This forum requires Javascript to be enabled for posting content
Please consider registering
guest
Log In Register
Register | Lost password?
Advanced Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
Topic RSS
Constant redirects
carbonterry2
Member
Members
May 5, 2011 - 12:51 am
Member Since: February 17, 2010
Forum Posts: 356
Offline

My friend is running XP SP3, FF 3.6.xx
We've run Mals, AVG, MSE etc.
When doing a search he clicks on a link he is redirected to a page titled "Jump" instead of what he had selected.
What am I missing?

Jim Hillier
Admin
May 5, 2011 - 4:24 am
Member Since: August 9, 2011
Forum Posts: 2707
Offline

Hey CT - IMO this is definitely malware, most likely a persistent rogue cookie. I would suggest to keep trying with different scanners; try [url=http://www.superantispyware.com/:1ma0ox6v]SUPERAntiSpyware[/url:1ma0ox6v] and [url=http://www.microsoft.com/security/scanner/en-us/default.aspx:1ma0ox6v]Microsoft Safety Scanner[/url:1ma0ox6v].

What browser is being used by default?

Once we get that information we may be able to suggest using settings to ban cookies from certain sites.

Cheers....Jim

carbonterry2
Member
Members
May 5, 2011 - 11:15 am
Member Since: February 17, 2010
Forum Posts: 356
Offline

Firefox 3.6.?? is the default browser.

Jim Hillier
Admin
May 5, 2011 - 11:48 am
Member Since: August 9, 2011
Forum Posts: 2707
Offline

Okay CT - The difficult aspect of this is trying to identify which cookie(s) are to blame.

Open Firefox and go to [b:2undf4ak]Tools>Options[/b:2undf4ak] and then open the [b:2undf4ak]Privacy [/b:2undf4ak]tab.

Now you will see options for handling cookies. Click on the [b:2undf4ak]Show Cookies[/b:2undf4ak] button and review what is listed there.

There are a couple of things you can try:

Delete all cookies and then disable the options to [b:2undf4ak]Accept cookies from sites [/b:2undf4ak]and [b:2undf4ak]Accept third-party cookies[/b:2undf4ak]. See if that stops the 'jumping'. There will be side affects with those options disabled, not serious ones; log-on to 'member' sites will not be persistent so the user will need to log-on each visit. Other user-specific settings will be lost. But it should also let you know if a cookie (or cookies) are responsible.

*You can use the 'exceptions' feature to "allow" known safe cookies, and particularly those which are related to sites which require log-on (while still blocking all others).

Or, if you can identify the rogue cookie(s) you could leave those options enabled and just "Block" the rogue cookie(s) via the 'exceptions' feature.
[click on the[b:2undf4ak] Exceptions [/b:2undf4ak]button to access that feature]

Did you find anything with the other scanners?

Cheers....Jim

carbonterry2
Member
Members
May 5, 2011 - 11:54 am
Member Since: February 17, 2010
Forum Posts: 356
Offline

Thanks Jim,
Using Mal's we found 3 trojans and deleted them.
I will try the cookie method later today.
Thanks for your time & expertise.

Jim Hillier
Admin
May 5, 2011 - 11:59 am
Member Since: August 9, 2011
Forum Posts: 2707
Offline

You are most welcome CT.

Let us know how you get on please.

carbonterry2
Member
Members
May 5, 2011 - 11:43 pm
Member Since: February 17, 2010
Forum Posts: 356
Offline

Tonight I ran Super Anti Spyware after deleting cookies thru the Tools/Options menu.
The computer had a bit under 2,000 warnings !!!!
I deleted those and all seems to be working OK now.
Thanks for the help.

TRW/CT

Jim Hillier
Admin
May 6, 2011 - 5:49 am
Member Since: August 9, 2011
Forum Posts: 2707
Offline

SUPERAntiSpyware Does It Again!!!!!!

Great to hear all is now well CT. Thanks for letting us know.

Flying Dutchman
Member
Members
May 6, 2011 - 4:53 pm
Member Since: September 2, 2010
Forum Posts: 278
Offline

Glad to hear you managed to solve the issues, carbonterry2.
Since your friend uses Firefox, he could install a cookie managing addon, that'll allow him to easily manage cookies from the status bar without having to go through Tools>Options>Privacy.

People often argue that Malwarbytes' is superior to SUPERAntiSpyware, but from my experience, the best practice is to keep them both as they seem to nicely complement eachother.

Jim, have you tried out Microsoft Safety Scanner? Opinion?

I am human

Jim Hillier
Admin
May 6, 2011 - 5:38 pm
Member Since: August 9, 2011
Forum Posts: 2707
Offline

[quote:evn8glzp]People often argue that Malwarbytes' is superior to SUPERAntiSpyware, but from my experience, the best practice is to keep them both as they seem to nicely complement eachother.
[/quote:evn8glzp]Agree 100% FD. There is nothing to pick between them, both are excellent. SAS will often flag more items after MBAM has cleaned and MBAM will often flag more items after SAS has cleaned, so to argue over which is best is pretty silly. As with all such security products conventional wisdom applies; no single program is going to identify 100% all malware.......but these two come closer than most.

[quote:evn8glzp]have you tried out Microsoft Safety Scanner?[/quote:evn8glzp]
No, I haven't FD. Haven't actually been presented with an infected machine for some time......my 'clients' must be getting the message...finally!!! LOL

MS Safety Scanner does not operate in quite the same manner as the other two. Before using either SAS or MBAM all one need do is update the definition database (unless, of course, there has been a major program update in the meantime). However, MS Safety scanner expires every 10 days, after which time the user needs to download the full program all over again. The download is 70+ MB, so MS Safety Scanner is definitely a ....download on-demand only proposition.

Cheers.....Jim

Flying Dutchman
Member
Members
May 6, 2011 - 6:17 pm
Member Since: September 2, 2010
Forum Posts: 278
Offline

Hi Jim,
[quote:3rzc5b9x]but these two come closer than most[/quote:3rzc5b9x]
I also have Hitman Pro (the quick scan is unbelievably ... quick ) due to the variety of scan engines it uses.

MS Safety Scanner sounds a lot like in the lines of Dr.Web CureIt! I always wondered about this type of scanners, does the scan engine update that often that you need to redownload the whole thing every time?

I think Malwarebytes', SUPERAntiSpyware and Hitman Pro are arsenal enough.
Of course, as Dave once said:
[quote:3rzc5b9x]The number 1 security tool you have available at any cost? The one between your ears![/quote:3rzc5b9x]

I am human

Jim Hillier
Admin
May 6, 2011 - 7:36 pm
Member Since: August 9, 2011
Forum Posts: 2707
Offline

[quote:37p8lzbm]Of course, as Dave once said:

The number 1 security tool you have available at any cost? The one between your ears![/quote:37p8lzbm] Yes, Dave tends to use all my best material!!

[quote:37p8lzbm]I also have Hitman Pro[/quote:37p8lzbm]
But it is not free, at least not for removal....is it?

[quote:37p8lzbm]I always wondered about this type of scanners, does the scan engine update that often that you need to redownload the whole thing every time[/quote:37p8lzbm]
I believe it has something to do with portable versus installed (both Dr. Web & MS Safety Scanner are portable). Although, why the portable apps could not include a button link to manually download updates is beyond me.

Flying Dutchman
Member
Members
May 6, 2011 - 7:49 pm
Member Since: September 2, 2010
Forum Posts: 278
Offline

[quote:3rue17fs]Yes, Dave tends to use all my best material!! [/quote:3rue17fs]
Copyright dispute?

[quote:3rue17fs][quote:3rue17fs]I also have Hitman Pro[/quote:3rue17fs]
But it is not free, at least not for removal....is it?[/quote:3rue17fs]
No, removal is not free. I regard it as a reliable "scanner", though it never came up with anything. If it would, I'd use another app for removal, preferably the one using the engine that caught the baddy in the first place.

[quote:3rue17fs]I believe it has something to do with portable versus installed.[/quote:3rue17fs]
You're probably right here, now that I think about it, even SUPERAntiSpyware portable needs to be downloaded each and every time. But, since I'm not a programer, can't say if and how difficult it would be to just update the defs.

I am human

Jim Hillier
Admin
May 6, 2011 - 8:12 pm
Member Since: August 9, 2011
Forum Posts: 2707
Offline

[quote:18shybzp]since I'm not a programer, can't say if and how difficult it would be to just update the defs[/quote:18shybzp]
Me too, but I use Sumatra portable for simple PDF reading and whenever that starts it offers me updates (if/when there is one available). So I can only assume it would be feasible and not too difficult.

Chad Johnson
Mod
Members
May 6, 2011 - 10:08 pm
Member Since: August 11, 2011
Forum Posts: 867
Offline

[quote="ozbloke":23o4yfss]
Me too, but I use Sumatra portable for simple PDF reading and whenever that starts it offers me updates (if/when there is one available). So I can only assume it would be feasible and not too difficult. [/quote:23o4yfss]

I'm not really a programmer, but I would imagine that the updates Sumatra is offering are just downloading replacement a replacement file as well. When you have an all in one portable file, it's very very difficult to update specific portions of it without simply replacing it.

Forum Timezone: America/Indiana/Indianapolis
Most Users Ever Online: 2303
Currently Online: MeheakKunar
Guest(s) 28
Currently Browsing this Page:
2 Guest(s)
Top Posters:
Chad Johnson: 867
Mindblower: 673
carbonterry2: 356
Flying Dutchman: 278
grr: 211
Member Stats:
Guest Posters: 11
Members: 3218
Moderators: 7
Admins: 3
Forum Stats:
Groups: 8
Forums: 20
Topics: 1951
Posts: 13555
Newest Members:
Noahmat, cdgxx, ricc88, R1OLEWINE, bernicereva
Moderators: Carol Bratt: 67, dandl: 740, Jason Shuffield: 1, Jim Canfield: 8, Terry Hollett: 0, Stuart Berg: 0, John Durso: 0
Administrators: Jim Hillier: 2707, Richard Pedersen: 209, David Hartsock: 1117
Exit mobile version

WHY NOT SUBSCRIBE TO OUR NEWSLETTER?

Get great content like this delivered to your inbox!

It's free, convenient, and delivered right to your inbox! We do not spam and we will not share your address. Period!