Google Links get Redirected

By douglus
May 6, 2009
  1. Hi I have had loads of trouble recently after i installed new versions of Zonealarm and AVG.

    The problem is that when i click google results i get redirected to other websites ... and it some times causes my browser (morizilla) to crash.

    I have seen and deleted loads of trojans and all sorts when following the 8 steps

    i have also seen a few other people with the same problem on the boards should i just follow them ?

    Thanks alot for reading :D

    edit > I have added a second hijack log as the first one i performed in Safe Mode ...
    After i used Super anti spy ware my machine wouldn't boot correctly so I went into Safe mode
  2. B00kWyrm

    B00kWyrm TechSpot Paladin Posts: 1,436   +37

    Rootkit / DNS Changer / Vundo Infections - Expert Help Needed

    Hey Doug...:wave:

    Your SAS file shows Rootkit, DNS Changer, and Vundo.
    I only looked a little ways into your HJT file before finding issues there.

    There are fixes for your issues.
    Do not try to "fix" anything in HJT without expert guidance. You don't want to make your problems worse.

    Best practices...
    Do not just use someone else's thread as a template for your needs. It may or may not work.

    Lotsa good folk here who generously donate their time and expertise.
    Someone will be able to help you sort things out and get clean again. Be Patient.:grinthumb
  3. douglus

    douglus TS Rookie Topic Starter

    am i not supposed to hit the remove button ?

    Oh dear I have tried several times using the software mentioned in the 8-steps to remove as much as i can ... I guess i have just made more of a mess :( as the underlying problem is still there ..

    thanks for the info though
  4. B00kWyrm

    B00kWyrm TechSpot Paladin Posts: 1,436   +37

    Hey Doug...
    As Douglas Adams says... "Don't Panic"... (and keep the towel handy).
    WIth HJT, I am pretty sure you need to deliberately tick/check the items you want it to remove.
    In some cases, removing the wrong ones (registry edits!) can break your OS.
    Let one of the experts guide you from here. They should be able to get you back to a stable system... Once clean, if there are other issues, we can work on those too.
  5. douglus

    douglus TS Rookie Topic Starter

    Deserted ?

    I know there alot of people asking for help on these forums and there are most definatly more askers then helpers ... but could someone give me some idea how to get rid of these things that are in my computer .... ??
  6. touch

    touch TS Rookie Posts: 978

    Please download Combofix from:

    And save to the desktop.

    Close all other browser windows.

    Double-click on the combofix icon found on your desktop.

    Please note, that once you start combofix you should not click anywhere on the combofix window as it can cause the program to stall. In fact, when combofix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.

    When finished, it will produce a logfile located at C:\combofix.txt.

    Attach the contents of that log in your next reply
  7. douglus

    douglus TS Rookie Topic Starter

    combofix log attached

    Cheers for replying
    here is that file

    thanks alot for reading :D

    btw I m a pirate fan ^^
  8. touch

    touch TS Rookie Posts: 978

    A pirate fan ! What do you mean.

    Do you know - GarenaPEngine ?
  9. douglus

    douglus TS Rookie Topic Starter

    what the heck is that ? no I ment that i like One piece anime ..cos i can see you avatar is a picutre of naruto the ninja .... hehehe

  10. touch

    touch TS Rookie Posts: 978

    I didn´t knew My avatar is a picture of naruto the ninja - Thanks for telling Me :)

    Ok. We´ll remove GarenaPEngine then.

    Open notepad and copy/paste the text in the quotebox below into it:
    Name the file as CFScript
    and Save it on the desktop

    Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe.

    Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post

    Do not mouseclick combofix's window whilst it's running. That may cause it to stall
  11. douglus

    douglus TS Rookie Topic Starter

    combo fix

    here is the combo fix log

    when combofix started it said that there was a newer version and asked me to update it ... I clicked no.. was that right ?

    Attached Files:

  12. B00kWyrm

    B00kWyrm TechSpot Paladin Posts: 1,436   +37

    Hello Douglus, and Touch
    I have been looking over your shoulders, hope you don't mind.
    I noticed Touch's question re: GarenaPEngine
    If you are into gaming... this may be your answer...
    In which case, your game program will need reinstallation after Touch gets you cleaned up.
  13. douglus

    douglus TS Rookie Topic Starter

    hey yeah garena yeah i used i about a year back was playing some games for a short while then got caught up in some work and never used it since ..

    cheers though :p

    Ok cheers for the help
    but after using the combofix thing i ran a check on my computrer a while later and it came loads of stuff unlike before i have no idea why so much has appeared since using the combofix .. but it's strange .. any ive posted the logs take a look
  14. touch

    touch TS Rookie Posts: 978

    "I'm sorry, but we do not support piracy. Due to the fact that your combofix logfile clearly shows you have atleast one known crack/keygen (c:\temp\WGA_1991\WGA_v1.9.9.1_crack.exe), we will not help you.

    This is the main reason your computer is infected.
    When you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...