TechSpot

Google searches redirecting to ad sites

By Maia
Jun 16, 2009
  1. Hi All -

    Here is my situation - I have a server that was built for my home. It is running on Windows Server 2003 Enterprise Edition with SP2. Of course, I was only supposed to use this as a server for an application I was running on other computers in my home, but I was occasionally using it for Internet access. Lo and behold, I was on Facebook and caught one of their viruses. Now I am having the following problems:

    1. Google searches are redirecting to ad sites. I have to copy and paste the URL to get anywhere now.
    2. Ad boxes are popping up on occasion.

    I don't have anti-virus software on this server - of course because I wasn't supposed to be using it :)

    Any idea what to do now? I can't seem to find any anti-virus software for Windows Server 2003. and from what I have read on this site, it doesn't look like anti-virus software is going to kill this thing. Any insights would be appreciated and would save me a trip to the geek squad
     
  2. touch

    touch TS Rookie Posts: 978

  3. Maia

    Maia TS Rookie Topic Starter

    Log files for Google redirects

    Here are my log files - thank you!
     

    Attached Files:

  4. mflynn

    mflynn TS Rookie Posts: 2,655

    Touch wanted you to run the 8 Steps so you need to get him a MalwateBytes log!

    Mike

    EDIT: Also he might like to know what those other logs are from!

    As for Virus protection on Win2k3 ThreatFire works well and Comodo used to but i think they changed it!
     
  5. Maia

    Maia TS Rookie Topic Starter

    Logs from Malware

    Hi Mike - those logs are from the Malware program. I could not get the program for free so I purchased it and then it ran three times and those are the three logs. Maybe the free logs have a different title?

    Thanks,

    Maia
     
  6. mflynn

    mflynn TS Rookie Posts: 2,655

    Yep they are very different! Don't have even the name of MBAM and not a positive statement that it even cleaned anything! The freeware log is very clear on this.

    Touch should check in soon!

    For now run SAS again and confirm a clean log!

    Then do this...

    Download ComboFix

    Get it here: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Or here: http://subs.geekstogo.com/ComboFix.exe

    Double click combofix.exe follow the prompts.

    Install Recovery Console if connected to the Internet!

    When finished, it will open a log.
    Attach the log and a new HJT log in your next reply.

    Note: Do not click combofix's window while its running. That may cause it to stall.

    Mike

    NOTE: I am only trying to keep the ball rolling till Touch returns!
     
  7. Maia

    Maia TS Rookie Topic Starter

    Can't download

    Hi there -

    Some of these software downloads are not compatible with Windows Server 2003. I had to uninstall SOS because it was locking up my machine. I think the Malware software helped to fix this - but are there other logs I could provide at this point?

    Thanks,
     
  8. mflynn

    mflynn TS Rookie Posts: 2,655

    I don't know what you mean by SOS perhaps SAS (SuperAntiSpyWare)?

    But you have already posted a log from SAS? And i have a Server 2K3 and SAS runs just fine.

    Now not many have Svr 2k3 so ComboFix does not run on 2k3!

    If it is in fact SAS that locks up now it is likely that it is the Malware, there are some that can interfere with MBAM and SAS.

    So delete the ComboFix redownload SAS and install and update and run the SAS in Safe Mode! It had findings in its last run that we need to confirm gone or that it finds no more. Also there are other Tools in SAS beside just scanning we may need to use!

    Also as I just started to help you keep the ball rolling for Touch so did look closely at you Logs.

    I see no sign of a Virus scanner (likely how you got this way) and as most free ones don't run on server get and install ThreatFire now as it runs on Server. http://majorgeeks.com/PC_Tools_ThreatFire_d5190.html

    Install and Scan go to Settings an Max the Sensitivity level. Approve and remember the good programs like IE etc and watch closely for a bad boy!

    Since we can't run ComboFix get DrWeb Cureit: http://majorgeeks.com/Dr.Web_CureIT_d4783.html But run it in Safe Mode.

    Mike
     
  9. Maia

    Maia TS Rookie Topic Starter

    I think it's fixed

    I purchased the Malware and won't be using the computer for Internet access any longer! Thanks for all of your assistance. Appreciate it!
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...