TechSpot

Google redirect issue help

By stewbr
Mar 29, 2009
  1. My google is redirected and I can't upload my Trend Micro. I've followed your suggested steps and will attach the necessary .txt file.

    Thank-you very much for your help. You're a life-saver.
     
  2. touch

    touch TS Rookie Posts: 978

    Hello stewbr

    We also need to see log´s from malwarebyte and Superantispyware !

    If you can´t run them, please tell - why not ?
     
  3. stewbr

    stewbr TS Rookie Topic Starter

    Touch,

    I followed the 8 steps the best I could. I turned off my firewalls and anti-virus items. I cleaned my system. I updated my Java. I ran the free home-check anti-virus from Trend Micro's website. I am still being redirected and can't update my Trend Micro or Window Defender.

    I was able to download and install malawarebyte, but when I attempt to run it, I get an error saying that it has stopped working "A problem caused the program to stop working correctly."

    I downloaded Superantispyware but I get the same error message when I try to install it.

    What can I do?? I've restarted my computer. I have no other programs running. I will attempt to re-download and install malawarebyte and Superantispyware, but if I don't post again in the next 15 minutes, assume that it didn't work.

    p.s. huge fan of Naruto
     
  4. touch

    touch TS Rookie Posts: 978

    Try malwarebyte again, slightly different -

    Download malwarebyte
    http://www.download.com/Malwarebyte...4-10804572.html?tag=mncol;pop&cdlPid=10878968

    Save the file as setup.exe

    Run the setup.exe file
    When it gets to the final step of the installation it will seem like it froze....it hasn't but it will take anywhere from 15mins to an hour to get through that step so just let it do its thing.
    Go into the Malware folder through C: Program Files

    Rename the mbam.exe file to mab.exe and run it.
    Do a complete computer scan

    Check all and remove/fix/delete them.

    Restart your computer and attacht the log

    If automatic update fail, download the manual update ->
    http://www.malwarebytes.org/mbam/database/mbam-rules.exe

    This manual updater should get you fairly recent.
     
  5. stewbr

    stewbr TS Rookie Topic Starter

    Ok. I managed to download and run Malwarebytes. I wasn't able to auto or manual update it. The link you provided came back with an, "oops, this link appears broken" kind of error message (though, it worked fine on another computre). And my own attempts at searching for and manually downloading updates yielded similar results. When I did run Malwarebytes, it found about 22 trojans, and I removed them, but still no luck updating. What's our next move?

    I'm attaching the Malwarebytes log and the new HijackThis log. Thanks again for your help.
     
  6. touch

    touch TS Rookie Posts: 978

    Next move is a combofix log.

    Because Malwarebyte found a gaopdxcounter. It is one of the newer TDSSserv rootkit infection.

    Please download combofix here -> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    Before Saving it to Desktop, please rename it to something like 123.exe to stop malware from disabling it.

    Now, please make sure no other programs are running, close all other windows.

    Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
    Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall.
    It may take a while to complete scanning and this is normal.

    You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after
    scanning has completed.

    Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post
     
  7. stewbr

    stewbr TS Rookie Topic Starter

    Ok. Here is the log from combofix. I haven't tried to update or search on google yet. I'm afraid. I wanted to wait to hear back from you first. The combofix had me write down a couple super-lines of something from the C: drive. Do I need to hang on to those?

    Thanks again.
     
  8. stewbr

    stewbr TS Rookie Topic Starter

    I couldn't stand the suspense. I tried updating my Trend Micro......and it worked!!!!!!!!!!!!!! Wooooo-hooooo!!! Is there anything else I need to do at this point?

    ps. you're awesome
     
  9. touch

    touch TS Rookie Posts: 978

    I assume it was these two you were supposed to write down ?
    c:\windows\system32\drivers\gaopdxotitutxidvheofxqwlgoiqyuumjxivic.sys
    c:\windows\system32\gaopdxfrnnwhrehbykhxppwsqbsfkxtctfldxq.dll

    Don´t worry, combofix have removed them. By the way, it´s not easy to pronounce them :rolleyes:

    A few more things to do, you have viewpoint running ->

    Viewpoint is considered foistware and is not needed on your computer.

    Download and unzip to own folder on Desktop - http://bellsouthpwp.net/p/r/prprogramsstudios/viewpointkiller.zip

    Run ViewpointKiller.exe

    Reboot.

    Then run http://www.mlin.net/StartupCPL.shtml
    and remove any not required startups: (should be most!)

    Reboot, then please attach fresh hijackthis log, and tell how your computer aree behaving ?
     
  10. stewbr

    stewbr TS Rookie Topic Starter

    My computer is behaving fantastically thanks to you :grinthumb. I downloaded and ran the two programs you recommended, thanks! My viewpoint has been killed.

    I was a little hesitant to take some programs off my startup list because I wasn't sure what they did. Which ones are the only ones I really need running? What about the Toshiba ones?

    Thanks again for your help. You're awesome.

    ps. I can't wait to download the new Naruto. I'm excited to see if they catch the 3-tailed demon and if Naruto's 9-tail chakra leaks out.
     
  11. stewbr

    stewbr TS Rookie Topic Starter

    Almost forgot this!
     
  12. touch

    touch TS Rookie Posts: 978

    It was My pleasure to help :)

    I don´t think we should fix more on a computer there are "behaving fantastically"

    Except, the cleanup procedure ->

    Please note. It will NOT remove Mbam, Ccleaner and SuperAntispyware.


    I also suggest you read Tony Klein´s article :
    So how did I get infected in the first place?

    http://www.spywareinfoforum.com/index.php?showtopic=60955
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...