Solved Java Update required redirection SCAM on one website and one only

[Ramen]

16th August, When I have connected to a website using Firefox,
after the page was sucessuflly loaded, I was redirected to the
fake Java update, telling me to download an exe file (which I did not,
I just closed the download download box)

I ran several of my anti-virus and anti- rootkit removal programmes written above,as well
as clearing the cache of each browsers

still have no luck, whenever I try to acces the website (which is a blogs-tyle webiste) and their articles (their subpages), I seems to be redirected.


Especially, Hitman Pro, it has detected three files that are "suspicious"

C:\\Windows\SysWOW64\RGSS102J.dll
C:\\Windows\SysWOW64\RGSS100J.dll
C:\\Windows\SysWOW64\RGSS102E.dll
(Which I decided to use the quaratine option)

This remained theONLY website that I will get redirected
(it does NOT redirect when the browser is opened)
untill when I regsitrered onto thsi forum and on the welcomepage (the page
that all users see when they regsiter, that advises to introduce themselves at
a section of this forum) a new tab automatically opened with the fake
java update page.


I will attach the report from the FRST 64 bit ver for your reference
as written in your instruction page, but will attach reports from other
third-party programs if requested.

 

[TwinHeadedEagle]

Hello,


You still need to attach Addition.txt report.

 

[Ramen]

Hello,


You still need to attach Addition.txt report.

Sorrt for the trouble, Here is the addtion.txt report,

p.s.
I atttempted to access the same page just posting this and I was NOT redirected for some reason.
Nevertheless, I would still like the forum's experts to have a look at it.

 

[TwinHeadedEagle]

Multiple Resident Protection warning!

Always have one (and no more than one!) AntiVirus program! In this case having more of them will not provide you with better protection - instead they may cause slowness, lock-ups and even mark another ones as harmful, leading to leave your system unstable and even damaged. Please choose only one from the listed below to stay with and uninstall the others:

• AVG AntiVirus Free Edition 2014
• Microsoft Security Essentials

Uninstallation procedure:

• Press the
  
  + R on your keyboard at the same time. Type appwiz.cpl and click OK.
• Search for each uninstalled entry, right-click it and select Uninstall.

This should be done until any other steps will be taken.



PC seems clean, how is the situation now?

 

[Ramen]

Multiple Resident Protection warning!

Always have one (and no more than one!) AntiVirus program! In this case having more of them will not provide you with better protection - instead they may cause slowness, lock-ups and even mark another ones as harmful, leading to leave your system unstable and even damaged. Please choose only one from the listed below to stay with and uninstall the others:

• AVG AntiVirus Free Edition 2014
• Microsoft Security Essentials

Uninstallation procedure:

• Press the
  
  + R on your keyboard at the same time. Type appwiz.cpl and click OK.
• Search for each uninstalled entry, right-click it and select Uninstall.

This should be done until any other steps will be taken.



PC seems clean, how is the situation now?

>>>Two Different Anti Virus Programs
Yes I know its not a good idea, I just thought I will give the MSE a try since it was advised on this website. I shall unsitall AVG.


>>The Current Situation
Yes, the website that has been directing me has stopped directing me now
however, after installing Hitman-Pro subscribing for a free trial period and restarting
afer the windows 7 logo I was greeted with a black screen with
"HitmanPro 3.7 Surfright B.V" for about a
minute untill leading me to the welcome screen (the above phrase disappeared and my mous cursor appeared, then the welcome screen) is this normal thing to happen after
installing HitmanPro?

 

[TwinHeadedEagle]

Probably not normal, try to uninstall it and see if it will help.

 

[Ramen]

Probably not normal, try to uninstall it and see if it will help.

I have re-isntalled then restarted it after the inital scan (found and deleted about 80 tacking cookies)
and the HitmanPro word didnt appear at startup.

so is it all clear now?

 

[TwinHeadedEagle]

Yes, it is good now. We're done



Below you will find my thoughts about securing your machine. Go ahead through it, you will benefit from some useful advice about safe computing.

Recommended reading:
​

MUST READ - security tips:

• Computer Security - a short guide to staying safer online.
• Simple and easy ways to keep your computer safe and secure on the Internet

MUST READ - general maintenance:

• What to do if your Computer is running slowly?

The Importance of Software Updating:
​

In order to stay protected it is very important that you regularly update all of your software. Cybercriminals depend on the apathy of users around software updates to keep their malicious endeavor running.​

Operating systems, such as Windows, and applications, such as Adobe Reader or JAVA, are used by tens of millions of computers and devices around the world, making them a huge target for cybercriminals. Downloading updates and installing them can sometimes be tedious, but the advantages you get from the updates are certainly worth it.

• How to configure and use Automatic Updates in Windows
• How to update Java
• How to update Adobe Reader

Recommended additional software:
​

TFC - to clean unneeded temporary files.

Malwarebytes' Anti-Malware - to scan your system from time to time in search for malware.

Malwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.

McShield - to prevent infections spread by removable media.

CryptoPrevent - to secure yourself from very severe CryptoLocker infection.

Unchecky - to prevent from installing additional foistware, implemented in legitimate installations.

FiheHippo.com Update Checker - to keep your programs up-to-date.

Adblock - to surf the web without annoying ads!

Post-cleanup procedures:​

Download DelFix by Xplode and save it to your desktop.

• Run the tool by right click on the
  
  icon and Run as administrator option.
• Make sure that these ones are checked:
  • Remove disinfection tools
  • Purge system restore
  • Reset system settings
• Push Run and wait until the tool completes his work.
• All tools we used should be gone. Tool will create an report for you (C:\DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.

My help is free for everybody.
If you're happy with the help provided and/or wish to buy me a beer for the assistance you received, then you can consider a donation:
Thank you!​

Stay safe,
TwinHeadedEagle

 

[TwinHeadedEagle]

Since this issue appears to be resolved, I am closing the topic. If that is not the case and you need or wish to continue with this topic, please contact me or any staff member with the address of the thread.

Other members who need assistance please start your own topic in a new thread. Thanks!