browser redirects,malware

Discussion in 'Malware Help (A Specialist Will Reply)' started by mtk2511, Jun 20, 2012.

  1. mtk2511

    mtk2511 Private E-2

    I ran the read me first and browser redirect fi. attached is all the logs. I am guessing the problem stems from running keygen/illegal software. It is someone else's computer and I gave them he standard lecture, so you don't have to give it to me;) I will delete anything reccomended.
     

    Attached Files:

    mtk2511, Jun 20, 2012
    #1
  2. mtk2511

    mtk2511 Private E-2

    The rest of the logs. Thanks again, I have used this site for years and usually works without posting logs. This is a great resource and I appreciate what you guys/gals are doing.
     

    Attached Files:

    mtk2511, Jun 20, 2012
    #2
  3. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    What is inside of this folder besides vhqjm.dll?


    C:\Users\suzy\AppData\Local\CRE\Apps

    And again, let me know what's in these folders?

    • C:\ProgramData\35116
    • C:\ProgramData\5a309a


    Delete this file:
    C:\Users\suzy\AppData\Local\CRE\Apps\vhqjm.dll

    Delete this folder:
    C:\Users\suzy\AppData\Local\Conduit

    Now Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

    Make sure that you tell me if you receive a success message about adding the above
    to the registry. If you do not get a success message, it definitely did not work.
     
    Kestrel13!, Jun 20, 2012
    #3
  4. mtk2511

    mtk2511 Private E-2

    Nothing else



    35116

    {337A406A-C5D4-4169-A5F1-91265725B2A7}.swf

    5a309a
    • BASSys (empty folder)
    • Quarantine Items (empty folder
    • 465.mof
    • BAS.ico


    Easier said than done, but I deleted it. rundll32.exe had it locked


    Deleted, but also empty.


    Success in running the file.

    Still redirecting however.
     
    mtk2511, Jun 20, 2012
    #4
  5. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Delete these:

    • C:\ProgramData\35116
    • C:\ProgramData\5a309a

    Which browser is redirecting?
     
    Kestrel13!, Jun 21, 2012
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds