Endpoint Protection

 View Only
  • 1.  HELP PLEASE - Google redirect; IE downgraded; email hijacked

    Posted Jan 11, 2013 05:45 PM

    Dec. 6, my email was hijacked. Several of my folders disappeared and although I think they are on my computer, I can't get to them.

    This happened at the same time that I found a Google redirect on my G+ page. If I go to my G+ page, https://plus.google.com/u/0/108990336060003345586#101969579025737871617/posts/, I can watch it redirect. I checked the certificates and I see the final one which is the bad one. I also checked the  properties of the page and can see the redirect information, but I can't figure out how to undo it. The hacker took over as admin.

    This also affected my IE8. My computer thinks I am now using IE7 again. This causes problems for my blog. It has also changed my Twitter account to mobile because it says I need to update my browser.

    I have spent weeks on this, trying to fix it so I can get back to giving things away on my blog. I am afraid since I am not sure if it will affect others or not.

     

    Any help is appreciated.



  • 2.  RE: HELP PLEASE - Google redirect; IE downgraded; email hijacked

    Posted Jan 11, 2013 05:47 PM

    Flush your DNS cache. Also check your HOSTS file to ensure there are no malicious entries.

    Check similar thread here:

    https://www-secure.symantec.com/connect/forums/popup-and-redirect-virus

    https://www-secure.symantec.com/connect/forums/web-browser-re-direct-please-help

     



  • 3.  RE: HELP PLEASE - Google redirect; IE downgraded; email hijacked

    Posted Jan 11, 2013 10:33 PM

     

    Was the Symantec Installed on these machines, which are infected?

    If yes, what Threat is being detected by Symantec?

    If not, there are useful some tools that are provided by Symantec for help with finding those hard to detect threats.

    1.       The Power Eraser Tool eliminates deeply embedded and difficult to remove threats that traditional virus scanning doesn't always detect.

    2. The SERT (Symantec Endpoint Recovery Tool)is useful in situations where computers are too heavily infected for the Symantec Endpoint Protection client installed upon them to clean effectively.

    3. The Load point Analysis Tool generates a detailed report of the programs loaded on your system. It is helpful in listing common loadpoints where threats can live.

    Rapid Release Virus Definitions –

    http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=rr

    Power Eraser tool –

    http://security.symantec.com/nbrt/npe.asp?lcid=1033&origin=default

    How To Use the Symantec Endpoint Recovery Tool with the Latest Virus Definitionshttp://www.symantec.com/business/support/index?page=content&id=TECH131732&locale=en_US

    Support Tool with Power Eraser Tool included –

    http://www.symantec.com/business/support/index?page=content&id=TECH105414&locale=en_US

    How to use the Load Point Analysis within the Symantec Support Tool to help locate suspicious files http://www.symantec.com/business/support/index?page=content&id=TECH141402

    If you are unable to remove the threat(s) from your systems, please submit the suspected files to Symantec or ThreatExpert for analysis. New signatures will be created and included in future definition sets for detection.

    http://www.symantec.com/business/security_response/submitsamples.jsp

    http://www.threatexpert.com/submit.aspx



  • 4.  RE: HELP PLEASE - Google redirect; IE downgraded; email hijacked

    Posted Jan 15, 2013 05:04 AM

    hmm what AV version are you using?

    You'll need to find the infection/key logger at your PC.... try check using SEP Support Tool for any suspicious files...

     

    Follow above links by Ashish