Browser redirection Trojan detected by MalwareBytes


  1. Posts : 3
    Windows 10 Pro
       #1

    Browser redirection Trojan detected by MalwareBytes


    4 days ago I noticed some weird redirection on all browsers (Chrome, Mozilla, Edge) whenever I open something (tab or site). After a while, using MalwareBytes I was able to detect which file was causing the problem. It was C:/Windows/NetfilterSvc.
    I was not able to find a program associated with it, but I was able to find it in "regedit". The service doesn't seem to be active by looking at the flags, but obviously it is since redirection is still happening.
    It appears in 3 different names/files:
    NetfilterSvc
    iNetfilterSvc
    iTranslator.
    In addition, System restore didn't help so I guess its well into the system files and replicating.
    Is there some anti-malware software that could do some deep cleaning? I would really like to avoid reinstalling Windows, since there are a lot of data spread around the system.
      My Computer

  2. Bastet's Avatar
    Posts : 1,721
    Windows 10 Pro 64bit
       #2

    If Malwarebyte’s isn’t cleaning it you can also try AdwCleaner & Eset’s online scanner.
    https://www.malwarebytes.com/adwcleaner/
    https://www.eset.com/uk/home/online-scanner/
      My Computer

  3. 1PW's Avatar
    1PW
    Posts : 182
    W10
       #3

    Hello MartinV279:

    If @Bastet's solutions are not successful, please consider starting a new topic in https://forums.malwarebytes.com/forum/7-windows-malware-removal-help-support/ for free professional assistance.

    If either of @Bastet's were successful, please consider replying to this topic with .txt files of the solution.

    Thank you.
      My Computers

  4. Samuria's Avatar
    Posts : 6,053
    windows 10
       #4

    Please download and save FRST 64bit or FRST 32 bit to your Desktop.

    Download Farbar Recovery Scan Tool
    Get the right version 32 or 64 bit

    Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.

    Make sure that Addition option is checked.
    Press Scan button.
    It will produce a log called FRST.txt in the same directory the tool is run from.
    Please copy and paste log back .
    The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe).
      My Computer


  5. Posts : 1
    Windows 10 Pro
       #5

    MartinV279 said:
    4 days ago I noticed some weird redirection on all browsers (Chrome, Mozilla, Edge) whenever I open something (tab or site). After a while, using MalwareBytes I was able to detect which file was causing the problem. It was C:/Windows/NetfilterSvc.
    I was not able to find a program associated with it, but I was able to find it in "regedit". The service doesn't seem to be active by looking at the flags, but obviously it is since redirection is still happening.
    It appears in 3 different names/files:
    NetfilterSvc
    iNetfilterSvc
    iTranslator.
    In addition, System restore didn't help so I guess its well into the system files and replicating.
    Is there some anti-malware software that could do some deep cleaning? I would really like to avoid reinstalling Windows, since there are a lot of data spread around the system.
    I have the same problem since a few of days back.
    McAffee scan did not resolve it
    MalwareBytes scan did not resolve it
    Now running ESET

    What did help, is to run Malwarebytes, detect the page it tries to redirect to, and add it in the hosts file (immunize it)

    Looking forward on how to remove the virus
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 13:14.
Find Us




Windows 10 Forums