Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser redirects to fake Java update


  • Please log in to reply
4 replies to this topic

#1 Derren

Derren

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:05:54 PM

Posted 18 February 2015 - 11:35 AM

Occasionally my browser is redirected to a fake Java update page "undoupgrade24.versionupgrader.net".

 

And today I also got redirected to a fake Media Player update page "tmrzz.download.furnituretray.xyz".

 

I ran MBAM (free version) and it found nothing. I have taken no further action. I want to keep my machine clean and virus free, so I came here immediately.

 

My system is Windows 7 Professional, 64-bit. I'm using Windows Firewall and Microsoft Security Essentials.

 

All important Windows updates have been installed.

 

Thank you for reading.

 

 



BC AdBot (Login to Remove)

 


#2 Phantom010

Phantom010

  • Members
  • 1,022 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cyberspace
  • Local time:08:54 PM

Posted 18 February 2015 - 11:53 AM

Please download MiniToolBox to your desktop and run it.

 

Select the following three items only.

 

UQbX20G.png

 

Click Go.

A Notepad window will open. Copy/paste the contents into your next reply.


Edited by Phantom010, 18 February 2015 - 11:54 AM.


#3 Derren

Derren
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:05:54 PM

Posted 18 February 2015 - 12:02 PM

By the way, I've been using Chrome for my browser.

 

Minitoolbox result:

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Owner (administrator) on 18-02-2015 at 09:00:08
Running from "C:\Users\Owner\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================
 
 
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
 
There are 15472 more lines starting with "127.0.0.1"
 
 
**** End of log ****

Edited by Derren, 18 February 2015 - 12:03 PM.


#4 Phantom010

Phantom010

  • Members
  • 1,022 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cyberspace
  • Local time:08:54 PM

Posted 18 February 2015 - 12:27 PM

Seems you have Spybot, am I right?

 

With over 15 000 lines inside that Hosts file, it's impossible to spot any malicious entries. There might be something resembling the addresses you're mentioning in your first post though.

 

I believe your computer is indeed infected and will most probably need the tools found in the Virus, Trojan, Spyware, and Malware Removal Logs forum. MBAM, AdwCleaner and JRT won't be enough.


Edited by Phantom010, 18 February 2015 - 12:42 PM.


#5 Derren

Derren
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:05:54 PM

Posted 18 February 2015 - 12:41 PM

Yes I do.

 

But I don't know if it's configured to do anything. I didn't realize I had it. I may have installed it right after I got the computer and then neglected it.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users