Jump to content

Possible redirect infection


Recommended Posts

Hello Malwarebytes, I hope you can help me today.

So here's the story, I was searching up these entries that Rkill had found in my hosts file and had the results come up with redirecting viruses, but one thing that struck me was that nothing has appeared to be happening on my computer, so I'm worried that they are dormant or are waiting to be 'sprung' or something.

Anyway - here are some logs, looking forward to hear from you

Rkill.txt

FRST.txt

dds.txt

Link to post
Share on other sites

  • Root Admin

Hello @Magik and :welcome:

Please run the following for me.

Please download Malwarebytes Anti-Rootkit from HERE
If needed there is a self help tutorial here: MBAR tutorial

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

Link to post
Share on other sites

Hello and thank you for the fast reply, apologies if I might've raised a false flag, but could it be that these entries have been added by Spybot? I'm using its immunization feature - I'm not super tech savvy so I apologize if this might've been a waste of your time, rather be safe than sorry though.

MBAR ran without a hitch and no reboot was required, here are the logs now:

mbar-log-2017-03-07 (16-04-12).txt

system-log.txt

Link to post
Share on other sites

  • Root Admin

I've not used Spybot in a long time but I would not expect issues as many other users do use the program.

Let's try resetting your browser and see if that helps.

 

Please visit each of the following sites and let's reset all of your browsers back to defaults to prevent unexpected issues.
If you are not using one of the browsers but it is installed then you may want to consider uninstalling it as older versions of some software can pose an increase in the potential for an infection to get in.

Internet Explorer
How to reset Internet Explorer settings

Firefox
Click on Help / Troubleshooting Information then click on the Reset Firefox button.

Chrome

I would like to reset Chrome back to defaults to completely clear out what is going on with Chrome.

You can keep your “Bookmarks” if you want to keep them, but you have to export them first – >> Export Bookmarks << – Everything else should be removed.

Then I need you to go to >> Google Sync << and sign into your account.
Scroll down until you see the reset sync button and click on the button
At the prompt click on Ok.

.
Reset Your Browser Settings
.

  1. In the top-right corner of the browser window, click the “Chrome Menu” icon (Three horizontal lines)
  2. Select Settings.
  3. At the bottom, click Show advanced settings…
  4. Scroll down until you see “Reset settings”, Then click on the button Reset Settings.
  5. In the dialog that appears, click Reset.

.
Close Chrome and restart it and check it out for me please

Link to post
Share on other sites

On 3/7/2017 at 7:16 PM, AdvancedSetup said:

I've not used Spybot in a long time but I would not expect issues as many other users do use the program.

Let's try resetting your browser and see if that helps.

 

Please visit each of the following sites and let's reset all of your browsers back to defaults to prevent unexpected issues.
If you are not using one of the browsers but it is installed then you may want to consider uninstalling it as older versions of some software can pose an increase in the potential for an infection to get in.

Internet Explorer
How to reset Internet Explorer settings

Firefox
Click on Help / Troubleshooting Information then click on the Reset Firefox button.

Chrome

I would like to reset Chrome back to defaults to completely clear out what is going on with Chrome.

You can keep your “Bookmarks” if you want to keep them, but you have to export them first – >> Export Bookmarks << – Everything else should be removed.

Then I need you to go to >> Google Sync << and sign into your account.
Scroll down until you see the reset sync button and click on the button
At the prompt click on Ok.

.
Reset Your Browser Settings
.

  1. In the top-right corner of the browser window, click the “Chrome Menu” icon (Three horizontal lines)
  2. Select Settings.
  3. At the bottom, click Show advanced settings…
  4. Scroll down until you see “Reset settings”, Then click on the button Reset Settings.
  5. In the dialog that appears, click Reset.

.
Close Chrome and restart it and check it out for me please

Okay, I checked out the entries in the hosts file, and it seems that the entries were indeed by spybot, started by "# Start of entries inserted by Spybot - Search & Destroy" following all entries down to the bottom where it says "# End of entries inserted by Spybot - Search & Destroy"

Considering nothing has really affected my computer (Or really happened at all) - would you still recommend that I  reset Chrome? 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.