Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Browser Redirect

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Browser Redirect

Unread postby sternapple » July 17th, 2012, 6:23 pm

I don't seem to be, no.
sternapple
Regular Member
 
Posts: 24
Joined: July 11th, 2012, 8:05 pm
Advertisement
Register to Remove

Re: Browser Redirect

Unread postby melboy » July 17th, 2012, 6:37 pm

Can I just clarify then - Did the redirects stop after the OTL script, and before you disabled the 3 extensions?
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Browser Redirect

Unread postby sternapple » July 17th, 2012, 6:38 pm

Seems to have. I haven't had any redirects for a bit.
sternapple
Regular Member
 
Posts: 24
Joined: July 11th, 2012, 8:05 pm

Re: Browser Redirect

Unread postby melboy » July 17th, 2012, 6:51 pm

Good. :thumbleft:

Re-enable those extensions then if you had disabled them.


Uninstall Programs

  • click on start
  • Click on control panel
  • Double click the icon add/remove programs
  • click on the programbelow and click Remove
McAfee Security Scan


Java Runtime

You have an old version of Java installed. Oracle's Java (Was Sun Java) is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program up to date, and also remove the older more vulnerable versions from your system. The most current version of Oracle Java is:
Java Runtime Environment Version 7 Update 5.

  • Uninstall all old versions of Java via Start > Control Panel > Add/Remove Programs:
    Java(TM) 6 Update 30


OTL Script

We need to run an OTL Fix

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Image textbox. Do not include the word Code
    Code: Select all
    :files
    ipconfig /flushdns /c
    
    :commands
    [CLEARALLRESTOREPOINTS]
    [REBOOT]
    
  • Then click the Run Fix button at the top.
  • Click Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Browser Redirect

Unread postby sternapple » July 17th, 2012, 7:20 pm

I took the steps above but after the reboot I did not get a log file.
sternapple
Regular Member
 
Posts: 24
Joined: July 11th, 2012, 8:05 pm

Re: Browser Redirect

Unread postby melboy » July 18th, 2012, 2:14 am

Hi

Navigate to the folder C:\_OTL\MovedFiles

There should be the OTL logs in chronological order:

EG: C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log

Hows the computer running?
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Browser Redirect

Unread postby sternapple » July 18th, 2012, 12:23 pm

Aha! thank you. Computer seems to be running well. I've been surfing around with no redirects or Norton warnings.


========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Jessica\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\Jessica\My Documents\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.54.0 log created on 07172012_160854
sternapple
Regular Member
 
Posts: 24
Joined: July 11th, 2012, 8:05 pm

Re: Browser Redirect

Unread postby melboy » July 18th, 2012, 12:32 pm

Excellent news - Well done! :thumbright:

Give me one last scan with MBAM - It should be a lot quicker this time as OTL cleaned out a good couple of GB of temporary files. All being well it should just about conclude things for us.


Malwarebytes' Anti-Malware (MBAM)

As you have Malwarebytes' Anti-Malware installed on your computer. Could you please do a scan using these settings:

  • Open Malwarebytes' Anti-Malware
  • Select the Update tab
  • Click Check for Updates
  • After the update have been completed, Select the Scanner tab.
  • Select Perform Quick scan, then click on Scan
  • When done, you will be prompted. Click OK. If Items are found, then click on Show Results
  • Check all items then click on Remove Selected
  • After it has removed the items, Notepad will open. Please post this log in your next reply.

    The log can also be found here:
    1. C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
    2. Or via the Logs tab when the application is started.

Note: MBAM may ask to reboot your computer so it can continue with the removal process, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Browser Redirect

Unread postby sternapple » July 18th, 2012, 12:54 pm

When the scan finished, it notified me that no malicious items were found. Log:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.18.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Jessica :: CROW [administrator]

7/18/2012 9:41:35 AM
mbam-log-2012-07-18 (09-41-35).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 371229
Time elapsed: 11 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
sternapple
Regular Member
 
Posts: 24
Joined: July 11th, 2012, 8:05 pm

Re: Browser Redirect

Unread postby melboy » July 18th, 2012, 12:59 pm

Your log now appears to be clean. Congratulations!
This is my general post for when your logs show no more signs of malware ;) - Please let me know if you still are having problems with your computer and what these problems are. If not, please continue with the instructions below.


OTL by OldTimer

  • Double-click OTL.exe
  • Click the CleanUp! button
  • Select Yes when the Begin cleanup Process? Prompt appears
  • If you are prompted to Reboot during the cleanup, select Yes
  • The tool will delete itself once it finishes, if not delete it by yourself


==================================================


General Security and Computer Health
Below are some steps to follow in order to dramatically lower the chances of reinfection. You may have already implemented some of the steps below, however you should follow any steps that you have not already implemented.

  • Make sure that you keep your antivirus updated
    New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.
    Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.
    Uninstall Tools for Major Antivirus Products
  • Security Updates for Windows, Internet Explorer & Microsoft Office
    Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malicious software being installed on your PC. Ensure you are registered for Windows updates via Start > right-click on My Computer > Properties > Automatic Updates tab or visit the Microsoft Update site on a regular basis.
    Note: The update process uses ActiveX, so you will need to use internet explorer for it and allow the ActiveX control to install.
  • Update Non-Microsoft Programs
    Microsoft isn't the only company whose products can contain security vulnerabilities. To check whether other programs running on your PC are in need of an update, you can use the Secunia Software Inspector - I suggest that you run it at least once a month.
  • Make Internet Explorer More Secure
    Even if you do not use Internet Explorer as you Primary/Default browser it is important to keep it updated. Internet Explorer can be utilised by other programs and therefore must be kept updated to avoid exploitable vulnerabilities.


Recommended Programs

I would recommend the download and installation of some or all of the following programs (if not already present), and the updating of them on a regular basis.

  • WinPatrol
    As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. For more information, please visit HERE.
  • Malwarebytes' Anti-Malware
    As you already have Malwarebytes' Anti-Malware on board I would keep it regularly updated and run regular quick scans with it. Malwarebytes' Anti-Malware is an anti-malware application that can thoroughly remove even the most advanced malware. The Full version can be used as an addition to an anti-virus & includes a number of features, including a built in protection monitor that blocks malicious processes before they even start. It's IP Protection provides an additional layer of security for your computer, by preventing access to known malicious IP addresses and IP ranges.You can now trial the full versions features within the program. Click the Protection Tab to see.
  • Hosts File
    For added protection you may also like to add a host file. A simple explanation of what a Hosts file does is HERE and for more information regarding host files read HERE.


Finally I am trying to make one point very clear. It is absolutely essential to keep all of your security programs and other applications & programs up to date.

Also please read this great article by Tony Klein So How Did I Get Infected In First Place

I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.

Happy surfing and stay clean!
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Browser Redirect

Unread postby sternapple » July 18th, 2012, 1:22 pm

Thank you very much! I am very grateful for all your assistance. I will read through the items in your final post and try to be a bit more careful. Kind regards, Jessica
sternapple
Regular Member
 
Posts: 24
Joined: July 11th, 2012, 8:05 pm

Re: Browser Redirect

Unread postby melboy » July 18th, 2012, 1:40 pm

You're most welcome, Jessica. :)
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Browser Redirect

Unread postby NonSuch » July 18th, 2012, 2:51 pm

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 122 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware