SysChat

SysChat (http://www.syschat.com/forum.php)
-   Computer Security (http://www.syschat.com/software-support/computer-security/)
-   -   Question Browser Hijack removal desperately needed. (http://www.syschat.com/browser-hijack-removal-desperately-needed-6487.html)

andybambi 12-01-2010 12:27 PM

Browser Hijack removal desperately needed.
 
My girlfriend’s notebook has become infected with a browser hijacker. I’ve tried running antivirus programmes (Avira, Advanced System Care, Malwarebytes' Anti-Malware, Super Spyware Remover) but nothing seems to touch it. I even tried using a different browser but the problem remains. Normally I would just restore the notebook back to factory settings but it was a free gift she received when taking out a new phone contract and didn’t come with a restore disk. I really am at my wits end. Can anybody please help me? I've installed Hijackthis and can proivide a log if required.

Thank you.

Sami 12-01-2010 02:41 PM

Can you attach the hijackthis log file.

andybambi 12-01-2010 03:00 PM

1 Attachment(s)
Hi Sami,

Thanks for replying to my question.

I've attached the file.

Thanks again.

Sami 12-01-2010 09:49 PM

Hi Andy,

Please run the Hijackthis again

and remove these items and restart your computer

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...........

R3 - URLSearchHook: Shareware.Pro-EN Toolbar - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\tbPee2.dll

R3 - URLSearchHook: (no name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - (no file)

O2 - BHO: (no name) - {003FA5B5-2389-45C7-8705-624EB6865785} - C:\WINDOWS\system32\azroles32.dll

O2 - BHO: (no name) - {00716B20-5BBC-46DF-9192-06C942C4AE20} - C:\WINDOWS\system32\azroles32.dll

O2 - BHO: (no name) - {00A87B2F-9C13-4730-A806-9086962A92D6} - C:\WINDOWS\system32\azroles32.dll

O2 - BHO: (no name) - {00E2D641-5BBC-46DF-9192-06C942C4AE20} - C:\WINDOWS\system32\azroles32.dll

O2 - BHO: (no name) - {00E9D207-083F-42C4-BC83-634BF0A1ACDe} - C:\WINDOWS\system32\azroles32.dll

O2 - BHO: (no name) - {01C5AC82-5BBC-46DF-9192-06C942C4AE20} - C:\WINDOWS\system32\azroles32.dll

O2 - BHO: (no name) - {01D3A40E-083F-42C4-BC83-634BF0A1ACDe} - C:\WINDOWS\system32\azroles32.dll

O2 - BHO: (no name) - {038B5904-5BBC-46DF-9192-06C942C4AE20} - C:\WINDOWS\system32\hid32.dll (file missing)

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll

O2 - BHO: Shareware.Pro-EN Toolbar - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\tbPee2.dll

O3 - Toolbar: Shareware.Pro-EN Toolbar - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\tbPee2.dll

andybambi 12-02-2010 04:15 AM

Hi Sami,

I've tried what you have said but my browser still redirects me. Is there anything else I can try?

Kind regards

Sami 12-02-2010 08:44 PM

Try to run Malwarebytes' Anti-Malware in safemode.


All times are GMT -4. The time now is 06:14 AM.


Copyright © 2005-2013 SysChat.com


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54