| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 114719 | 2010-12-14 21:37:00 | SLIzone page hijacking Firefox on boot up | linzi (13473) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1161688 | 2010-12-14 21:37:00 | As soon as I boot up my Firefox opens showing the following page. www.slizone.com I have never ever visited this site.. until now. I don't want to keep visiting it every morning. I have deleted a prog, which must have installed itself, in Add/remove programmes, I have checked the registry for any references to SLIzone, I have run Spybot and AdAware. Now what? I prefer a blank page for my browser startup, as I dont have to wait for it to load. |
linzi (13473) | ||
| 1161689 | 2010-12-14 21:45:00 | Suggest you post a Hijack This log and ask Speedy nicely if he can have a look at it for you. download.cnet.com |
SP8's (9836) | ||
| 1161690 | 2010-12-14 21:46:00 | start firefox in safemode, see if it opens that page open it. | GameJunkie (72) | ||
| 1161691 | 2010-12-14 21:49:00 | This will fix it.You will have to download it using a thumb drive on another computer and then run it on yours . Please download Malwarebytes' Anti-Malware from one of these places: Majorgeeks (www.majorgeeks.com) or Besttechie (www.besttechie.net) Double Click mbam-setup.exe to install the application. * Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select "Perform Quick Scan", then click Scan. * The scan may take some time to finish,so please be patient. * When the scan is complete, click OK, then Show Results to view the results. * Make sure that everything is checked, and click Remove Selected. * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.Do so. * The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. * Copy&Paste the entire report in your next reply. |
Pancake (6359) | ||
| 1161692 | 2010-12-14 22:25:00 | Here is the entire report as requested, pleased to have the items mentioned deleted BUT the problem still exists, and happened again on reboot. ----------------------------------------------------------- Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Database version: 5314 Windows 5.1.2600 Service Pack 2 Internet Explorer 7.0.5730.11 15/12/2010 11:16:55 a.m. mbam-log-2010-12-15 (11-16-55).txt Scan type: Quick scan Objects scanned: 145654 Time elapsed: 7 minute(s), 17 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 0 Registry Data Items Infected: 2 Folders Infected: 3 Files Infected: 6 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\Advanced\Start_ShowControlPanel (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\Advanced\Start_ShowMyDocs (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. Folders Infected: c:\documents and settings\Pamc\application data\registrysmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully. c:\documents and settings\Pamc\application data\registrysmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. c:\documents and settings\Pamc\application data\registrysmart\registry backups (Rogue.RegistrySmart) -> Quarantined and deleted successfully. Files Infected: c:\downloads\dispwd.dll (PUP.PSWTool.Asterisk) -> Quarantined and deleted successfully. c:\WINDOWS\system32\asteriskie.exe (PUP.PSWTool.Asterisk) -> Quarantined and deleted successfully. c:\WINDOWS\casino1.ini (Malware.Trace) -> Quarantined and deleted successfully. c:\documents and settings\Pamc\application data\registrysmart\Errors.stg (Rogue.RegistrySmart) -> Quarantined and deleted successfully. c:\documents and settings\Pamc\application data\registrysmart\Results.stg (Rogue.RegistrySmart) -> Quarantined and deleted successfully. c:\documents and settings\Pamc\application data\registrysmart\registry backups\2007-06-03_22-20-28.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully. |
linzi (13473) | ||
| 1161693 | 2010-12-14 22:31:00 | Looks as if its fixed....you should be fine now. | Pancake (6359) | ||
| 1161694 | 2010-12-14 22:39:00 | Sp8s Where do I post the hijack log please? I have created it. | linzi (13473) | ||
| 1161695 | 2010-12-14 22:47:00 | Pancake BUT................. but, but, but, but................. It isn't fixed. I rebooted and exactly the same thing happened. |
linzi (13473) | ||
| 1161696 | 2010-12-14 23:06:00 | Turn off system restore and run Pancakes stuff again as it will be hiding in the restore, once you have done that you can turn system restore back on | gary67 (56) | ||
| 1161697 | 2010-12-15 02:06:00 | I turned off system restore and ran a full in depth scan a la Pancake and still nothing. Rebooted, and Firezone still starting on auto and hijack page still coming up. Full scan as follows Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Database version: 5314 Windows 5.1.2600 Service Pack 2 Internet Explorer 7.0.5730.11 15/12/2010 2:33:57 p.m. mbam-log-2010-12-15 (14-33-57).txt Scan type: Full scan (C:\|E:\|G:\|) Objects scanned: 357689 Time elapsed: 1 hour(s), 34 minute(s), 33 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) |
linzi (13473) | ||
| 1 2 3 | |||||