1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved Redirected to Qbyrd and Ask.com

Discussion in 'Malware and Virus Removal Archive' started by mrbiglive, 2011/01/22.

Page 3 of 3
  1. 2011/01/26
    mrbiglive

    mrbiglive Inactive Thread Starter

    Joined:
    2011/01/22
    Messages:
    29
    Likes Received:
    0
    ok, so I manually disable the System Restore, then run the OTL fixes? All of them or just the last 2?
     
    mrbiglive,
    #41
  2. 2011/01/26
    mrbiglive

    mrbiglive Inactive Thread Starter

    Joined:
    2011/01/22
    Messages:
    29
    Likes Received:
    0
    Latest OTL.txt
    ----


    All processes killed
    ========== OTL ==========
    Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename
    Prefs.js: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15000" removed from browser.search.defaulturl
    Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
    Prefs.js: toolbar@ask.com:3.9.1.14019 removed from extensions.enabledItems
    Folder C:\Users\Kelvin\AppData\Roaming\Mozilla\Firefox\Profiles\m303u31u.default\e xtensions\toolbar@ask.com\ not found.
    C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Kelvin
    ->Temp folder emptied: 6394437 bytes
    ->Temporary Internet Files folder emptied: 1299469 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 81180818 bytes
    ->Flash cache emptied: 1103 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    User: UpdatusUser
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 13312 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 85.00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: Kelvin
    ->Flash cache emptied: 0 bytes

    User: Public

    User: UpdatusUser
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0.00 mb


    OTL by OldTimer - Version 3.2.20.5 log created on 01272011_001813

    Files\Folders moved on Reboot...
    C:\Users\Kelvin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

    Registry entries deleted on Reboot...

    -------
    I check for redirections and I think they are gone. Thanks. Should I turn my system restore back on? I think it is currently OFF.
     
    mrbiglive,
    #42


  3. to hide this advert.

  4. 2011/01/26
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Good news :)

    Yes, turn system restore back on.

    ...and...

    OTL Clean-Up
    Clean up with OTL:

    * Double-click OTL.exe to start the program.
    * Close all other programs apart from OTL as this step will require a reboot
    * On the OTL main screen, press the CLEANUP button
    * Say Yes to the prompt and then allow the program to reboot your computer.

    If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.


    Good luck and stay safe :)
     
    broni,
    #43
  5. 2011/01/27
    mrbiglive

    mrbiglive Inactive Thread Starter

    Joined:
    2011/01/22
    Messages:
    29
    Likes Received:
    0
    Thanks for all your help. I would like to donate some to your website.
     
    mrbiglive,
    #44
  6. 2011/01/27
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    You're very welcome :)

    There is a donation link in my signature.
     
    broni,
    #45
  7. 2011/01/27
    mrbiglive

    mrbiglive Inactive Thread Starter

    Joined:
    2011/01/22
    Messages:
    29
    Likes Received:
    0
    Done. Thanks again.
     
    mrbiglive,
    #46
  8. 2011/01/27
    mrbiglive

    mrbiglive Inactive Thread Starter

    Joined:
    2011/01/22
    Messages:
    29
    Likes Received:
    0
    The "merchant" is Arie Slob right?
     
    mrbiglive,
    #47
  9. 2011/01/27
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Yes..
     
    broni,
    #48
Page 3 of 3

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...