Jump to content

Google redirect problems


Recommended Posts

Hi lmguk

:welcome:

We need to look at some information about what is going on in your computer:

Please perform the following scan:

  • Download DDS by sUBs from one of the following links. Save it to your desktop.

    [*]Double click on the DDS icon, allow it to run.

    [*]A small box will open, with an explanation about the tool.

    [*]When done, DDS will open two (2) logs

    1. DDS.txt

    2. Attach.txt

    [*] Save both reports to your desktop.

    [*] The instructions here ask you to attach the Attach.txt.

    DDS.jpg

    [*]Instead of attaching, please copy/past both logs into your Thread

    [*]Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.

After downloading the tool, disconnect from the internet and disable all antivirus protection.

Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HEREThen post your DDS (DDS.txt and Attach.txt

Link to post
Share on other sites

HI kenny - I can't get those links to work the top one comes up with run then notepad opens with a lot of scribbled characters

the second link my computer av denys access - avira so cant dowmload?

am I doing something wrong??

Hi lmguk

:welcome:

We need to look at some information about what is going on in your computer:

Please perform the following scan:

  • Download DDS by sUBs from one of the following links. Save it to your desktop.

    [*]Double click on the DDS icon, allow it to run.

    [*]A small box will open, with an explanation about the tool.

    [*]When done, DDS will open two (2) logs

    1. DDS.txt

    2. Attach.txt

    [*] Save both reports to your desktop.

    [*] The instructions here ask you to attach the Attach.txt.

    DDS.jpg

    [*]Instead of attaching, please copy/past both logs into your Thread

    [*]Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.

After downloading the tool, disconnect from the internet and disable all antivirus protection.

Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HEREThen post your DDS (DDS.txt and Attach.txt

Link to post
Share on other sites

Okay, you need to disable Avira to download and run DDS. Here's how:

Right Click on the (Avira Antivir Icon) in the system tray. Uncheck the AntiVir Guard enable by clicking on it one time.

Then try DDS again and post both logs.

Thanks here they are

.

DDS (Ver_11-03-05.01) - NTFSx86

Run by Lisa at 23:23:08.31 on 16/04/2011

Internet Explorer: 7.0.6002.18005

Microsoft

Link to post
Share on other sites

Is this a feature of a redirect virus??

Yes. There's some malware that will redirect to advertising sites to make money. Your log is clean, but lets run a few scans to make sure nothing is hiding.

Update Run Malwarebytes

  • Launch Malwarebytes' Anti-Malware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Next

ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however may need to disable your current installed Anti-Virus, how to do so can be read here.

  • Please go here then click on: EOLS1.gif
  • Select the option YES, I accept the Terms of Use then click on: EOLS2.gif
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:

    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology

[*]Now click on: EOLS3.gif

[*]The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.

[*]When completed the Online Scan will begin automatically.

[*]Do not touch either the Mouse or keyboard during the scan otherwise it may stall.

[*]When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!

[*]Now click on: EOLS4.gif

[*]Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.

[*]Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

Then post both logs please.

Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6375

Windows 6.0.6002 Service Pack 2

Internet Explorer 7.0.6002.18005

17/04/2011 11:45:58

mbam-log-2011-04-17 (11-45-58).txt

Scan type: Quick scan

Objects scanned: 161867

Time elapsed: 10 minute(s), 25 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Yeah the redirects just don't go away. There's another tool we need to run after this one.

Please download the OTM by OldTimer.

  • Save it to your desktop.
  • Please double-click OTM.exe to run it. (Vista users, please right click on OTM.exe and select "Run as an Administrator")
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
    :Services

    :Reg

    :Files
    ipconfig /flushdns /c
    C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\2da083e7-4c77b977
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [EMPTYFLASH]
    [Reboot]

  • Return to OTM, right click in the "Paste instructions for items to be Move" window (under the light Yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • A log of files and folders moved will be created in the c:\_OTM\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
  • Close OTM

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Link to post
Share on other sites

Yeah the redirects just don't go away. There's another tool we need to run after this one.

Please download the OTM by OldTimer.

  • Save it to your desktop.
  • Please double-click OTM.exe to run it. (Vista users, please right click on OTM.exe and select "Run as an Administrator")
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
    :Services

    :Reg

    :Files
    ipconfig /flushdns /c
    C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\2da083e7-4c77b977
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [EMPTYFLASH]
    [Reboot]

  • Return to OTM, right click in the "Paste instructions for items to be Move" window (under the light Yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • A log of files and folders moved will be created in the c:\_OTM\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
  • Close OTM

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Hi Kenny

have tried this a few times and gert ot thestage where I move it then it goes into not responding mode and have to shut down - even tried it without AV enabled but same thing

haven't had any google redirects for 2 days now

Link to post
Share on other sites

Well, there is more than one way to skin a cat, as we say.

To clear your Java Cache.

Click Start > Control Panel.

In the Control Panel, double-click the "Java" icon in the control panel. The Java Control Panel then appears.

Under the header "Temporary Internet Files", select the "Settings" button.

81f6db55.png

Don't change any of the settings, then click "Delete Files".

9e91904d.png

Next, the Delete Temporary Files dialog box appears.

a7252171.png

Make sure both boxes are ticked, and hit the OK button.

Lets check your Security so this will not happen again.

Next

Download Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Link to post
Share on other sites

Well, there is more than one way to skin a cat, as we say.

To clear your Java Cache.

Click Start > Control Panel.

In the Control Panel, double-click the "Java" icon in the control panel. The Java Control Panel then appears.

Under the header "Temporary Internet Files", select the "Settings" button.

81f6db55.png

Don't change any of the settings, then click "Delete Files".

9e91904d.png

Next, the Delete Temporary Files dialog box appears.

a7252171.png

Make sure both boxes are ticked, and hit the OK button.

Lets check your Security so this will not happen again.

Next

Download Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Results of screen317's Security Check version 0.99.10

Windows Vista Service Pack 2 (UAC is enabled)

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

avast! Free Antivirus

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

CCleaner

Java 6 Update 24

Java SE Runtime Environment 6

Adobe Flash Player

Adobe Reader 9.4.3

Out of date Adobe Reader installed!

````````````````````````````````

Process Check:

objlist.exe by Laurent

system32 AvastSvc.exe -?-

AVAST Software Avast AvastUI.exe

``````````End of Log````````````

Here's the log - thanks for your help hopefully all's sorted now ?

Link to post
Share on other sites

  • 3 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.