Infected with JS/Redirector.cv

[Lanzo]

ESET smart security downloads for about 10 minutes then says there is a communication error so I haven't yet managed to run a scan.

MWB ran ok with no threats found.

alwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 19/04/2015
Scan Time: 12:29:39
Logfile: MWB.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.04.19.02
Rootkit Database: v2015.03.31.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Lan

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 369444
Time Elapsed: 27 min, 4 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

[Juliet]

Did you install the latest version of Java?

Can you temporarily disable your antivirus protection to see if that is what hindered the download?

Let's try it this way
~~

ESET Online Scanner
I'd like us to scan your machine with ESET OnlineScan

*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.

• Hold down Control and click on the following link to open ESET OnlineScan in a new window.
  
  
  ESET OnlineScan
  
• Click the button.
  
• For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  
• Click on to download the ESET Smart Installer. Save it to your desktop.
  
• Double click on the icon on your desktop.
  
• Check
• Click the button.
  
• Accept any security warnings from your browser.
• Check
  
• Make sure that the option "Remove found threats" is Unchecked
  
• Push the Start button.
  
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  
  
• When the scan completes, push
  
• Push , and save the file to your desktop using a unique name, such as
  
  ESETScan. Include the contents of this report in your next reply.
  
• Push the button.
  
• Push
  
  Please make sure you include the following items in your next post:
  The log that was produced after running ESET Online Scanner.

[Lanzo]

Result of EST scan

C:\FRST\Quarantine\C\Users\Lan\AppData\Local\Temp\ebccabfbdfbcg.exe.xBAD a variant of Win32/OutBrowse.BX potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Users\Lan\AppData\Local\Temp\ICReinstall_photomerge-4.2.2.exe.xBAD a variant of Win32/InstallCore.QW potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Users\Lan\AppData\Local\Temp\optprosetup.exe.xBAD multiple threats cleaned by deleting - quarantined
C:\Users\Lan\Downloads\photomerge-4.2.2.exe a variant of Win32/InstallCore.QW potentially unwanted application deleted - quarantined

[Juliet]

That report looks good.

How's your computer now?

[Lanzo]

Latest version of JAVA is installed.

Everything else seems fine.

Lanzo

[Juliet]

DelFix

• Please download DelFix
  or from here http://www.bleepingcomputer.com/download/delfix/ and save the file to your Desktop.
• Double-click DelFix.exe to run the programme.
• Place a checkmark next to the following items:
  
  • Activate UAC
  • Remove disinfection tools
  • Create registry backup
  
  
• Click the Run button.

-- This will remove the specialised tools we used to disinfect your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).
~~~~~~~

• Answers to common security questions - Best Practices by quietman7, MVP
• How Malware Spreads - How did I get infected? by quietman7, MVP
• Simple and easy ways to keep your computer safe and secure on the Internet by Lawrence Abrams, MVP
• How to Prevent Malware by miekiemoes, MVP
• How to backup and restore your data using Cobian Backup by YourHighness
• Slow Computer/browser? It May Not Be Malwareby quietman7, MVP
  

The following programmes come highly recommended in the security community.

• AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads.
• CryptoPrevent places policy restrictions on loading points for ransomware (eg.CryptoPrevent), preventing your files from being encrypted.
• Malwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
• Malwarebytes Anti-Malware Premium (MBAM) works in real-time along side your Anti-Virus to prevent malware execution.
• NoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
• Sandboxie isolates programmes of your choice, preventing files from being written to your HDD unless approved by you.
• Secuina PSI will scan your computer for vulnerable softwarethat is outdated, and automatically find the latest update for you.
• SpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
• Web of Trust (WOT) is a browser add-on designed to alert you before interacting with a potentially malicious website.

Want to help others? Join the ClassRoom and learn how.

[Lanzo]

All completed and the computer is running fine.

Thanks again for your help.


Lanzo

[Juliet]

We're glad to help