Solve : redirect.cheapred.info hijack my browsers?

1.	Solve : redirect.cheapred.info hijack my browsers?
Answer» Could you please post a screenshot of the re-direct?here it is [attachment deleted by admin to conserve space]here is the link to file droper if the picture does not open http://www.filedropper.com/untitled_29I will NEED you to open your Task Manager. CTRL+Alt+delete should do it and look for redirect.cheapred in the processes. If you can find it, click End process. Next, check your browsers for plug-ins. Chrome Click the Chrome menu button on the browser toolbar. Click Tools. Select Extensions. Click the trash can icon to delete redirect.cheapred.info extension. Make sure to remove all extensions you do not know or need. A confirmation dialog appears, click Remove. Firefox Click the menu button and choose Add-ons. The Add-ons Manager tab will open. In the Add-ons Manager tab, select the Extensions panel. Make sure to remove all extensions you do not know or need. Click Disable or Remove button of redirect.cheapred.info. Click Restart now if it pops up. Internet Explorer Open the IE, click the Tools button , and then click Manage add-ons. Click Toolbars and Extensions on left side of the window., and then select redirect.cheapred.info Make sure to remove all BHO’s you do not know or need. If the add-on can be deleted, you’ll see the Remove option. Click Remove and then click Close. Otherwise click Disable button. Next, Go to Control Panel, Programs and Features and look for the program and un-install it.it is not found in the task manager process ... and i do not have any extension to uninstall at all yet this redirect still occurPlease download the latest VERSION of Hitman Pro After the download completes please double click the program to run it. Accept the terms of the license agreement and click Next Let the scan run. It will not take long When the scan finishes, and all the files have been uploaded to the Scan Cloud, click Next Click Next again. At the bottom left you will see Export Scan Results To XML File. Click that and save it in a convenient location Upload log.xml here for review please here is the log [attachment deleted by admin to conserve space]Code: [Select]HitmanPro 3.7.20.286 www.hitmanpro.com Computer name . . . . : DELL-PC Windows . . . . . . . : 6.1.1.7601.X64/4 User name . . . . . . : dell-PC\dell UAC . . . . . . . . . : Disabled License . . . . . . . : Free Scan date . . . . . . : 2017-08-28 18:03:15 Scan mode . . . . . . : Normal Scan duration . . . . : 8m 2S Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 1 Traces . . . . . . . : 20 Objects scanned . . . : 1,262,129 Files scanned . . . . : 15,236 Remnants scanned . . : 226,731 files / 1,020,162 keys Malware _____________________________________________________________________ C:\Users\dell\Downloads\Programs\disk-defrag-setup.exe Size . . . . . . . : 8,844,032 bytes Age . . . . . . . : 3.8 days (2017-08-24 22:40:54) Entropy . . . . . : 8.0 SHA-256 . . . . . : E56404B46C97CDBD6B08B3C0E05B605667E2FD074B436C84983DBFE580984698 Product . . . . . : Auslogics Disk Defrag Publisher . . . . : Auslogics Labs Pty Ltd Description . . . : Auslogics Disk Defrag Installation File Version . . . . . : 7.1.5.0 RSA Key Size . . . : 2048 LanguageID . . . . : 0 Authenticode . . . : Valid > HitmanPro . . . . : App/ADiskDef-A Fuzzy . . . . . . : 98.0 Forensic CLUSTER -1.8s C:\Users\dell\AppData\Roaming\IDM\DwnlData\dell\disk-defrag-setup_16\ 0.0s C:\Users\dell\Downloads\Programs\disk-defrag-setup.exe Cookies _____________________________________________________________________ C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:262855726.log.optimizely.com C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:addthis.com C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:adnxs.com C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:adsrvr.org C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:agkn.com C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:bluekai.com C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:connexity.net C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:mookie1.com C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:openx.net C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:pixel.rubiconproject.com C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:pubmatic.com C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:rlcdn.com C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:rubiconproject.com C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:scorecardresearch.com C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:taboola.com C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:tapad.com C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:trc.taboola.com Download SpyHunter Double-click SpyHunter-Installer.exe to install it into your system: Select Language, installer and EULA. Select “Start a New System Scan” and then click Scan Computer Now! Step 4: Get rid of all detected items by clicking “Fix Threats” button: no threats found Quote from: alixa on August 25, 2017, 09:00:19 PM it was fine for a while but it keeps coming back for no reason i do not know what is wrong about it Does it do this on all your browsers including IE?YES to all browsersThe instructions I have given you is the proper method to get rid of this re-direct. Have you tried a System Restore to before the date this problem happened?WELL i finally solved it at last 1- i have to disable cookies 2- i have to disable java in a the browsers thanks for your help and i am sorry to bother you thanks again Click Start> Computer> right click the C Drive and choose Properties> enter Click Disk Cleanup from there. Click OK on the Disk Cleanup Screen. Click Yes on the Confirmation screen. This runs the Disk Cleanup utility along with other selections if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive) ************************************* This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments... This is a very crucial step so make sure you don't skip it. Download DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles. Double-click Delfix.exe to start the tool. Make sure the following items are checked: Activate UAC (optional; some users prefer to keep it off) Remove disinfection tools Create Registry backup Purge System Restore Points Re-set system settings Now click "Run" and wait patiently. Once finished a logfile will be created. You don't have to attach it to your next reply. ****************************************** I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, SPAM, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free. Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future. Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly. Safe Surfing!

Answer»

Could you please post a screenshot of the re-direct?here it is

[attachment deleted by admin to conserve space]here is the link to file droper if the picture does not open
http://www.filedropper.com/untitled_29I will NEED you to open your Task Manager. CTRL+Alt+delete should do it and look for redirect.cheapred in the processes. If you can find it, click End process. Next, check your browsers for plug-ins.
Chrome
Click the Chrome menu button on the browser toolbar.
Click Tools.
Select Extensions.
Click the trash can icon to delete redirect.cheapred.info extension.
Make sure to remove all extensions you do not know or need.
A confirmation dialog appears, click Remove.

Firefox
Click the menu button and choose Add-ons. The Add-ons Manager tab will open.
In the Add-ons Manager tab, select the Extensions panel.
Make sure to remove all extensions you do not know or need.
Click Disable or Remove button of redirect.cheapred.info.
Click Restart now if it pops up.

Internet Explorer
Open the IE, click the Tools button , and then click Manage add-ons.
Click Toolbars and Extensions on left side of the window., and then select redirect.cheapred.info
Make sure to remove all BHO’s you do not know or need.
If the add-on can be deleted, you’ll see the Remove option. Click Remove and then click Close. Otherwise click Disable button.

Next, Go to Control Panel, Programs and Features and look for the program and un-install it.it is not found in the task manager process ... and i do not have any extension to uninstall at all yet this redirect still occurPlease download the latest VERSION of Hitman Pro

After the download completes please double click the program to run it.
Accept the terms of the license agreement and click Next
Let the scan run. It will not take long
When the scan finishes, and all the files have been uploaded to the Scan Cloud, click Next
Click Next again. At the bottom left you will see Export Scan Results To XML File. Click that and save it in a convenient location
Upload log.xml here for review please

here is the log

[attachment deleted by admin to conserve space]Code: [Select]HitmanPro 3.7.20.286
www.hitmanpro.com

Computer name . . . . : DELL-PC
Windows . . . . . . . : 6.1.1.7601.X64/4
User name . . . . . . : dell-PC\dell
UAC . . . . . . . . . : Disabled
License . . . . . . . : Free

Scan date . . . . . . : 2017-08-28 18:03:15
Scan mode . . . . . . : Normal
Scan duration . . . . : 8m 2S
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No

Threats . . . . . . . : 1
Traces . . . . . . . : 20

Objects scanned . . . : 1,262,129
Files scanned . . . . : 15,236
Remnants scanned . . : 226,731 files / 1,020,162 keys

Malware _____________________________________________________________________

C:\Users\dell\Downloads\Programs\disk-defrag-setup.exe
Size . . . . . . . : 8,844,032 bytes
Age . . . . . . . : 3.8 days (2017-08-24 22:40:54)
Entropy . . . . . : 8.0
SHA-256 . . . . . : E56404B46C97CDBD6B08B3C0E05B605667E2FD074B436C84983DBFE580984698
Product . . . . . : Auslogics Disk Defrag
Publisher . . . . : Auslogics Labs Pty Ltd
Description . . . : Auslogics Disk Defrag Installation File
Version . . . . . : 7.1.5.0
RSA Key Size . . . : 2048
LanguageID . . . . : 0
Authenticode . . . : Valid
> HitmanPro . . . . : App/ADiskDef-A
Fuzzy . . . . . . : 98.0
Forensic CLUSTER
-1.8s C:\Users\dell\AppData\Roaming\IDM\DwnlData\dell\disk-defrag-setup_16\
0.0s C:\Users\dell\Downloads\Programs\disk-defrag-setup.exe

Cookies _____________________________________________________________________

C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:262855726.log.optimizely.com
C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:addthis.com
C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:adnxs.com
C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:adsrvr.org
C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:agkn.com
C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:bluekai.com
C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:connexity.net
C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:mookie1.com
C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:openx.net
C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:pixel.rubiconproject.com
C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:pubmatic.com
C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:rlcdn.com
C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:rubiconproject.com
C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:scorecardresearch.com
C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:taboola.com
C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:tapad.com
C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Cookies:trc.taboola.com

Download SpyHunter
Double-click SpyHunter-Installer.exe to install it into your system:
Select Language, installer and EULA.
Select “Start a New System Scan” and then click Scan Computer Now!
Step 4: Get rid of all detected items by clicking “Fix Threats” button:
no threats found Quote from: alixa on August 25, 2017, 09:00:19 PM

it was fine for a while but it keeps coming back for no reason i do not know what is wrong about it

Does it do this on all your browsers including IE?YES to all browsersThe instructions I have given you is the proper method to get rid of this re-direct. Have you tried a System Restore to before the date this problem happened?WELL i finally solved it at last
1- i have to disable cookies
2- i have to disable java in a the browsers

thanks for your help and i am sorry to bother you thanks again Click Start> Computer> right click the C Drive and choose Properties> enter
Click Disk Cleanup from there.

Click OK on the Disk Cleanup Screen.
Click Yes on the Confirmation screen.

This runs the Disk Cleanup utility along with other selections if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive)
***************************************
This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

Activate UAC (optional; some users prefer to keep it off)
Remove disinfection tools
Create Registry backup
Purge System Restore Points
Re-set system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.
********************************************
I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, SPAM, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

Solve : redirect.cheapred.info hijack my browsers?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment