1 2 Previous Next 15 Replies Latest reply: Dec 2, 2008 7:10 PM by Grif RSS

    Browser Hijack

      Hello
      My daughter’s laptop has become infected with a browser hijacker. Mcafee does not find it. I’ve looked at other threads and tried to install Malwarebytes and Smitfraud but I’m not able to, they install ok on my pc. On a couple of occasions I’ve been prompted to install antivirus2009 which appears to do a scan and found some suspect files and prompted me to install a file, which I cancelled. Any ideas whats going on.

      Security Centre
      V 9
      B 9.0.286

      Virus Scan
      V 13
      B 13.0.218

      Personal Firewall
      V10
      B 10.0.209
        • 1. RE: Browser Hijack
          Ex_Brit
          Try downloading Hijacthis and posting its log on one of the following forums. If you can't download it in regular mode because of the infection boot into "Safe Mode With Networking" by tapping F8 repeatedly while booting up. It allows you internet access while in safe mode.

          Do not post the log here, we can't help!

          DOWNLOAD HIJACKTHIS

          Post the logs at a specialist Forum:

          AUMHA FORUM

          BLEEPING COMPUTER FORUM

          CASTLECOPS FORUM

          GEEKS TO GO FORUM

          MAJOR GEEKS FORUM

          MALWARE REMOVAL FORUM

          SPYWARE INFO FORUM

          TECH SUPPORT GUY FORUM

          WHAT THE TECH FORUM (Formerly Tom Coyote)

          Be sure to read all the sticky announcements/instructions at the top of each malware forum!

          Sorry to take so long to reply to your post but I seem to only one of two Moderators present in this board today.
          • 2. RE: Browser Hijack
            Dodjw,

            Try installing Malwarebytes again. This time do it this way:

            IF you are not able to download these tools on your machine, please use a friend or family member's computer and download the Malwarebytes tool and it's manual update from the link below.. Once downloaded, rename the program installer "mbam-setup.exe" file to something else like "Gogetum.exe", then copy the installer file and the update file to a CD or flash drive.. Transfer the file to the problem machine, then install the "Gogetum.exe" file, then run the update to get the program current.. After that, run a full system scan and delete anything it finds.

            Malwarebytes Download Link (Clicking on the links below will immediately start the download dialogue window.)
            http://www.besttechie.net/tools/mbam-setup.exe

            Malwarebytes Manual Updater link
            http://www.malwarebytes.org/mbam/database/mbam-rules.exe

            Hope this helps.

            Grif
            • 3. RE: Browser Hijack
              Thanks for that.
              I'll give your ideas a try and will let you know how I get on.
              • 4. RE: Browser Hijack
                I'm unable to fully install Malwarebytes even from a flash drive, i can't update adaware and I can't install superantispyware or smifraudfix. My fire wall is blocking a program brastk.exe. Is this the program causing the problem.
                • 5. RE: Browser Hijack
                  Did you follow Grif`s advise and rename the applications, these infections like to block security applications from either being downloaded or if they are installed, they like to block them from running.

                   

                  My fire wall is blocking a program brastk.exe. Is this the program causing the problem.



                  Is it blocking inbound or outbound, if outbound you are infected.
                  • 6. RE: Browser Hijack
                    I tried installing several times each with a different name each time the installation would start but never finish and I was unable to run it.. The firewall is bloking an outbound connecton attempt by brastk.exe
                    Tried scanning with Mcafee and recieved theses messages
                    Mcafee on demand scan has encountered a problem and needs to close.
                    Scanning has encountered a problem from which it can not recover, Error getting scan progress
                    • 7. RE: Browser Hijack

                       

                      I tried installing several times each with a different name each time the installation would start but never finish and I was unable to run it



                      Did you rename prior to saving to your flash drive, for example- abc1, abc2 and abc3.

                       

                      The firewall is bloking an outbound connecton attempt by brastk.exe



                      Which means that file is present on the hard-drive.

                       

                      Mcafee on demand scan has encountered a problem and needs to close.
                      Scanning has encountered a problem from which it can not recover, Error getting scan progress



                      These infections like to disable your protection.

                      If you still cannot install/scan with SAS, MBAM and Smitfradfix, then follow Ex_Brit`s advise in post 2.
                      • 8. RE: Browser Hijack
                        Yes I renamed when I put it on the flash drive. This seems to be a tricky little swine.
                        I'll post on major geeks and see how I get on.
                        Thanks
                        • 9. RE: Browser Hijack
                          I've also found a few issues with a the newest XP Antivirus 2009.. If you rename the MBAM file to a different name, it will sometimes allow you to install it but it still won't run because there is a new bot causing it to shut down.. Please try the steps below to create a Rescue Disc CD boot scanner.. After following the procedures in the link below, place the CD in the drive, then restart the computer and scan the computer.. It will remove the bot and then allow you to install and run Malwarebytes:

                          Avira Rescue Disc Link
                          http://www.free-av.de/en/tools/12/avira_antivir_rescue_system.html

                          Hope this helps.

                          Grif
                          1 2 Previous Next