1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved "jump" redirect removal

Discussion in 'Malware and Virus Removal Archive' started by johnandal, 2011/03/31.

Page 2 of 2
  1. 2011/04/04
    johnandal

    johnandal Inactive Thread Starter

    Joined:
    2011/03/31
    Messages:
    16
    Likes Received:
    0
    All processes killed
    ========== OTL ==========
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    C:\Documents and Settings\john sprague\My Documents\My Music\Kidz Bop Kids - Kidz Bop 12\03-kidz_bop_kids-its_not_over.mp3 moved successfully.
    C:\Downloads\GoogleSketchUpProWEN.exe.bc! moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: All Users

    User: Application Data

    User: BB443B11-7D12-450c-9F85-2D32804655F9

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: john sprague
    ->Temp folder emptied: 191285 bytes
    ->Temporary Internet Files folder emptied: 26388929 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 809 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: NetworkService
    ->Temp folder emptied: 16384 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 483 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 1952 bytes

    Total Files Cleaned = 25.00 mb


    [EMPTYFLASH]

    User: Administrator

    User: All Users

    User: Application Data

    User: BB443B11-7D12-450c-9F85-2D32804655F9

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: john sprague
    ->Flash cache emptied: 0 bytes

    User: LocalService

    User: NetworkService
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0.00 mb


    OTL by OldTimer - Version 3.2.22.3 log created on 04042011_102056

    Files\Folders moved on Reboot...
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\RQDU3U3F\11[1].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\RQDU3U3F\ai[1].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\RQDU3U3F\ai[2].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\RQDU3U3F\ai[3].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\RQDU3U3F\ai[4].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\RQDU3U3F\ai[5].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\RQDU3U3F\md[1].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\RQDU3U3F\md[2].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\RQDU3U3F\md[5].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\RQDU3U3F\md[6].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\RQDU3U3F\owa[3].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\PIAU6V6W\98477-active-jump-redirect-removal-2[1].html moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\PIAU6V6W\ai[1].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\PIAU6V6W\ai[2].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\PIAU6V6W\ai[3].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\PIAU6V6W\ai[4].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\PIAU6V6W\ai[5].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\PIAU6V6W\home[1].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\PIAU6V6W\md[1].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\PIAU6V6W\md[2].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\PIAU6V6W\md[4].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\PIAU6V6W\md[5].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\6542ZU9A\ai[1].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\6542ZU9A\ai[2].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\6542ZU9A\ai[3].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\6542ZU9A\ai[4].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\6542ZU9A\ai[5].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\6542ZU9A\ai[6].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\6542ZU9A\md[1].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\6542ZU9A\md[2].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\2ZGOEDJV\ai[1].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\2ZGOEDJV\ai[2].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\2ZGOEDJV\facebook_com[1].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\2ZGOEDJV\home[2].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\2ZGOEDJV\md[3].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\2ZGOEDJV\owa[1].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\2ZGOEDJV\owa[3].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\2ZGOEDJV\welcome[1].htm moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
    File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temp\Perflib_Perfdata_204.dat not found!

    Registry entries deleted on Reboot...
     
    johnandal,
    #21
  2. 2011/04/04
    johnandal

    johnandal Inactive Thread Starter

    Joined:
    2011/03/31
    Messages:
    16
    Likes Received:
    0
    All processes killed
    ========== OTL ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: All Users

    User: Application Data

    User: BB443B11-7D12-450c-9F85-2D32804655F9

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: john sprague
    ->Temp folder emptied: 17091 bytes
    ->Temporary Internet Files folder emptied: 1132498 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: NetworkService
    ->Temp folder emptied: 16384 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 483 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 1.00 mb


    [EMPTYFLASH]

    User: Administrator

    User: All Users

    User: Application Data

    User: BB443B11-7D12-450c-9F85-2D32804655F9

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: john sprague
    ->Flash cache emptied: 0 bytes

    User: LocalService

    User: NetworkService
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0.00 mb

    Restore points cleared and new OTL Restore Point set!

    OTL by OldTimer - Version 3.2.22.3 log created on 04042011_103118

    Files\Folders moved on Reboot...
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\Content.IE5\Y2F9TCXM\98477-active-jump-redirect-removal-2[1].html moved successfully.
    C:\Documents and Settings\john sprague\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
    File move failed. C:\Documents and Settings\NetworkService\Local Settings\Temp\Perflib_Perfdata_1e4.dat scheduled to be moved on reboot.

    Registry entries deleted on Reboot...
     
    johnandal,
    #22


  3. to hide this advert.

  4. 2011/04/04
    johnandal

    johnandal Inactive Thread Starter

    Joined:
    2011/03/31
    Messages:
    16
    Likes Received:
    0
    All directions have been folowed to a "T" Thank you so much for your help on this. Everything seems to be running better than ever! THANKS AGAIN!
     
    johnandal,
    #23
  5. 2011/04/04
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    You're very welcome :)

    Good luck and stay safe :)
     
    broni,
    #24
Page 2 of 2

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...