Redirects and Framer.S

By rhysjoe · 6 replies
Nov 13, 2008
  1. I am getting redirects on a number of sites and avg is also saying that i have a HTML/Framer.S virus.Have run Spybot S&D and Malwarebytes but am still getting the same problems.The redirects are with both Firefox and IE7.
  2. rf6647

    rf6647 TS Maniac Posts: 829

    Welcome to TS. Having said that -This is perplexing.

    This is an unknown - often associated with LOP hacks. Can causes your symptoms.………blacklisted by only 3 lists

    What info do you have about these IPs? Bulldog, Cable and Wireless Access Ltd, Bulldog Communications Ltd., London

    MBAB & SAS posted & clean. Is there a recent history of infections reported by these tools?

    Assessment - Fix-Check the O17 findings.
  3. rhysjoe

    rhysjoe TS Rookie Topic Starter

    Bulldog was my old ISP.HAven't been with them now for nearly 6 months.Should i just delete this ?
  4. rf6647

    rf6647 TS Maniac Posts: 829

    Yes, that was my meaning.

    Run HJT, apply checks against O17 entries. Click Fix.

    Restart the computer,

    Re-run HJT. Post back results.

    Monitor for improvements. (hope)

    P.S. I am usually cryptic when I use my 'express' notation. I am a lazy person.
  5. rhysjoe

    rhysjoe TS Rookie Topic Starter

    Ok i have done that here is my new HJT log.Posted the wrong log earlier that one is nearly 4 months old.:eek:
  6. rf6647

    rf6647 TS Maniac Posts: 829

    The logs are clear. Resume happy computing.

    I infer that the O17 findings were present & corrected with HJT.

    They were the most likely cause of the symptoms. Report if problems persist.

    Two cautions.
    SweetIM is regarded as QUESTIONABLE. User judgement.

    AVG & ZA (your protections) should be sufficient. One post reports that AVG caught a threat (macromed\Flash).
    Source is unknown. Downloaded program files are always risky.
    Be cautious. Especially when offered udates to working programs or plugins.

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - hxxps://
  7. rhysjoe

    rhysjoe TS Rookie Topic Starter

    Thanks for your reply.Computer runs better now.Applied all ticks to O16 & O17 entries.Also removed sweetim entries and deleted it from the system.

    Thank you for your help!!:D
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...