Malware redirecting IE

[Baabiouz]

Hi

You need allow browser to get internet by Outpost firewall.

Enable Outpost firewall -> Start Internet Explorer -> If Outpost asks you what to do, answer Allow. If it didn't work, I'll get you more info



Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Next we remove all used tools.

Please download OTCleanIt and save it to desktop.

• Double-click OTCleanIt.exe.
• Click the CleanUp! button.
• Select Yes when the "Begin cleanup Process?" prompt appears.
• If you are prompted to Reboot during the cleanup, select Yes.
• The tool will delete itself once it finishes, if not delete it by yourself.

Note: If you receive a warning from your firewall or other security programs regarding OTCleanIt attempting to contact the internet, please allow it to do so.

Hide system files

1. Open My Computer.
2. Go to Tools > Folder Options.
3. Select the View tab.
4. Scroll down to Hidden files and folders.
5. Select Do not show hidden files and folders.
6. Check (tick) Hide extensions of known file types.
7. Check (tick) Hide protected operating system files (Recommended).
8. Click OK.
9. Close My Computer.

Create a new, clean System Restore point

1. Click on Start > All Programs > Accessories > System Tools > System Restore.
2. On the Welcome Page, select Create a restore point. Click Next.
3. Give this restore point a descriptive name and click Create.
4. When done, click Close.

Warning: Do not clear infected System Restore points before creating a new System Restore point first!

Please read the above to create a new System Restore point first, then clear out the infected System Restore points.

Clear infected System Restore points

1. Click on Start > All Programs > Accessories > System Tools > Disk Cleanup.
2. Select C drive and click OK.
3. Select the More Options tab.
4. Under System Restore, click on Clean up....
5. You will be prompted. Click Yes.
6. When done, click OK.
7. You will be prompted again. Press Yes to confirm.
8. When done, Disk Cleanup will close automatically.

Keep your system updated

Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office products loopholes and fix any bugs found. Please ensure that you visit the following websites regularly or do update your system regularly.

Install the updates immediately if they are found. Reboot your computer if necessary, revisit Windows Update and Office update sites until there are no more updates to be installed.

To update Windows

Go to Start > All Programs > Windows Update

To update Office

Open up any Office program.

Go to Help > Check for Updates

Alternatively, you can visit the links below to update Windows and Office products.

Windows Update
Office Update

If you are forgetful, you can change some settings so that you will be informed of updates. Here's how:

1. Go to Start > Control Panel > Automatic Updates
2. Select Automatic (recommended) radio button if you want the updates to be downloaded and installed without prompting you.
3. Select Download updates for me, but let me chose when to install them radio button if you want the updates to be downloaded automatically but to be installed at another time.
4. Select Notify me but don't automatically download or install them radio button if you want to be notified of the updates.

Besides Windows that needs regular updating, antivirus, anti-spyware and firewall programs update regularly too.

Please make sure that you update your antivirus, firewall and anti-spyware programs at least once a week.

Be careful when opening attachments and downloading files.

1. Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.
2. Never open emails from unknown senders.
3. Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These email addresses can be easily spoofed. Check the antivirus vendor websites to be sure.
4. Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on Sourceforge or Pricelessware.

Surf safely

Many of the exploits are directed to users of Internet Explorer and Firefox.

Using Firefox with NoScript add-on helps to prevent most exploits from running as NoScript by default disables all scripts on all websites. If you trust the website, you can manually allow it.

If you prefer to use Internet Explorer, please refer to this website to learn how to secure Internet Explorer 6.

To secure Internet Explorer 7, please read this article.


Backup regularly

You never know when your PC will become unstable or become so infected that you can't recover it. Follow this Microsoft article to learn how to backup. Follow this article by Microsoft to restore your backups.

Alternatively, you can use 3rd-party programs to back up your data. One example can be found at Bleeping Computer.

Avoid P2P

P2P may be a great way to get lots of stuffs, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. If you do need to use them, use them sparingly. Check this list of clean and infected P2P programs if you need to use one.

Prevent a re-infection

1. Spyware Blaster
   SpywareBlaster is a program that is used to secure Internet Explorer by making it harder for ActiveX programs to run on your computer. It does this by disabling known offending ActiveX programs from running at all.
   
   You can download SpywareBlaster from Javacool.
   
   If you need help in using SpywareBlaster, you can read SpywareBlaster's tutorial at Bleeping Computer.
   
   
2. Hosts File
   A Hosts file is like a phone book. You look up someone's name in the phone book before calling him/her. Similarly, your PC will look up the website's IP address before you can view the website.
   
   Hosts file will replace your current Hosts file with another one containing well-known advertisement sites, spyware sites and other bad sites. This new Hosts file will protect you by re-directing these bad sites to 127.0.0.1.
   
   Here are some Hosts files:
   
   MVPS Hosts File
   Bluetack's Hosts File
   Bluetack's Host Manager
   hpHosts
   
   A tutorial about Hosts File can be found at Malware Removal.
   
   
3. Malwarebytes RogueNET Bleeping Computer
   Before downloading any anti-spyware programs, always check it. This will save you from a lot of trouble. If in doubt, don't ever download it.

Here are some more things to read about:

Securing Skype
Greater email safety
Phishing - what is it?
80 Super Security Tips

Happy surfing and stay clean!

[stoped]

Hi.

I have everything cleaned up and updated with a fresh system restore point. System performance is fine.

I can't get the Outpost firewall to run. I spent a couple of hours with the doucumentation and settings, but the program will not allow IE or Firefox to load any page, even with Outpost disabled. The software will not even connect to itself to check for updates. Internet access is only availble with Outpost turned totally off. (I did turn off the Windows Firewall).

Any help you can provide is greatly appreciated. I can always try one of the other firewall recommendations you made.

Thanks again for all your help.

[Baabiouz]

Hi

May this make any sense?
http://www.outpostfirewall.com/forum...d.php?p=158106