TS Rookie Topic Starter Posts: 38

    Thanks Bobbye, I'll look into those.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...