Jump to content

Iam being redirected by scour virus when I click on a links on IE

Recommended Posts

  • Replies 65
  • Created
  • Last Reply

Top Posters In This Topic



  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    [2011/11/30 09:15:52 | 000,069,120 | ---- | M] (SmartDraw.com) -- C:\Users\rmanickam.HERSEYMETERS\AppData\Local\Temp\sdcode.dll
    [6 C:\Users\rmanickam.HERSEYMETERS\AppData\Local\Temp\*.tmp files -> C:\Users\rmanickam.HERSEYMETERS\AppData\Local\Temp\*.tmp -> ]

    ipconfig /flushdns /c


  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.


Download AdwCleaner from here to your desktop

Run AdwCleaner and select Delete


Once done it will ask to reboot, allow this

On reboot a log will be produced please attach that

Link to post
Share on other sites

log from Advcleaner

# AdwCleaner v1.801 - Logfile created 08/29/2012 at 13:02:45

# Updated 14/08/2012 by Xplode

# Operating system : Windows 7 Professional Service Pack 1 (64 bits)

# User : rmanickam - ENG-RAJ

# Boot Mode : Normal

# Running from : C:\Users\rmanickam.HERSEYMETERS\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

***** [Registry] *****

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (en-US)

-\\ Google Chrome v21.0.1180.83


AdwCleaner[s1].txt - [730 octets] - [29/08/2012 13:02:45]

########## EOF - C:\AdwCleaner[s1].txt - [857 octets] ##########

Link to post
Share on other sites


  • Go to here
  • Click the download button under Kaspersky Security Scan
  • Download and run the file
  • It will start to download the Kaspersky Security Scan program data
  • Once downloaded the installer will begin
  • Click Next
  • Accept the License Agreement
  • Click Install
  • The program will now install
  • Click Finish
  • Kaspersky Security Scan will now start
  • Click the Full Scan button
  • The scan will take about an hour or two depending on the amount of data on your hard drive
  • If the scan detects problems it will open a Problems found window
  • Click Details to generate a scan results report
  • Once the scan is complete do the following:
    • For XP: Navigate to C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot
      For Vista/7: Navigate to C:\ProgramData\Kaspersky Lab\KSS2\DataRoot
    • Right-click on the HtmlReport folder --> Click Send to --> Click Compressed (zipped) folder
    • Attach the HtmlReport zipped folder to your next post

    [*]You can now close Kaspersky Security Scan

Link to post
Share on other sites


lets do some cleanup

Reset and Re-enable your System Restore

The following will implement some cleanup procedures as well as reset System Restore points:

  • Click START then RUN
  • Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.


  • Open OTL to run it. (Vista users, right click on OTL and "Run as administrator")
  • Click on the CleanUp button.
  • Click Yes to begin the cleanup process and remove tools, including this application
  • You may be asked to reboot the machine to finish the cleanup process - if so, choose Yes


See Here for a list of recommendations for free Antivirus\AntiSpyware applications.

  • Keep Your windows up to date by regularly checking their website at:
  • SpywareBlaster protects against bad ActiveX, it immunizes your PC against them.
  • SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program ( eg : TeaTimer, Windows Defender ) or there will be a conflict.
  • Make Internet Explorer more secure
    • Click Start > Run
    • Type Inetcpl.cpl & click OK
    • Click on the Security tab
    • Click Reset all zones to default level
    • Make sure the Internet Zone is selected & Click Custom level
    • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
    • Next Click OK, then Apply button and then OK to exit the Internet Properties page.

    [*]MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to which is your local computer, meaning it will be difficult to infect yourself in the future.

    [*]Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more

    secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up

    blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from


    If you choose to use Firefox, I highly recommend these add-ons to keep your PC even more secure.

    • NoScript - for blocking ads and other potential website attacks
    • McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling

    [*]Click Here to learn how to keep a backup of your important files

    [*]FileHippo Update Checkker is an extremely helpful program that will tell you which of your programs need to be updated. Its important to keep programs up to date so that malware doesn't exploit any old security flaws.

Stay safe :wave:

Link to post
Share on other sites
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.