Yesterday, my browser (Firefox 24.0) redirected me to a “Flash Player Update” on download.wwwqwikster.com. I am sure the “Flash Player Update” is malware. From what I could find, this is evidence of a redirect virus that AV programs can’t handle alone. However, I wasn’t redirected when I started my browser this morning to come here. What should I do?
run AdwCleaner / Malwarebytes / OTL and attach logs
Here is the log for the AdwCleaner scan: .txt]C:\AdwCleaner\AdwCleaner[R0].txt. Please tell me if the link doesn’t work. I’m new at this.
Puter,
due to rules links aren’t allowed on the forums unless given by a Removal Expert or a Mod… Even so, that link does not work. Use the Attachments and other options below your posting a reply and attach from there.
THank you
Thanks much, Alan. Here’s the file.
After scanning with AdwCleaner, should I click “Clean”, or will that come later?
Click clean to remove everything that was found.
Done.
Malwarebytes scan completed. This is fun!
OTL scan completed. Is there anything I need to fix with it?
AswMBR scan has been run. Should I click “FixMBR”?
No, no need to use Aswmbr now as that just checks slightly different areas for me
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
https://dl.dropbox.com/u/73555776/OTL_Fix.GIF
:Commands
[CREATERESTOREPOINT]
:OTL
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKU\S-1-5-21-637572422-2770120649-1228914024-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-637572422-2770120649-1228914024-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
:Commands
[resethosts]
[emptytemp]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
Okay, I did.
Looks good, any redirects or other problems ?
Not since yesterday. Thank you for your help.
My pleasure … Run OTL and press the cleanup button 