trojware.js.redirector.b

[Guest]

[dyankelewitz]

Comodo quarantined this trojan while I was doing a jobsearch. It was supposedly quarantined but I can't find it in the quarantine section of Comodo. What is going wrong? Am I still infected? What steps can I take to make sure that I am safe?

[Seany007]

Comodo quarantined this trojan while I was doing a jobsearch. It was supposedly quarantined but I can't find it in the quarantine section of Comodo. What is going wrong? Am I still infected? What steps can I take to make sure that I am safe?

Hello! Not sure about Comodo. But do this:

http://www.techsupportalert.com/content/how-know-if-your-computer-infected.htm

http://www.techsupportalert.com/content/how-clean-infected-computer.htm

First we need to know if it was a FP. Get back to me if you have a further issue.

[!H]

"Kaspersky TDSSKiller will scan your computer for some of the most common types of rootkits. I've found it to have relatively few false positives and a very high detection rate. By the way, some scanners, including Comodo Cleaning Essentials, may detect this file as a dangerous file. It is not. This is a safe download link. If it is flagged as dangerous you can safely ignore the detection. As with every program in this article, I recommend that you do not delete any files using this program. A false positive on the wrong file could destroy your computer, even if you’re not infected." link

... during job search and I'm worried

... I was doing a jobsearch...

dyankelewitz

Online Scan a Webpage "jobsearch"

and search: [How to disable the redirect to the browser?]

[EricJH]

Are you using the suite with the av enabled or the firewall (without the av enabled). When running the firewall the cloud look up may find the virus and handle it but unfortunately it does not get guaranteed. When running the suite we would expect the virus to be in quarantine.

[dyankelewitz]

Thanks for all the responses! I was running the full suite (free version). Shortly after I posted, I had a crash (blue screen) and the memory was dumped. So I did a system restore to a few days earlier. Can I assume that everything is fine now or should I still scan for rootkits?

[EricJH]

Please run some tests just in case something escaped system restore. With these things it is always good to stay on the side of cautiousness.

Run CCE, MBAM, SAS,Hitman Pro and TDSS Killer just to be on the safe and cautious side of things.

[Seany007]

Thanks for all the responses! I was running the full suite (free version). Shortly after I posted, I had a crash (blue screen) and the memory was dumped. So I did a system restore to a few days earlier. Can I assume that everything is fine now or should I still scan for rootkits?

You had such crashes before? If not... You prob infected. Run tests and get back to us.

[dyankelewitz]

I ran quick scans with the five scanners that were recommended. Here are the results:

Comodo Cleaning Essentials found
Modified Hosts and recommends repair.

Malwarebytes found nothing

TDSS KILLER found nothing

SAS found tracking cookies
Adware.Tracking Cookie
   statse.webtrendslive.com [ C:\USERS\DINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICGWL511.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\DINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\URPIFN10.txt [ Cookie:dina[at]accounts.google.com/o ]
   C:\USERS\DINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\0RX7LRAU.txt [ Cookie:dina[at]www.google.com/accounts ]

Hitman Pro found hosts and tracking cookie
   hosts
   C:\windows\system32\drivers\etc\
C:\Users\Dina\AppData\Roaming\Mozilla\Firefox\Profiles\icgwl511.default\cookies.sqlite:statse.webtrendslive.com

What should I use to repair these? Can I assume that I am free after repairing?

[dyankelewitz]

Also, while I was downloading Hitman Pro, Comodo quarantined a file:

suspicious[at]#3k5qxzahnzlio
Location: C:\Users\...\Appdata\local\temp\nshCF73.tmp\6\couponcompanion_102912.exe

What can I do to make sure this threat is gone as well?

[Seany007]

I ran quick scans with the five scanners that were recommended. Here are the results:

Comodo Cleaning Essentials found
Modified Hosts and recommends repair.

Malwarebytes found nothing

TDSS KILLER found nothing

SAS found tracking cookies
Adware.Tracking Cookie
   statse.webtrendslive.com [ C:\USERS\DINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICGWL511.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\DINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\URPIFN10.txt [ Cookie:dina[at]accounts.google.com/o ]
   C:\USERS\DINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\0RX7LRAU.txt [ Cookie:dina[at]www.google.com/accounts ]

Hitman Pro found hosts and tracking cookie
   hosts
   C:\windows\system32\drivers\etc\
C:\Users\Dina\AppData\Roaming\Mozilla\Firefox\Profiles\icgwl511.default\cookies.sqlite:statse.webtrendslive.com

What should I use to repair these? Can I assume that I am free after repairing?

Looks okay to me. Can you post more info about CCE "Modified hosts and recommends repair". What settings you used in CCE as well?

[Seany007]

Also, while I was downloading Hitman Pro, Comodo quarantined a file:

suspicious[at]#3k5qxzahnzlio
Location: C:\Users\...\Appdata\local\temp\nshCF73.tmp\6\couponcompanion_102912.exe

What can I do to make sure this threat is gone as well?

Do you use high heuristics in your AV? Scan it with Virus Total post results here.

[Tags:]