Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Redirects

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Redirects

Unread postby mimart7 » July 20th, 2011, 11:29 am

========== Files - Modified Within 30 Days ==========

[2011/07/20 07:54:01 | 000,376,189 | ---- | M] () -- C:\Users\Mike\Desktop\MiniToolBox.exe
[2011/07/20 05:36:36 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/20 05:36:36 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/20 05:29:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/20 05:29:10 | 3208,187,904 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/19 16:03:12 | 000,730,384 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/07/19 16:03:12 | 000,626,844 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/07/19 16:03:12 | 000,107,160 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/07/19 15:15:58 | 000,000,000 | ---- | M] () -- C:\Users\Mike\defogger_reenable
[2011/07/19 15:15:02 | 000,050,477 | ---- | M] () -- C:\Users\Mike\Desktop\Defogger.exe
[2011/07/19 13:54:49 | 000,000,662 | ---- | M] () -- C:\Users\Mike\Documents\cc_20110719_135445.reg
[2011/07/19 08:00:32 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2011/07/19 06:21:15 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ICCWDT_01009.Wdf
[2011/07/17 23:11:05 | 000,000,017 | ---- | M] () -- C:\Users\Mike\AppData\Local\resmon.resmoncfg
[2011/07/16 23:20:39 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/07/16 23:09:57 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2011/07/15 08:41:55 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/07/14 10:48:54 | 000,413,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/07/10 13:39:47 | 000,285,280 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\afcdp.sys
[2011/07/10 13:39:45 | 001,263,200 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\tdrpm273.sys
[2011/07/10 13:39:45 | 000,970,336 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys
[2011/07/09 23:58:29 | 000,001,175 | ---- | M] () -- C:\Users\Mike\Documents\gpu.hfm
[2011/07/09 10:15:41 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2011/07/09 07:49:37 | 000,000,611 | ---- | M] () -- C:\Users\Mike\Documents\hfm.hfm
[2011/07/07 07:47:23 | 000,000,578 | ---- | M] () -- C:\Users\Mike\Desktop\fahgpu.lnk
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/07/04 08:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/07/04 08:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011/07/04 08:43:42 | 000,253,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011/07/04 08:43:28 | 2719,589,376 | ---- | M] () -- C:\Users\Mike\Desktop\Fleur Archive Folder Outlook Backup 05-26-11.pst
[2011/07/04 08:36:56 | 000,600,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/07/04 08:36:54 | 000,288,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011/07/04 08:35:28 | 000,045,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011/07/04 08:32:35 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011/07/04 08:32:24 | 000,064,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011/07/04 08:32:14 | 000,022,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011/06/23 17:13:59 | 000,743,066 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/06/23 17:09:54 | 000,002,166 | ---- | M] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung New PC Studio.lnk
[2011/06/23 11:37:43 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011/06/23 11:37:43 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2011/06/23 10:14:42 | 000,277,088 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys
[2011/06/23 10:12:16 | 000,029,929 | ---- | M] () -- C:\Users\Mike\Documents\BKD-7361325773.pdf
[2011/06/22 08:59:45 | 000,229,128 | ---- | M] () -- C:\Windows\hpwins23.dat
[2011/06/20 16:45:04 | 000,000,136 | ---- | M] () -- C:\Windows\SysWow64\cpuz.ini
[2011/06/20 16:45:03 | 001,187,840 | ---- | M] (CPUID) -- C:\Windows\SysWow64\cpuz141.exe
[2011/06/20 14:57:04 | 000,002,893 | ---- | M] () -- C:\Users\Mike\Desktop\HFM.NET.lnk
[2011/06/20 14:30:13 | 000,000,541 | ---- | M] () -- C:\Users\Mike\Desktop\fah6.lnk
[2011/06/20 14:07:38 | 000,001,079 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk
[2011/06/20 14:05:10 | 006,918,144 | ---- | M] () -- C:\Users\Mike\PCPE_3.0.msi
[2011/06/20 13:10:03 | 000,139,106 | ---- | M] () -- C:\Users\Mike\Documents\cc_20110620_130959.reg
[2011/06/20 12:33:01 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2011/06/20 11:03:46 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/06/20 11:03:46 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/20 07:54:00 | 000,376,189 | ---- | C] () -- C:\Users\Mike\Desktop\MiniToolBox.exe
[2011/07/19 15:15:58 | 000,000,000 | ---- | C] () -- C:\Users\Mike\defogger_reenable
[2011/07/19 15:15:33 | 000,050,477 | ---- | C] () -- C:\Users\Mike\Desktop\Defogger.exe
[2011/07/19 13:54:47 | 000,000,662 | ---- | C] () -- C:\Users\Mike\Documents\cc_20110719_135445.reg
[2011/07/19 06:21:15 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ICCWDT_01009.Wdf
[2011/07/17 23:11:05 | 000,000,017 | ---- | C] () -- C:\Users\Mike\AppData\Local\resmon.resmoncfg
[2011/07/17 16:42:41 | 000,074,344 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2011/07/16 23:09:56 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011/07/16 11:15:28 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2011/07/07 08:23:20 | 000,001,175 | ---- | C] () -- C:\Users\Mike\Documents\gpu.hfm
[2011/07/07 07:47:02 | 000,000,578 | ---- | C] () -- C:\Users\Mike\Desktop\fahgpu.lnk
[2011/07/04 08:43:00 | 2719,589,376 | ---- | C] () -- C:\Users\Mike\Desktop\Fleur Archive Folder Outlook Backup 05-26-11.pst
[2011/06/23 17:13:59 | 000,743,066 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/06/23 17:09:54 | 000,002,166 | ---- | C] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung New PC Studio.lnk
[2011/06/23 11:37:37 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011/06/23 11:37:37 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2011/06/23 10:12:16 | 000,029,929 | ---- | C] () -- C:\Users\Mike\Documents\BKD-7361325773.pdf
[2011/06/22 08:58:27 | 000,001,054 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2011/06/22 08:56:30 | 000,229,128 | ---- | C] () -- C:\Windows\hpwins23.dat
[2011/06/22 08:56:30 | 000,002,075 | ---- | C] () -- C:\Windows\hpwmdl23.dat
[2011/06/20 16:45:04 | 000,000,136 | ---- | C] () -- C:\Windows\SysWow64\cpuz.ini
[2011/06/20 14:59:51 | 000,000,611 | ---- | C] () -- C:\Users\Mike\Documents\hfm.hfm
[2011/06/20 14:57:04 | 000,002,893 | ---- | C] () -- C:\Users\Mike\Desktop\HFM.NET.lnk
[2011/06/20 14:30:02 | 000,000,541 | ---- | C] () -- C:\Users\Mike\Desktop\fah6.lnk
[2011/06/20 14:07:38 | 000,001,079 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk
[2011/06/20 14:05:10 | 006,918,144 | ---- | C] () -- C:\Users\Mike\PCPE_3.0.msi
[2011/06/20 13:10:00 | 000,139,106 | ---- | C] () -- C:\Users\Mike\Documents\cc_20110620_130959.reg
[2011/06/20 12:33:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/06/20 11:03:37 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011/06/20 11:03:33 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/06/20 11:01:09 | 3208,187,904 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/20 08:44:15 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011/06/20 08:44:15 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011/06/20 08:14:05 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/06/20 08:10:54 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011/05/24 23:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/05/20 23:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/03/17 13:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/08/27 03:04:14 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/11/13 06:07:24 | 000,002,177 | ---- | C] () -- C:\Windows\P17EP.ini
[2007/12/04 05:20:30 | 000,001,489 | ---- | C] () -- C:\Windows\P17EP51.ini
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2007/06/07 05:25:42 | 000,001,578 | ---- | C] () -- C:\Windows\P17EPLS.ini

========== LOP Check ==========

[2011/07/10 13:39:47 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\131648A8-6D3B-4CCD-B64A-2CA493CBD58F
[2011/07/10 13:39:47 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\2B3D7F9E-25C5-42FD-8B7D-5E219E7B0443
[2011/06/23 10:19:57 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Acronis
[2011/07/12 10:57:15 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Auslogics
[2011/07/07 07:46:25 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Folding@home-gpu
[2011/06/27 13:12:39 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\GlarySoft
[2011/07/20 08:01:34 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\HFM
[2011/06/27 09:28:21 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\IObit
[2011/06/20 16:38:16 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\poclbm
[2011/06/23 17:08:12 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Samsung
[2010/01/01 22:20:00 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\SystemRequirementsLab
[2011/07/16 11:32:25 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\TeamViewer
[2011/06/20 13:21:35 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\WinPatrol
[2009/07/14 01:08:49 | 000,029,130 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2011/06/21 10:55:56 | 000,712,976 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2011/06/21 10:55:56 | 000,712,976 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2011/06/21 10:55:56 | 000,712,976 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2011/06/21 10:55:56 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2011/06/21 10:55:56 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2011/06/21 10:55:56 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2009/07/13 21:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2009/07/13 21:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2009/07/13 21:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2010/11/20 08:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2010/11/20 08:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)

< c:|Fun4IM;true;true;true; /FP >

< c:|Bandoo;true;true;true; /FP >

< c:|Searchqu;true;true;true; /FP >

< c:|iLivid;true;true;true; /FP >

< c:|whitesmoke;true;true;true; /FP >

< c:|sweetIM;true;true;true; /FP >

< |Fun4IM /RS >

< |Bandoo /FP >

< |Searchqu /RS >
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\\: ISearchQueryHelper
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\\: ISearchQueryHelper

< |iLivid /RS >

< |whitesmoke /RS >

< |sweetIM /RS >

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >
mimart7
Active Member
 
Posts: 13
Joined: July 15th, 2011, 10:23 am
Advertisement
Register to Remove

Re: Redirects

Unread postby askey127 » July 20th, 2011, 12:55 pm

mimart7,
If it's in there, we'll find it.
----------------------------------------------
Perform a Custom Fix with OTL
Run OTL (Right click and choose "Run as administrator" in Vista/Win7)
  • Under the Custom Scans/Fixes box at the bottom, paste in the following lines from the Code box:
    Code: Select all
    :processes
    killallprocesses
    
    :Files
    C:\Program Files (x86)\IObit
    C:\Program Files (x86)\Auslogics
    C:\Users\Mike\AppData\Roaming\IObit
    C:\Users\Mike\AppData\Roaming\Auslogics
    :Commands
    [EMPTYTEMP]
    [CREATERESTOREPOINT]
    [Reboot]
    
  • Then click the Run Fix button at the top.
  • Let the program run unhindered and reboot the PC when it is done.
  • We don't need to post the log.
-----------------------------------------------------------
Disable Windows Defender
Open Windows Defender by clicking the Start button, All Programs, and then clicking Windows Defender.
If you don't see it in the Programs List, you can access and start it using the Control Panel.
Start Windows Defender and Click Tools, and then click Options.
Scroll down to the bottom. Under Administrator options, UNcheck the Use Windows Defender check box, and then click Save.
Administrator permission is required. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
-----------------------------------------------------------
DISABLE AVAST
Right click on the avast! icon in system tray (looks like this: Image) and choose (Stop On-Access Protection)
Avast On-Access Protection is now disabled.
Reverse the procedure to re-enable the On-Access Protection.
-------------------------------------------------
Run the ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.
You will, however, need to disable your current installed Anti-Virus. Additional information on how to do it is shown here.

Vista/Windows 7 users: You will need to to right-click on the either the Internet Explorer or FireFox icon in the Start Menu or Quick Launch Bar and select Run as Administrator.

  • Please go here to run the scan.
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Redirects

Unread postby mimart7 » July 20th, 2011, 2:06 pm

Here you go:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=d22ccbbd57bc204eb14c578e1881fce2
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-07-20 05:58:46
# local_time=2011-07-20 01:58:46 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 0 62726567 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=113515
# found=0
# cleaned=0
# scan_time=1609
mimart7
Active Member
 
Posts: 13
Joined: July 15th, 2011, 10:23 am

Re: Redirects

Unread postby askey127 » July 21st, 2011, 7:21 am

mimart7,
I'm not seeing anything malicious on your machine with the tools we are using so far.
Are you still getting redirects?
If so:
Do you get them with all browsers, or just a particular one?
Are any other computers in the house having the same issue?

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Redirects

Unread postby mimart7 » July 21st, 2011, 7:38 am

No, no more redirects. My wife is using a mac, she has no problems. I've also install a plugin for firefox to prevent future redirects. I think my previous actions with combox and your help, I'm good to go. your help is very much appreciated. Thank you. :angel9:
mimart7
Active Member
 
Posts: 13
Joined: July 15th, 2011, 10:23 am

Re: Redirects

Unread postby askey127 » July 21st, 2011, 11:33 am

mimart7,
Good.
If you haven't re-enabled drivers with Defogger, please do so now.
Otherwise it may have disabled something in Steam.

If you open OTL and hit the CleanUp button, it will cleanly remove the tools we used.

Good luck !
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Redirects

Unread postby askey127 » July 22nd, 2011, 3:40 pm

this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 42 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware