Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

FIREFOX redirection problem

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: FIREFOX redirection problem

Unread postby jmw3 » October 3rd, 2009, 3:35 pm

Hi

I'll get back to you in a day or so to report hopefully good news.
OK... no worries. We'll perform the Clean Up procedures then if all goes well.

Update Adobe Reader
Recently there have been vunerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version: Adobe Reader 9.1
You can download it from http://www.adobe.com/products/acrobat/readstep2.html
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed Uncheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Adobe 9 is a large program and if you prefer a smaller program you can get Foxit 3 instead from http://www.foxitsoftware.com/pdf/rd_intro.php
Note: Do not install anything dealing with AskBar... presented as an installation option.

I see that Viewpoint is installed. Viewpoint, Viewpoint Manager, Viewpoint Media Player are Viewpoint components which are installed as a side effect of installing other software, most notably AOL and AOL Instant Messenger (AIM). Viewpoint Manager is responsible for managing and updating Viewpoint Media Player’s components. You can disable this using the Viewpoint Manager Control Panel found in the Windows Control Panel menu. By selecting Disable auto-updating for the Viewpoint Manager -- the player will no longer attempt to check for updates. Anything that is installed without your consent is suspect. Read what Viewpoint says and make your own decision.
To provide a satisfying consumer experience and to operate effectively, the Viewpoint Media Player periodically sends information to servers at Viewpoint. Each installation of the Viewpoint Media Player is identifiable to Viewpoint via a Customer Unique Identifier (CUID), an alphanumeric identifier embedded in the Viewpoint Media Player. The Viewpoint Media Player randomly generates the CUID during installation and uses it to indicate a unique installation of the product. A CUID is never connected to a user's name, email address, or other personal contact information. CUIDs are used for the sole purpose of filtering redundant information. Each of these information exchanges occurs anonymously.

Viewpoint Manager is considered as foistware instead of malware since it is installed without user's approval but doesn't spy or do anything "bad". This may change, read Viewpoint to Plunge Into Adware.
I recommend that you remove the Viewpoint products; however, decide for yourself. To uninstall the the Viewpoint components :
  1. Click Start, point to Settings, and then click Control Panel.
  2. In Control Panel, double-click Add or Remove Programs.
  3. In Add or Remove Programs, highlight Viewpoint Media Player (Remove Only), click Remove.

    How to prevent it from being recreated every time you run the AOL software:
    • Open AOL
    • Go to Help on the toolbar
    • Select About AOL
    • Hit Ctrl D and a secret panel can be accessed which will allow you to disable all desktop and IM features associated with Viewpoint.
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia
Advertisement
Register to Remove

Re: FIREFOX redirection problem

Unread postby alsopb » October 3rd, 2009, 10:33 pm

Time to declare victory!
Uninstalled Viewpoint Manager.
Adobe upgrade next.

Now ready for those clean up instructions.

This 65 year old, who just wants to use the computer for running his ham radio station, storing pix and routine browsing, is grateful for your help. Could never have solved this one myself.

Regards
Brian
alsopb
Regular Member
 
Posts: 18
Joined: September 23rd, 2009, 4:57 am

Re: FIREFOX redirection problem

Unread postby jmw3 » October 4th, 2009, 1:03 am

Hi
Time to declare victory!
Good stuff :thumbup:

Clean Up
Now we need to clear out the programs we've been using to clean up your computer, they are not suitable for general malware removal and could cause damage if used inappropriately.
Remove ComboFix
The following will implement some cleanup procedures as well as reset System Restore points:
Click Start > Run then copy/paste the following bolded text into the Run box and click OK:
ComboFix /u
  • Double-click OTM
  • Click the CleanUp! button
  • Select Yes when the Begin cleanup Process? prompt appears
  • If you are prompted to Reboot during the cleanup, select Yes
  • The tool will delete itself once it finishes, if not delete it yourself
You can delete the following from your desktop:
DDS.scr
The Gmer.exe file (it will be randomly named .exe file)
GooredFix.exe
GooredFix Backups Folder (will be on your desktop)
RootRepeal.zip file
RootRepeal.exe
Any logs that may have been saved to your desktop

If you haven't already done so, open Malwarebytes' Anti-Malware, click Quarantine then Delete All. Close the program.
You can uninstall both the Eset & Kaspersky Online Scanners - you can do this via Add or Remove Programs
You should also remove HijackThis. You can do this by going to C:\Program Files\Trend Micro\HijackThis
  • Double click HijackThis.exe
  • From the Main menu click Open the Misc Tools section
  • Using the scroll bar, scroll down to Uninstall HijackThis
  • Click Uninstall HijackThis & exit then click Yes at the prompt
Just going through your list of installed programs I notice you have some older versions of McAfee installed:
McAfee VirusScan
McAfee VirusScan v4.0.2 (Retail/OEM)

You should really uninstall those if you no longer user them.

All Clean
Congratulations, good work, your system is now clean. Now that your system is safe we would like you to keep it that way.
Take the time to follow these recommendations & it will greatly reduce the risk of further infections and greatly diminish the chances of you having to visit here again.

Create a Clean System Restore Point
Create a new, clean System Restore point which you can use in case of future system problems:
Press Start->All Programs->Accessories->System Tools->System Restore
Select Create a restore point, then Next, type a name like All Clean then press the Create button and once it's done press Close
Now remove old, infected System Restore points:
Next click Start->Run and type cleanmgr in the box and click OK
Ensure the boxes for Temporary Files & Temporary Internet Files are checked. You can choose to check other boxes if you wish but they are not required.
Select the More Options tab, under System Restore click Clean up... and click Yes to the prompt
Click OK and Yes to confirm.

Microsoft Windows Update
Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office products loopholes and fix any bugs found. Install the updates immediately if they are found.
To update Windows
Go to Start > All Programs > Windows Update
To update Office
Open up any Office program.
Go to Help > Check for Updates

Malwarebytes' Anti-Malware
Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is totally free but for real-time protection you will have to pay a small one-time fee.
You can find a tutorial here. Keep it updated & run it regularly.

SpywareBlaster
Download and install Javacools SpywareBlaster from here
SpywareBlaster adds a list of ActiveX controls, tracking cookies and sites which will be blocked in either Internet Explorer or Firefox browsers. You need to manually check for updates regularly.

Download and Install a HOSTS File
A HOSTS file is a big list of bad web sites. The list has a specific format, a specific name, (name is just HOSTS with no file extension), and a specific location. Your machine always looks at that file in that location before connecting to a web site to verify the address. So the HOSTS listing can be used to "short circuit" a request to a bad website by giving it the address of your own machine.

Download BlueTack's HOSTS Manager here, using Internet Explorer (Firefox won't work):
  • A short distance down the page in the centre, click on the Download button
  • Agree to the license
  • On the next page, to the right side of where it says Download Estimates, right click on the underlined word Hosts Manager choose Save Target As and download the installer Hosts20setup.exe to your desktop
  • Double click the Installer on your desktop and let it Install the Hosts Manager
  • After the installation is complete, click on the Hosts Manager icon on your desktop. (You can delete the other Hosts Switch icon from your desktop)
  • When the Hosts Manager comes up, click the small down arrows on the right side of the bar labeled Options and Tools,
  • Click Disable DNS Service. This is important
  • In the Left Pane, click Download
  • It will load 80,000 lines or more. When it finishes, also in the left pane, click Replace, and then click Save
You can use this manager to handle your HOSTS file download, edits, and most any other HOSTS issue.
If you have a separate party firewall or Winpatrol, you may have to give permissions at various times to Unlock the present default HOSTS file and install the new one.

Web of Trust
WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
  • Green to go
  • Yellow for caution
  • Red to stop
WOT has an addon available for both Firefox and Internet Explorer.

Install WinPatrol
Download it here
You can find information about how WinPatrol works here

Read some information here on how to prevent Malware.

Hopefully these steps will help keep your computer clean.

Stand Up and Be Counted ---> Malware Complaints <--- where you can make difference!
The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware.

If there are any other questions then feel free to ask or in future do not hesitate to contact us here at The Malware Removal Forums
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia

Re: FIREFOX redirection problem

Unread postby alsopb » October 4th, 2009, 9:24 am

Thanks very much.

Got rid of most.

Did have some problems.
Cannot remove McAfee Virus scan - trying to remove it from the control panel remove option generates an "installation error".
Cannot remove Mcafee VirusScan V 4.0.2 - generates a "requires a different version of Windows"

These were put on the PC during WIN 98 days. I could not successfully remove them then or now. I don't see any processes running from them. As freeware, McAfee would not answer any questions about how to remove them.

mbam (from Malwarebytes AntiMalware?) appears as a start up item in the msconfig. I don't think I want anything from it running at startup.

One of the problems I have here when running background virus protection programs is that it intefers with timings of some electronics programs which really need close to a real time operating system as possible, e.g. decoding/sending several types of digital modes via ham radio. Right now we are managing OK with AVG installed. Have a concern about adding more background checking type programs. Brute force solution to this was to have a fast pentium 4 CPU. It too can get bogged down.

Last item to do after resolving the above, will be to create a clone of the clean hard drive.

Regards
Brian
alsopb
Regular Member
 
Posts: 18
Joined: September 23rd, 2009, 4:57 am

Re: FIREFOX redirection problem

Unread postby jmw3 » October 4th, 2009, 1:00 pm

Hi
Try this for removing McAfee:
Download the McAfee Removal Tool from Here & save it to your desktop.
  • Double-click on MCPR.exe to start the removal tool
  • After the removal tool finishes, you should be prompted to restart your computer
  • Once the computer restarts, your McAfee product should be uninstalled
  • Open My Computer, double-click on Drive C
  • Double-click on Program Files
  • Look for any McAfee product folders that remain. Right-click on them and choose Delete
Windows Installer Cleanup Utility
Download the Windows Installer Cleanup Utility from here & save it to your Desktop.
  • Double-click msicuu2.exe to install the utility
  • Click Start >> All Programs >> Windows Install Clean Up
  • Once the program is open select:

    McAfee VirusScan
    McAfee VirusScan v4.0.2 (Retail/OEM)


  • Any other entry relating to software applications no longer installed
  • Click Remove, then click OK
  • Reboot your computer
mbam (from Malwarebytes AntiMalware?) appears as a start up item in the msconfig. I don't think I want anything from it running at startup.
That's fine. You can disable it if you like.

Everything else were just recommendations to help keep your computer secure... up to you whether you want to apply them or not :)

Last item to do after resolving the above, will be to create a clone of the clean hard drive.
:thumbup:
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia

Re: FIREFOX redirection problem

Unread postby alsopb » October 4th, 2009, 3:01 pm

Thanks this takes care of 98% of the browsing problems.

There are apparently still links with troublesome junk trying to be loaded. The text loads fine but the something in the other junk causes FIREFOX to fail.

Here is a link which does it consistently.

http://www.wral.com/news/local/wral_investigates/story/6116191/

Anyhow good enough. Thanks guys.

Brian
alsopb
Regular Member
 
Posts: 18
Joined: September 23rd, 2009, 4:57 am

Re: FIREFOX redirection problem

Unread postby jmw3 » October 4th, 2009, 8:30 pm

Hello Brian

May be a problem with an add-on in Firefox. Try disabling any add-ons you may have & see if the problem persists. If it doesn't then you can narrow down the problem by re-enabling the add-ons one at a time until you find the culprit.
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia

Re: FIREFOX redirection problem

Unread postby alsopb » October 5th, 2009, 8:23 am

The only add ons present are:
Extensions AVG Safe Search 8.5.x
AVG security task bar 2.6.x (a pain in the butt)

While there may be something in these. It seems unlikely.

The plugins are:
Adobe Acrobat 9.1
Google updater 2.4
Java deployment Toolkit 6.0.x
Java Platform SE 6.0.x
Microsoft DRM (DRM Netscape Network Object) 9.0
Microsoft DRM (DRM Store Netscape Plugin) 9.0
Mozella Default plugin 1.0.x
Picassa 3.1
Quicktime 6.4
Shockwave Flash 9.0
Windows Media Player DLL 3.0.X

Am puzzled by the two NETSCAPE plugins.
Yes I have Netscape 9.0 installed as the backup browser.
But why should FIREFOX need anything related to NS?

I'll disable the netscape stuff and see what happens. Any others look suspect?
alsopb
Regular Member
 
Posts: 18
Joined: September 23rd, 2009, 4:57 am

Re: FIREFOX redirection problem

Unread postby jmw3 » October 5th, 2009, 12:28 pm

Do you have the lateste versions of the two Java entries? They are the only ones I could see that may be an issue.
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia

Re: FIREFOX redirection problem

Unread postby alsopb » October 6th, 2009, 7:33 pm

Yes, latest versions of JAVA.
Tonight AVG did an automatic update. It flagged the installation file for FIREFOX 3.5.3 to have the BANLOAD.APJF virus.

Going back to version 3.5.1 (which the wife's computer has been using) appears to have completely solved this problem. A scan of it with AVG showed it to be virus free.

I tried additional downloads for 3.5.3 from the FIREFOX webpage. AVG now sent them all to the quarantee bin.

I'd alert the FIREFOX people but they are so insulated from their users that it is impossible.

I sure wish I'd tried this simple solution first.
alsopb
Regular Member
 
Posts: 18
Joined: September 23rd, 2009, 4:57 am

Re: FIREFOX redirection problem

Unread postby jmw3 » October 6th, 2009, 10:26 pm

Hello Brian

Appears that is a False Positive - http://support.mozilla.com/tr/forum/1/466278

Any other issues? If not I think we can wrap this one up.
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia

Re: FIREFOX redirection problem

Unread postby Carolyn » October 8th, 2009, 12:36 pm

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 479 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware