Solved Redirection to chinese recipes pages or blank pages

Status
Not open for further replies.

smudla

New Member
Thread author
Verified
Jan 5, 2016
19
Router model is TP-LINK TL WR 543G. I have access to its settings. I tried to reboot it, changed username, changed password, changed SSID. (Nothing have fixed the redirection problem). But for some reason, I cannot reset it via reset button.
 

smudla

New Member
Thread author
Verified
Jan 5, 2016
19
I reset the router to factory settings and connected to net again. Redirection continues.
Then I installed AVG instead of unfunctional Avast. AVG is able to stop the redirections, but everytime shows information about finding a threat, so the problem is not really fixed. Now I'm going to run AVG scan of the computer.
AVG finds virus in following object: js.users.51.la/2771713.js?_=1452465166279
 

smudla

New Member
Thread author
Verified
Jan 5, 2016
19
AVG warning occurs while the page (which is beeing redirected), is uploading. AVG stops the redirection, shows warning and the right page is open.
 

smudla

New Member
Thread author
Verified
Jan 5, 2016
19
Almost every http page in Firefox and Chrome. For example kaspersky.com, csfd.cz and others that I tried. It is not strictly regular, but these pages were redirected almost everytime. AVG it stops now. In both mentioned browsers. At this time, redirection does not occur in IE.
 

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
FRST.gif
Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
  • Right-click on
    FRST.gif
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content into your next reply.
 

smudla

New Member
Thread author
Verified
Jan 5, 2016
19
I am sending new logfiles from Farbar.
Current behavior in Firefox is this: when first http (not https) page is loading, it is redirected to page with chinese recipe and at the same time appears AVG warning about finding virus JS/Redir and healing it. It is possible to go back.
Next pages are then loaded correctly, but everytime AWG warning appears.
 

smudla

New Member
Thread author
Verified
Jan 5, 2016
19
Sorry, I forgot to attach the files.
 

Attachments

  • Addition.txt
    48 KB · Views: 3
  • FRST.txt
    35.6 KB · Views: 2

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
FRST.gif
Fix with Farbar Recovery Scan Tool

icon_exclaim.gif
This fix was created for this user for use on that particular machine.
icon_exclaim.gif

icon_exclaim.gif
Running it on another one may cause damage and render the system unstable.
icon_exclaim.gif

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on
    FRST.gif
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.
 

Attachments

  • fixlist.txt
    1.1 KB · Views: 4

smudla

New Member
Thread author
Verified
Jan 5, 2016
19
It seems to be OK now!
Since restart after Farbar fixing, CPU is used for about 60% by trustedinstaller or svchost. I know it has something to do with Windows update. Is its higher activity caused by fixing my malware problem?
 

Attachments

  • Fixlog.txt
    3.3 KB · Views: 2

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Yes, I think so. You must understand that your PC is probably 7-8 years old and you'll see a lot of CPU usage with modern apps and operating systems.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top