Redirect and possible MBR issues

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by gigarob, Jul 11, 2014.

  1. gigarob

    gigarob Private E-2

    hey guys (and ladies?) thanks in advance.

    I've been having some redirect issues lately.

    trying to access imgur sometimes sends me to a dead creative commons site.

    occasionally when trying to get to google I get a "warning this is an unsafe website" flag

    occasional redirects when trying to access other websites as well.

    I did the diagnostics and redirect fixes mentioned but the redirects seem to reappear pretty readily. also, rebooting seems to remove the problem for a short period of time.

    please find all required diagnostics attached.. let me know if you need anything else.
     
  2. gigarob

    gigarob Private E-2

    attachments pt 1
     

    Attached Files:

  3. gigarob

    gigarob Private E-2

    attachments pt 2
     

    Attached Files:

  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    All of your logs are clean. The only issue I see is that you have no antivirus or antispyware protection installed. ClamWin Free Antivirus offers no protection. It is only an after the fact scanner.
     
  5. gigarob

    gigarob Private E-2

    Firstly: thanks for looking over my files.

    OK.. so I guess I got it cleaned up?

    Might the redirects have come from a unsecured router? I'm traveling and the router here has no password.. I reset it to factory defaults earlier today. gonna stick a name and password on it as soon as this is finished.

    No worries about that MBR warning?

    what about the registry entries from the RK report?

    any suggestions on a decent (freeware) anti virus I can run?
     
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome.

    Don't know! There was nothing in your logs. Are you still having a problem?

    Potentially if the DNS server part of the software had been hacked. This is rare but has happened.

    Nope! MBRcheck is just old and cannot understand many proprietary MBRs.

    Not problems.

    See the link at the end of the below final instructions to execute only if you are not having anymore problems.


    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
    2. Renable your Disk Emulation software with Defogger if you had disabled it in step 4 of the READ & RUN ME.
    3. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
    4. If running Vista, Win 7 or Win 8, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Now goto the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    6. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    7. .
    8. After doing the above, you should work thru the below link:
     
  7. gigarob

    gigarob Private E-2

    Everything seems fine so far.. I guess I will swap out clamwin for the AV provided by win8.

    Thanks again!
     
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Surf safely!
     
  9. gigarob

    gigarob Private E-2

    OK... I just got this trying to log into reddit; my guess is I still have some funk going on. Please advise:

    This Connection is Untrusted

    You have asked Firefox to connect securely to ssl.reddit.com, but we can't confirm that your connection is secure.

    Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified.
    What Should I Do?

    If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue.
     
  10. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Perhaps just some kind of issue with reddit's security certificates. Seems they have had issues like this before (http://www.reddit.com/comments/pz5kx ) I repeat you are not having malware problems. Check that your PCs clock time and date are correct too. Also shutdown Firefox and try connected with Internet Explorer to see what happens. It could be a Firefox issue.
     
  11. gigarob

    gigarob Private E-2

    hmm.. ok..

    I also received the same message when trying to get to google a recently.. I just never got these kind of messages until about a week ago.

    thanks again.. I feel better knowing it's not malware
     
  12. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Did you try Internet Explorer?

    Have you tried using a System Restore point from before the problem began?
     
  13. gigarob

    gigarob Private E-2

    no glitches since earlier today.. so, <shrug>
     
  14. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    :) Then perhaps as I suggested it was a problem with reddit's security certificates at the time.
     
  15. gigarob

    gigarob Private E-2

    Smooth sailing.. no problems in over 24 hours


    thanks again!
     
  16. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Surf safely!
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds