TechSpot

Google redirected

Solved
By bearone100
Aug 16, 2010
Topic Status:
Not open for further replies.
  1. bearone100

    bearone100 TS Rookie Topic Starter Posts: 54

    ok here it is

    Attached Files:

  2. Broni

    Broni Malware Annihilator Posts: 46,787   +254

    I assume, your ISP is NOT located in Russia?

    ======================================================================

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :OTL
      IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
      O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)
      O4 - HKCU..\Run: [捁牥吠畯r]  File not found
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.64.109 213.109.73.42
      O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
      
      
      :Services
      
      :Reg
      
      :Files
      
      :Commands
      [purity]
      [emptytemp]
      [emptyflash]
      [Reboot]
      
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.
    • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
  3. bearone100

    bearone100 TS Rookie Topic Starter Posts: 54

    internet explorer is really acting up now its freezing and going to other sites almost all the time now
  4. Broni

    Broni Malware Annihilator Posts: 46,787   +254

    Did you run my script?
  5. bearone100

    bearone100 TS Rookie Topic Starter Posts: 54

    All processes killed
    ========== OTL ==========
    Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}\ deleted successfully.
    C:\Windows\System32\ActiveToolBand.dll moved successfully.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\捁牥吠畯r deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
    Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer| /E : value set successfully!
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: me
    ->Temp folder emptied: 48728 bytes
    ->Temporary Internet Files folder emptied: 13364095 bytes
    ->Flash cache emptied: 0 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 13.00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default

    User: Default User

    User: me
    ->Flash cache emptied: 0 bytes

    User: Public

    Total Flash Files Cleaned = 0.00 mb


    OTL by OldTimer - Version 3.2.10.0 log created on 08182010_001438

    Files\Folders moved on Reboot...
    File\Folder C:\Users\me\AppData\Local\Temp\Low\~DF7B53.tmp not found!
    File\Folder C:\Users\me\AppData\Local\Temp\Low\~DF7B5C.tmp not found!
    C:\Users\me\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HMG1BQBV\ads[3].htm moved successfully.
    C:\Users\me\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\F5ZTYBZX\topic151803-2[1].htm moved successfully.
    C:\Users\me\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat moved successfully.
    C:\Users\me\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

    Registry entries deleted on Reboot...
  6. bearone100

    bearone100 TS Rookie Topic Starter Posts: 54

    running th eother scan now
  7. Broni

    Broni Malware Annihilator Posts: 46,787   +254

    OK..........
  8. bearone100

    bearone100 TS Rookie Topic Starter Posts: 54

    ok here it is

    Attached Files:

  9. Broni

    Broni Malware Annihilator Posts: 46,787   +254

    You didn't answer my question:
  10. bearone100

    bearone100 TS Rookie Topic Starter Posts: 54

    explorer is really bad now cant seam to get to other sites
  11. Broni

    Broni Malware Annihilator Posts: 46,787   +254

    Did you read my previous reply?
     
  12. bearone100

    bearone100 TS Rookie Topic Starter Posts: 54

    oh sorry north america canada not russia thought you were joking
  13. Broni

    Broni Malware Annihilator Posts: 46,787   +254

    OK, first of all, calm down and read my replies carefully.
    I can see what's going on, but it may take couple of steps to fix it.
    Wait for my next reply.
  14. bearone100

    bearone100 TS Rookie Topic Starter Posts: 54

    hey noproblem if i was any more calm id be asleep
  15. Broni

    Broni Malware Annihilator Posts: 46,787   +254

    We'll run one more OTL fix. This time, your computer won't automatically reboot for a reason.
    1. Run the fix listed below and post resulting log.
    2. Turn computer off
    3. Reset your router:
    On your router, you'll find a pinhole marked "Reset".
    Keep pushing the hole, using a pencil, or a paperclip until all lights briefly come off and on.
    Restart computer and check for redirections
    4. Restart computer.
    5. Run OTL "Quick scan" and post its log

    Start with running this:

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :OTL
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.64.109 213.109.73.42
      
      :Services
      
      :Reg
      
      :Files
      ipconfig /flushdns /c
      
      
      :Commands
      [purity]
      [emptytemp]
      [emptyflash]
      
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.
    • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
  16. bearone100

    bearone100 TS Rookie Topic Starter Posts: 54

    All processes killed
    ========== OTL ==========
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer| /E : value set successfully!
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.
    C:\Users\me\Desktop\cmd.bat deleted successfully.
    C:\Users\me\Desktop\cmd.txt deleted successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: me
    ->Temp folder emptied: 48728 bytes
    ->Temporary Internet Files folder emptied: 5262679 bytes
    ->Flash cache emptied: 0 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 5.00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default

    User: Default User

    User: me
    ->Flash cache emptied: 0 bytes

    User: Public

    Total Flash Files Cleaned = 0.00 mb


    OTL by OldTimer - Version 3.2.10.0 log created on 08182010_004019

    Files\Folders moved on Reboot...
    File\Folder C:\Users\me\AppData\Local\Temp\Low\~DF54C0.tmp not found!
    File\Folder C:\Users\me\AppData\Local\Temp\Low\~DF54C9.tmp not found!
    C:\Users\me\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QZACWIB8\topic151803-2[1].htm moved successfully.
    C:\Users\me\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LPMBLGNA\ads[1].htm moved successfully.
    C:\Users\me\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat moved successfully.
    C:\Users\me\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

    Registry entries deleted on Reboot...
  17. Broni

    Broni Malware Annihilator Posts: 46,787   +254

    Good :)....
  18. bearone100

    bearone100 TS Rookie Topic Starter Posts: 54

    running quick scan now
  19. Broni

    Broni Malware Annihilator Posts: 46,787   +254

    I'm here.....
  20. bearone100

    bearone100 TS Rookie Topic Starter Posts: 54

    ok here is the quick scan

    Attached Files:

  21. Broni

    Broni Malware Annihilator Posts: 46,787   +254

    It worked this time :)
    How is redirection?
  22. bearone100

    bearone100 TS Rookie Topic Starter Posts: 54

    looks like you got it
  23. bearone100

    bearone100 TS Rookie Topic Starter Posts: 54

    thanks for the help
  24. Broni

    Broni Malware Annihilator Posts: 46,787   +254

    Cool :)
    Hold on there....
  25. bearone100

    bearone100 TS Rookie Topic Starter Posts: 54

    ok no problem
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.