Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Malware virus affecting search engines. being redirected

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Malware virus affecting search engines. being redirected

Unread postby mattem99 » May 23rd, 2011, 2:39 pm

Wingman,

Sorry I thought I replied to this earlier. Must have no hit the submit button.

1.) No problems
2.)

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6427
# api_version=3.0.2
# EOSSerial=1c974b1748e58442a0e5303031708f34
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-05-23 02:26:52
# local_time=2011-05-23 10:26:52 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=512 16777215 100 0 159065 159065 0 0
# compatibility_mode=5121 16777213 100 75 0 35311965 0 0
# compatibility_mode=5893 16776574 66 85 57686378 57701295 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=192263
# found=1
# cleaned=0
# scan_time=2967
C:\Users\Matt\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\60d9c47e-5df84322 a variant of Java/TrojanDownloader.OpenStream.NBV trojan (unable to clean) 00000000000000000000000000000000 I

3. Still being redirected

Thanks again,
Matt
mattem99
Active Member
 
Posts: 10
Joined: May 12th, 2011, 3:20 pm
Advertisement
Register to Remove

Re: Malware virus affecting search engines. being redirected

Unread postby Wingman » May 23rd, 2011, 2:46 pm

Youdid submit the last time...

I asked you to perform several steps... and a re-run of ESET with a change to the instructions. You posted the same ESET scan results as before.

Did you run the other steps in my previous post?
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14347
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA

Re: Malware virus affecting search engines. being redirected

Unread postby mattem99 » May 23rd, 2011, 10:26 pm

Sorry about that mix up

1.) No problems
2.) New Log

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6427
# api_version=3.0.2
# EOSSerial=1c974b1748e58442a0e5303031708f34
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-05-23 02:26:52
# local_time=2011-05-23 10:26:52 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=512 16777215 100 0 159065 159065 0 0
# compatibility_mode=5121 16777213 100 75 0 35311965 0 0
# compatibility_mode=5893 16776574 66 85 57686378 57701295 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=192263
# found=1
# cleaned=0
# scan_time=2967
C:\Users\Matt\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\60d9c47e-5df84322 a variant of Java/TrojanDownloader.OpenStream.NBV trojan (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6427
# api_version=3.0.2
# EOSSerial=1c974b1748e58442a0e5303031708f34
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-05-24 01:10:31
# local_time=2011-05-23 09:10:31 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=512 16777215 100 0 198127 198127 0 0
# compatibility_mode=5121 16777213 100 75 0 35351027 0 0
# compatibility_mode=5893 16776574 66 85 57725440 57740357 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=189931
# found=0
# cleaned=0
# scan_time=2524


3.) Still receiving messages like

302 moved- when using google toolbar.
This Connection is Untrusted - using my Gmail shortcut
www.google.com did a search and was able to proceed to the links that were provided.

Thanks,
Matt
mattem99
Active Member
 
Posts: 10
Joined: May 12th, 2011, 3:20 pm

Re: Malware virus affecting search engines. being redirected

Unread postby Wingman » May 24th, 2011, 10:01 am

Hello matt,
Thanks for staying with me. I want to run a different scanner, see if it shows me any additional information.

Please explain a little more about using your Gmail shortcut and getting the 302 error as a result. What are you attempting to do via the Gmail account?

Please do not make any changes to your system: do not add or remove any software, run any scans or "fix" programs and/or remove any files unless instructed to do so, by me. Please read these instructions carefully before executing and then perform the steps, in the order given. If you have any questions or problems, executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Step 1.
Create a System Restore Point - W7

  1. Go to Start > Control Panel... click the System icon in the Control Panel.
  2. In the left pane click on System Protection.
  3. When the Dialog comes up, click on theSystem protection tab.
  4. Check that the drive letter where Windows is located (usually C:) indicates System protection ON.
    (This indicates System restore is turned ON for the Windows drive).
  5. Click the Create button to create a new restore point. In the Name dialog, type a descriptive name... then click Create.
  6. You will get a message that the Restore Point was created successfully. Click Close.
  7. Click OK and close the System window in the Control Panel.
    < STOP > If you did not successfully complete this step. < STOP > Do not continue with any other steps, post back and let me know!

Step 2
OTL
Please download OTL ... by Old Timer . Save it to your Desktop.
  1. Right click on OTL.exe select "Run As Administrator" to run it. If prompted by UAC, please allow it.
  2. Under Output, ensure that Minimal Output is selected.
  3. Click the Scan All Users checkbox.
    Leave the remaining selections to the default settings.
  4. Click on Run Scan at the top left hand corner.
  5. When done, two Notepad files will open.
    • OTListIt.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  6. Please post the contents of both OTListIt.txt and Extras.txt files in your next reply.

Step 3.
Please include in your next reply:
  1. Any problem executing the instructions?
  2. OTListit.txt file contents.
  3. Extras.txt file contents.
  4. How is the computer behaving?
Thanks,
Wingman
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14347
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA

Re: Malware virus affecting search engines. being redirected

Unread postby Wingman » May 28th, 2011, 6:41 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14347
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 121 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware