MY safe zone browser hijacked! goes to fake google

[k.u.r.t]

Windows wont let me delete/overwrite SZ folder.. Folder/File access denied.. Tried running windows explorer as admin still wont let me overwrite the files..

1. Disable avast self protection

[DraKuL]

DraKuL, you can send me the latest minidump (\Windows\Minidump folder) to my email, I'll see if it was already fixed or not.

blue screens are related to drivers... no idea why you had one... not sure if Avast loads drivers for virtualization.

aswSnx.sys

the minidump folder is empty  

[Gopher John]

But how could this lead to SZ redirecting to fake sites? 

And not affect non SZ connections?
[/quote]

Since SafeZone uses a different DNS server than Windows has configured, perhaps the patch now considers it as hijacked.  However, why it would redirect to the wrong (fake) site instead of Windows putting up an alert is weird.

[DraKuL]

Windows wont let me delete/overwrite SZ folder.. Folder/File access denied.. Tried running windows explorer as admin still wont let me overwrite the files..

1. Disable avast self protection

I'm assuming you mean all the real-time shields by self protection which I did.. right click Avast icon on taskbar >> disable all shields

[disPlay]

Open Settings>Troubleshooting>Disable self protection 

[bob3160]

Open Settings>Troubleshooting>Disable self protection 

Or simply do the procedure in Safe Mode.

[DraKuL]

Ok did all the steps and the issue is fixed. However, 30mins ago it was fine too.. I experienced the problem a few hours ago, then after sometime it worked, then again it was redirecting.. So anyway now its fine but not sure if its because of the patch or whether its like what happened earlier..

[disPlay]

Open Settings>Troubleshooting>Disable self protection 

Or simply do the procedure in Safe Mode.

Yeah another quick and easy method.  

[DraKuL]

Ok so I just copy pasted the old files and still it works fine.. So I'm not sure if it was resolved because I patched the files.. Like I said this happens on and off I think..

[pk]

DraKuL, remember that before switching files, you have to click on "Turn Off" button in SafeZone. Please use downloaded version (where mailshell's DNS is disabled), then we can be sure if it's caused by mailshell DNS or somewhere else.

[pk]

Ok so I just copy pasted the old files and still it works fine.. So I'm not sure if it was resolved because I patched the files.. Like I said this happens on and off I think..

DNS records are usualy cached, you can use: "ipconfig /flushdns"

[DraKuL]

DraKuL, remember that before switching files, you have to click on "Turn Off" button in SafeZone. Please use downloaded version (where mailshell's DNS is disabled), then we can be sure if it's caused by mailshell DNS or somewhere else.

Yeah I did that. It works fine. Then I used the old files I had, still works fine.. So I'm not sure whether it was fixed by the patching of files or not..

[DraKuL]

Ok so I just copy pasted the old files and still it works fine.. So I'm not sure if it was resolved because I patched the files.. Like I said this happens on and off I think..

DNS records are usualy cached, you can use: "ipconfig /flushdns"

Sadly I lost the backup files.. I drag and dropped them to the SZ folder, and repatched the new files.. So when I drag and dropped they were moved.. Is it possible to post a link to download the old files for the SZ ?

[pk]

Sadly I lost the backup files.. I drag and dropped them to the SZ folder, and repatched the new files.. So when I drag and dropped they were moved.. Is it possible to post a link to download the old files for the SZ ?

http://public.avast.com/~kurtin/x7_old.zip

[DraKuL]

flushed DNS, patched the old files, SZ works fine..