Solved

[MALWARE REMOVAL] websiteconfirmreq

Posted on 2010-09-12
11
746 Views
Last Modified: 2013-11-30
I recently got infected by this malware named websiteconfirmreq it peridocially redirects pages to spam. Googling has only turned up things I assume would infect me further if I install. Does anyone know how to remove this?
0
Comment
Question by:GTsafas
  • 2
  • 2
  • 2
  • +5
11 Comments
 
LVL 17

Accepted Solution

by:
Chris Millard earned 500 total points
ID: 33657791
I would use the following 4 programs:-

Combofix
MalwareBytes
SuperAntiSpyware
and Rootalyzer

If Rootalyzer finds files that are hidden from Windows 32 then you will need to boot off of a Linux Live CD (Knoppix or Slax for example) to delete the offending files.

0
 

Author Comment

by:GTsafas
ID: 33657828
Should mention im 64bit windows7 combofix was a no go. Isnt malware bytes paid?
0
 
LVL 10

Expert Comment

by:Bawer
ID: 33657871
I strongly recommend Panda AV 2011 , its has all the solution, actually i trust its cleaning engine more than any other AV.
0
 
LVL 17

Expert Comment

by:Chris Millard
ID: 33657882
MalwareBytes is free for non-commercial use as is SuperAntiSpyware. ComboFix and Rootalyzer are free anyway.
0
 
LVL 65

Expert Comment

by:rockiroads
ID: 33657900
suggest you try running antimalware in safe mode
I would recommend malwarebytes and there is a free version http://www.malwarebytes.org/mbam.php to see downlaod free version which takes you here http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html (labelled as freeware)
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 38

Expert Comment

by:younghv
ID: 33658091
With a 're-direct', your first action should be to download TDSSKiller , extract and run the TDSSKiller.exe

Great Article here on EE by the Malware Zone Advisor:
http://www.experts-exchange.com/Virus_and_Spyware/Latest_Threats/A_3299-Google-Hijack-Google-Search-Gets-Redirected.html
0
 
LVL 38

Expert Comment

by:younghv
ID: 33658097
0
 
LVL 22

Expert Comment

by:optoma
ID: 33658491
Could be a bootkit
Try Hitmanpro 64bit
http://www.surfright.nl/en/hitmanpro
http://dl.surfright.nl/HitmanPro35_x64.exe direct link. If you cant reach it, type it directly into address bar or download on another machine and transfer
0
 
LVL 3

Expert Comment

by:Johndo58
ID: 33662446
Sorry to hear of your problems, but I had the same issues a little while ago on a customers laptop.  I tried several things including the usual,  Malware Bytes, combo etc..

After several attempts and also failures, I tried this site

http://onecare.live.com/site/en-us/default.htm

I know god damned Micro$oft but low and behold it worked.  Let em know how you get on.
0
 

Author Comment

by:GTsafas
ID: 33662485
Thank you for all your suggestions, I will try them all after work today and report back.
0
 
LVL 23

Expert Comment

by:Mohammed Hamada
ID: 33690634
Download Hostsxpert.
Follow the instructions to restore MS original hosts back from the link below which has the software download link too.

http://www.funkytoad.com/index.php?option=com_content&id=13

Download & Install Hijackthis
Run & scan then post your log here.

http://www.hijackthis.de/downloads/HJTInstall.exe
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Read about achieving the basic levels of HRIS security in the workplace.
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now