Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Internet Hijacker

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Internet Hijacker

Unread postby stlorey » September 21st, 2010, 9:44 am

Please post back:
1. the ESET online scan result
2. how is your computer behaving now?[/quote]
--------------------
Here are the results of the ESET scan:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=7.00.6000.17080 (vista_gdr.100616-0452)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=2453db1fa6c1b14fbcb169f1ecd55a50
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2010-09-21 06:36:28
# local_time=2010-09-21 02:36:28 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 525441 525441 0 0
# compatibility_mode=5121 16777173 100 75 0 14181386 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=465081
# found=4
# cleaned=0
# scan_time=23722
F:\Documents and Settings\Beth\Local Settings\Temp\64c8f4e.msi probably unknown NewHeur_PE virus 00000000000000000000000000000000 I


F:\Documents and Settings\Clare\Local Settings\Temporary Internet Files\Content.IE5\4BSPEZOF\hiphop1[1].htm HTML/ScrInject.B.Gen virus 00000000000000000000000000000000 I
F:\Program Files\Comcast\Security Manager\app\AuthSL.exe probably unknown NewHeur_PE virus 00000000000000000000000000000000 I
F:\Program Files\Common Files\Authentium Shared\sminstalled\smv1.60.428\setup.msi probably unknown NewHeur_PE virus 00000000000000000000000000000000 I




My computer is performing fine now... thank you so much!
stlorey
Active Member
 
Posts: 10
Joined: September 13th, 2010, 2:44 pm
Advertisement
Register to Remove

Re: Internet Hijacker

Unread postby Jack&Jill » September 22nd, 2010, 12:53 am

Hello stlorey :),

Please backup the registry with ERUNT again.

--------------------

Fix with OTL
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click on OTL.exe to run it.
  • Copy and paste the following text into the white box below Custom Scans/Fixes:
    Code: Select all
    :files
    F:\Documents and Settings\Clare\Local Settings\Temporary Internet Files\Content.IE5\4BSPEZOF\hiphop1[1].htm
    F:\Documents and Settings\Beth\Local Settings\Temp\64c8f4e.msi
    
    :reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "AntiVirusDisableNotify"=dword:00000000
    "FirewallDisableNotify"=dword:00000000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
    "DisableMonitoring"=dword:00000000
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
    "DisableMonitoring"=dword:00000000
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall"=dword:00000001
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\support.com\bin\tgcmd.exe"=-
    "C:\Documents and Settings\Owner\Application Data\dumpreport.exe"=-
    
    :commands
    [CREATERESTOREPOINT]
  • Click Run Fix.
  • Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
  • If requested to reboot, please do so. The log file will open after restart.
  • Enable back your security softwares as soon as you completed the OTL fix steps.

--------------------

Please update your Adobe Reader to the latest.
  • Open Adobe Reader.
  • Go to Help on the pull down menu, then select Check for Updates....
  • Continue accordingly and close it when done.

--------------------

Your Java Runtime Environment is outdated. Older versions have security vulnerabilities that can be exploited.

Please update JRE to the latest.
It is important that you uninstall any previous versions by using Add/Remove Programs in your Control Panel before installing a newer version. Please uninstall:

J2SE Runtime Environment 5.0
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 12


  • Go to the Java SE download page. Click here.
  • Look for JDK 6 Update 21 (JDK or JRE). Click the Download JRE button to the right.
  • Select Windows from the drop-down list for Platform.
  • Check I agree to the Java SE Runtime Environment 6u21 with JavaFX 1 License Agreement after reading it, and click Continue >>. The page will refresh.
  • Under the Windows Offline Installation title, click on the link which says jre-6u21-windows-i586.exe and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Then, from your desktop, double click on the download to install the newest version. Reboot your computer.

--------------------

Please post back:
1. the OTL fix log
User avatar
Jack&Jill
MRU Emeritus
MRU Emeritus
 
Posts: 2284
Joined: August 19th, 2008, 5:37 am
Location: South East Asia

Re: Internet Hijacker

Unread postby Wingman » September 25th, 2010, 1:05 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14115
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 17 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware