Computer Forums - View Single Post - Browser keeps getting hijacked please help

Formerly the latter · 05-10-2008, 10:38 PM

Hello Shadow Rider,

This is a real hard one to read. We will try and remove some of the malware from that computer. I am seeing some CoolWebSearch.

Let's go ahead and start removing some of that junk.

Step1

You have a CoolWebSearch infection.

Download CWShredder here to its own folder.

Update CWShredder

* Open CWShredder and click I AGREE
* Click Check For Update
* Close CWShredder

Boot into Safe Mode:
Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.

Now run CWShredder. Click I Agree, then Fix and then Next, let it fix everything it asks about. Reboot your computer into normal windows.

Step2

Download ComboFix from Here or Here to your Desktop.
Read first: "How to download and use ComboFix"
If you downloaded ComboFix previously, delete that version and download it again as the tool is frequently updated!

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

Double click combofix.exe and follow the prompts.
When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply
Be sure to re-enable your anti-virus and other security programs, after ComboFix finished.

Note: Do not mouseclick combofix's window while its running. That may cause it to stall.

Extra-Note: Please, DO NOT use ComboFix on your own. It is a very powerful tool designed to deal with sophisticated infections and if something goes wrong or you use it incorrectly, you could possibly lose the use of your computer. It is ONLY meant to be used under the direct supervision of a malware removal specialist. Please read Combofix's Disclaimer

Logs Required In Next Post
-----------------------------

Hijackthis Log (Rename HJT to Shadow before Running)
ComboFix Log

05-10-2008, 10:38 PM	#2 (permalink)
Formerly the latter Super Techie Join Date: Aug 2007 Posts: 457	Re: Browser keeps getting hijacked please help Hello Shadow Rider, This is a real hard one to read. We will try and remove some of the malware from that computer. I am seeing some CoolWebSearch. Let's go ahead and start removing some of that junk. Step1 You have a CoolWebSearch infection. Download CWShredder here to its own folder. Update CWShredder * Open CWShredder and click I AGREE * Click Check For Update * Close CWShredder Boot into Safe Mode: Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode. Now run CWShredder. Click I Agree, then Fix and then Next, let it fix everything it asks about. Reboot your computer into normal windows. Step2 Download ComboFix from Here or Here to your Desktop. Read first: "How to download and use ComboFix" If you downloaded ComboFix previously, delete that version and download it again as the tool is frequently updated! Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Click on this link* to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.* Double click combofix.exe and follow the prompts. When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply Be sure to re-enable your anti-virus and other security programs, after ComboFix finished. Note: Do not mouseclick combofix's window while its running. That may cause it to stall. Extra-Note: Please, DO NOT use ComboFix on your own. It is a very powerful tool designed to deal with sophisticated infections and if something goes wrong or you use it incorrectly, you could possibly lose the use of your computer. It is ONLY meant to be used under the direct supervision of a malware removal specialist. Please read Combofix's Disclaimer Logs Required In Next Post ----------------------------- Hijackthis Log (Rename HJT to Shadow before Running) ComboFix Log Last edited by Formerly the latter; 05-10-2008 at 11:02 PM.