Hi jack this log file, please help.Browser hijack.

Hi there, can anyone help me please? My browser has been hijacked and I keep getting redirected to"adarson.com". In internet options my homepage is greyed out so I can't change it. I have included my logfile from Hijack this.

Thanks.

Inline log converted to attachment

 

Welcome to MajorGeeks!

You have a few issues that need to be addressed. Using things like key generators usually come with a price (malware). For example from your log: C:\Program Files\winupdates\nero_keygen.exe

Start with the below and be sure to provide the requested feedback. Chaslang or Shadow_Puter_Dude will be along to assist you further once you provide the logs.


- Please run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

Make sure you check version numbers and get all updates.

After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

You currently have Hijack This here: C:\DOCUME~1\HENRYT~1\LOCALS~1\Temp\Rar$EX00.328\HijackThis.exe so please be sure to install it properly per the instructions so the backups are in a safe location.


Downloading, Installing, and Running HijackThis


When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)

• Bitdefender
• Panda Scan
• HijackThis

Good Luck!

 

I have done all you said and it is still present. I could'nt get Bitdefender to work and Panda came uyp with no problems.

I have attached my Hijack this file.

 

Your HJT log says different. If you completed the Panda scan there would be an entry in your log for it, the same for BitDefender.

Please explain the difficulties you indicate you had with BitDefender. Did you get an error message? etc. Are you trying to run the scans in safe mode with networking or from normal boot mode? Please be specific so we can resolve it and you can run the scan. HJT is NOT a 'cure all' malware removal tool as many seem to think. There are many things these online scans pick up that HJT doesn't see at all so it is crucial they be done if you want to rid your computer of malware.

I don't see where you have SpyBot Search and Destroy installed per step 4 which may be because it appears that you either ran HJT from safe mode or you edited the running processes. HJT is to be run from normal boot mode per the instructions given here: Downloading, Installing, and Running HijackThis

You also still have not installed HJT as I pointed out you needed to in my previous reply to you. You still have it here: C:\DOCUME~1\HENRYT~1\LOCALS~1\Temp\Rar$EX01.859\HijackThis.exe We will be asking you to remove entries with HJT and these entries are backed up by default. If there is a problem and they need to be restored HJT needs to be in a permanent location such as C:\Program Files\Hijack This, not running it from a temporary location like you are now where backups are easily lost or unable to be created at all. This is for your own protection.

 

I think I have now done what you wanted.

Bdscan is attached as is a new HJT.

Panda would not finish the scan it made internet explorer shut down,

Thanks for your help so far.

 

I have attached my HJT file for you. It all seems to be ok. I guess all I need to do now is system restore?

Many thanks.