Jump to content

Change Mode

Help - Unremovable redirection virus in my browsers


Recommended Posts

The computer I'm talking about is the same one we've been working on all along. The problem I was having was the one I mentioned earlier: I had list the functionality of my mouse and keyboard. My post of 9 July 2013 - 01:06 PM in which I said my system was operating normally proved to be a mistaken diagnosis.


Once again I lost keyboard and mouse functionality and could only use the computer in safe mode. My AVG security suite was also throwing out messages that my license was invalid. So I contacted the company that had installed the suite and asked them to check what was happening with the AVG security suite and and if this was connected with the loss of mouse and keyboard functionality. Eventually their technician told me he had solved the problem. Fine I thought.


Then on Saturday when I went to run the ComboFix program you asked me to run in your e-mail dated Friday,July 19,2013, 12:18 PM I couldn't find any panel/icon for turning off my AVG Security Suite. I had to wait until Monday before I could contact the technicians at the company that had supplied me with AVG.


To my shock and horror they had solved the conflicts that AVG was having with other software by uninstalling AVG. So I've no idea what got onto my system over the weekend when I was browsing the Internet with on firewall or malware protection. After much complaining and more work by my tech "wizards" AVG was reinstalled, conflicts with other software resolved and my system has been running without a problem since Monday afternoon (as I said I was out virtually all day yesterday at a funeral).


With my system seemingly back to normal, I ran ComboFix with text you included in your e-mail dated Friday,July 19,2013, 12:18 PM. I ran it with AVG turned off. I'm also no longer getting any messages about Microsoft Security Essentials being active.


As previously stated I included the output from the this morning's ComboFix run in my last post.


I hope this answers all your questions.


My thanks for all your help so far. I very much appreciate it.



Link to comment
Share on other sites

I don't think so. I was on the internet last night and I've been using it intermittently all day today.


I suspect the redirection virus has gone. When it was present, it had disabled the ability of my mouse to highlight text in the Google search box. I can do that now without a problem.


I've fallen prey to too many false hopes with this virus to be convinced it's not lurking somewhere on my computer waiting for something to activate it. But as I said since Tuesday evening I've not been redirected once.


Are there any programs I should run to do some final checks for it?


If it really has gone thank you so much for our help.


Have a great night, and thanks again for your help

Link to comment
Share on other sites

Give malwarebytes a run. It's a good program to have and deals with many redirectors.


Please download Malwarebytes' Anti-Malware to your desktop.

  • [*]Double-click
mbam-setup.exe and follow the prompts to install the program. [*]At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. [*]If an update is found, it will download and install the latest version. [*]Once the program has loaded, select Perform quick scan, then click Scan. [*]When the scan is complete, click OK, then Show Results to view the results. [*]Be sure that everything is checked, and click Remove Selected. [*]When completed, a log will open in Notepad. Please save it to a convenient location and post the results. [*]Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot (shut down your computer then restart it).


Link to comment
Share on other sites



I actually have a copy of purchased copy of malwarebytes. I've not been using it since I've switched to AVG.


Anyway I activated MalwareBytes, updated it and ran a quick scan. The quick scan found no malicious objects. I'll run a deep scan overnight just to make sure nothing was missed.


Would you suggest running Malwarebytes in conjunction with AVG or just relying with AVG? My understanding is that the conventional wisdom is that it's best to rely on just one security suite as multiple security suites can clash and lower overall protection. For now I'm going to deactivate Malwarebytes.


I've also not experienced any re-directions whilst in FireFox. Looks like it's gone. Just to make sure would it be a good idea to open Chrome and Internet Explorer and see what happens with these browsers?


Here is the Malwarebyte report:


Malwarebytes Anti-Malware (PRO) version: v2013.07.26.03Windows XP Service Pack 3 x86 NTFSInternet Explorer 8.0.6001.18702GAK :: YOUR-BAE951A73C [administrator]Protection: Disabled7/26/2013 9:40:43 AMmbam-log-2013-07-26 (09-40-43).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2PScan options disabled:Objects scanned: 546365Time elapsed: 11 minute(s), 40 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end)

Link to comment
Share on other sites

Personally I'm not a fan of security suites... but you are correct that you only want one of each type running real time.

  • One Anti-Virus
  • One Anti-spyware/malware
  • One firewall.

If you were just running AVG's anti-Virus... then I would suggest you run Malwarebytes. The anti-spyware/malware products are much less "touchy" than the anti-virus programs and some of them will play nice with each other... for example: Spybot and Adaware both run fine with Mbam... but I have no experience with the AVG suite.


Yes... go ahead and give your other browsers a test drive. If all is well we will do some housekeeping and let you go on your way.

Link to comment
Share on other sites



The computer seems fine now. I'm not getting redirected anymore in any of the browsers. I ran a full Malwarebytes scan yesterday and failed to find any malware.


Looks like we're ready to clean up.


What do you suggest?


Have a great night and thanks for all your help.

Link to comment
Share on other sites

Time for some housekeeping

  • [*]Click
START then RUN [*] [*]Now type ComboFix /Uninstall in the runbox and click OK. [*]Note the space between the X and the U, it needs to be there. [*]Posted Image

The above procedure will:

  • [*]Implement some cleanup procedures. [*]Reset System Restore.




  • [*]Double click on
OTL to run it. [*]Click on CleanUp! [*]When done, you will be prompted to restart your computer. Please restart your computer.


Please re-enable any security that was disabled.


The following is my standard advice for the future. Use what you can and pat yourself on the back for what you're already doing.

Please take time to read Preventing Malware - Tools and Practices for Safe Computing. Very important information for your consideration is contained therein.

I would also suggest you read this:
So how did I get infected in the first place?
by Tony Klein

Also: "How to prevent malware"
by miekiemoes

Please respond back that you understand the above and let me know if you have any questions. Otherwise, this thread will be closed Resolved.

Link to comment
Share on other sites



I've done the house cleaning and read the articles you recommend. That's quite a lot of work they recommend. I intend to follow their suggestions and I'll probably have a few questions. In particular I'm unsure what other security I should install when I have a paid version of AVG that, to use its own menu language provides me with the following protections: 'computer', 'web browsing', 'e-mail', 'identity', 'firewall'.


While the articles you recommend warn against having more than one firewall software program they also seem to suggest having different programs for spyware, viruses and for a firewall. My thought is the best thing I could do is to go to the AVG official website user forum and ask my questions there. Of course, as always, I'd be interested in any thoughts you might have.


One other thought. What I immediately note is that article authors focus on IE. I prefer Firefox myself. I use a program called "Ad Block Plus" to block adware and the like. I just wonder in passing if you're a Firefox using and have any thoughts on what is the best adware blocker to use for Firefox. It's no big deal I can easily research it myself.


Thanks again for helping me clean my computer. I've certainly learned a lesson here. I very much appreciate your help.


Have a great weekend.



Link to comment
Share on other sites

There are two very definite schools of thought on security suites. There are those that think they are great because they are easy and designed to work together. The other thought (that I tend to subscribe to) is to use the best of each type of program.


If you've paid for AVG's suite... then use it and get your money's worth.


If you would prefer to use free programs... I like Avast! or Microsoft Security Essentials for Anti-Virus and Malwarebytes' for Anti-spyware/malware. I find that windows firewall is sufficient. If you have a few extra dollars to spend... I'd get the paid version of Malwarebytes' (it's a one time fee for a lifetime license). This covers the essentials but you can add additional layers like a custom hosts file or an additional program like Spybot or Spywareblaster.


The most important thing is you the user. Don't use P2P sites, pirated programs, and stay away from all "shady" sites. Don't download programs you don't trust and don't open attachments in emails unless you know exactly what is there (even if they appear to come from someone you know).


The reason the guides talk about IE is because your computer will use it even if you don't. If you have any version of Windows, IE is integrated into it and therefore must be secured even if it isn't your browser of choice. I prefer Firefox. Ad block is a good add-on as is no-script, but both take some training and some people find that annoying.


Does that all make sense?

Link to comment
Share on other sites

This topic is now closed to further replies.

  • Create New...