| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 136395 | 2014-02-25 05:23:00 | URLs being misdirected | GrahamB (750) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1368654 | 2014-02-25 05:23:00 | I recently received a number of emails from a regular source, and each time I clicked the one of the links, purportedly to 'clicks.aweber.com/...............' the link sent to a URL for www.ForexCashKing.com. I have had an email back from the sender saying that the links work OK for him. I laboriously entered one of the links into the browser on my laptop, and got directed to the correct site. This sounds like me ESET protected desktop has a virus. Any ideas on what to look for and how best to clean it? TFYH GrahamB |
GrahamB (750) | ||
| 1368655 | 2014-02-25 06:07:00 | Scan it with malwarebytes. Altho I wouldnt click on emails friends send. Even if you know them. And if the url looks dodgy. Like the ones you posted | Speedy Gonzales (78) | ||
| 1368656 | 2014-02-25 06:35:00 | Its not a virus in the true sense, its a browser hijack, and no AV can protect you 100% against them. They can also alter your internet settings. Seen this happen a LOT lately and a high percentage people have been using FF. Try running junkware-removal-tool/ (www.bleepingcomputer.com) |
wainuitech (129) | ||
| 1368657 | 2014-02-25 18:14:00 | Its not a virus in the true sense, its a browser hijack, and no AV can protect you 100% against them. They can also alter your internet settings. +1 Not that hard to remove, use JRT as suggested....you can go through manually too and remove toolbars, references and such from browser settings. |
pctek (84) | ||
| 1368658 | 2014-02-25 23:47:00 | I use Spybot and the browser immunization, blocks most of that kind of thing before it can even try to install. | Agent_24 (57) | ||
| 1368659 | 2014-02-26 10:12:00 | I Tried a WinZip program from Tucows and was told I had 58 infestations-looked at the links provided and concluded it was BS, particularly as it would not change anything until I fronted with money! Malwarebytes found 1, a PUP file in an old backup file in an non active partition. I then tried the JRT and it said it found 2 files and removed them, but the same challenge still occurs, on both Chrome and Firefox. I will reinstall Spybot-used to have it on an earlier PC. Not sure how to manually clean things but I'll have a go! TFYH |
GrahamB (750) | ||
| 1368660 | 2014-02-26 19:11:00 | Winzip From Tucows ?? HMmmmmmm Thats where you may have gotten the problem from. Just tried to download winzip from Tucows, and Nod blocked it instantly (see the address blocked) . If yours didn't then its not setup with all functions fully. 5574 was told I had 58 infestations-looked at the links provided and concluded it was BS What said it was infested ? Seems that now have the problem of browser hijacking that it may have actually been correct and not BS. |
wainuitech (129) | ||
| 1368661 | 2014-02-26 19:38:00 | What you can also try is running various programs. Have a look at malwaretips.com (malwaretips.com) You can ignore the malwarebytes option since you have done it already. if Nod32 is setup fully it should have stopped what ever caused it. The file from Tucows -- May not actually be the file that caused problems its often the rubbish or the sites installers that they add in, some sites that used to be good add in all sorts of junk. |
wainuitech (129) | ||
| 1368662 | 2014-02-27 06:46:00 | It wasn't from Tucows! i haven't used Tucows in a coons age, so it did not come from their ESET has notified of a number of problems, and i am satisfied it is working OK. It is not unusual for any AV software to object to downloading Malware/Spybot/AV software, because of the signature etc associated in the files. Again this is not the problem - the problem is recent and any work done in this area has been post-the-problem. I dont think the WINZIP ifo is correct. It was alist, for examle, of about 20 Microsoft upgrades, showing file names with no executive function (.exe etc.) I went through my History Files on both Chrome and Firefox last night, then checked and the same thing happened, just with a different 'misdirection'. Then downloaded Spybot and ran that, but have not yet had the chance to check what is happening. Will report back. TFYOH |
GrahamB (750) | ||
| 1368663 | 2014-02-27 07:10:00 | It wasn't from Tucows! i haven't used Tucows in a coons age, EH !! :confused: Last post you made #6 - The very first words : I Tried a WinZip program from Tucows So which is it ? Nod32 doesn't stop legit antimalware programs. What it will stop if setup correctly is PUPS = potentially unwanted programs, the likes of toolbars, or rouge installers. If you are getting warning and ignoring them or thinking the warnings are BS its not a surprise the infections get in. If you download something and Nods not detecting then it may not be set up fully. How nod installs by default is OKish, but to get better protection you need to enable it, its not enabled by default as it does use more resources and some low powered PC's will be effected. |
wainuitech (129) | ||
| 1 2 3 | |||||