Google Redirect Virus

[sneak14]

All processes killed

Error: Unable to interpret <[EmptyFlash]> in the current context!

Error: Unable to interpret <[EmptyTemp]> in the current context!

Error: Unable to interpret <[RESETHOSTS]> in the current context!

Error: Unable to interpret <[purity]> in the current context!

Error: Unable to interpret <[start explorer]> in the current context!

Error: Unable to interpret <[Reboot]> in the current context!

OTL by OldTimer - Version 3.2.17.3 log created on 11272010_030115

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[LDTate]

http://www.eset.eu/online-scanner

Go here to run an online scannner from ESET.

Click the green ESET Online Scanner button.

Read the End User License Agreement and check the box: YES, I accept the Terms of Use.

Click on the Start button next to it.

You may receive an alert on the address bar that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then click Insall ActiveX component.

A new window will appear asking "Do you want to install this software?"".

Answer Yes to download and install the ActiveX controls that allows the scan to run.

Click Start.

Check Remove found threats and Scan potentially unwanted applications.

Click Scan to begin.

If offered the option to get information or buy software. Just close the window.

Wait for the scan to finish

Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt

Copy and paste that log as a reply to this topic.

[sneak14]

Here is the log:

ESETSmartInstaller@High as CAB hook log:

OnlineScanner64.ocx - registred OK

OnlineScanner.ocx - registred OK

And here is what was removed:

C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe a variant of Win32/HotSpotShield application cleaned by deleting (after the next restart) - quarantined

C:\Users\Dan\AppData\Local\Temp\NODBA91.tmp a variant of Win32/HotSpotShield application cleaned by deleting (after the next restart) - quarantined

[LDTate]

Restart and let me know how it's running now.

[sneak14]

Everything is running fine. But the flash problem and the cookie warnings are still there. It's annoying but it's not a huge deal. The google redirect thing was the main problem and it looks like it's gone now. If there isn't anything else that can be done that's ok I guess.

[LDTate]

Clean up with OTL:

• Double-click OTL.exe to start the program.
  
• Close all other programs apart from OTL as this step will require a reboot
  
• On the OTL main screen, press the CLEANUP button
  
• Say Yes to the prompt and then allow the program to reboot your computer.
  

[sneak14]

no longer getting the tracking cookie warning every time I start up FF. Flash problem remains but other than that it's all good. thanks.

[LDTate]

I don't know what the issue with Flash is.

[sneak14]

that's ok. everything else is fine. thanks for everything.

[LDTate]

You're more than welcome.

Glad we were able to help

Peace be with you

[LDTate]

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.