TechSpot

Yet another redirect victim

Inactive
By jgrassel
Nov 11, 2010
Topic Status:
Not open for further replies.
  1. Well, seems like I am in good company on this thread. I now have 3 laptops connected wirelessly at home that ALL have this problem. I am typing this using one of them! It seems to spread from machine to machine, thereby giving even more joy throughout the house.
    So, anyway, I digress.
    I have tried to cheat and read other threads and try things, with no luck.
    So I am appealing to the experts!
    I'm using (for typing this) an Inspiron 1100 w/win XP right now and it is badly misbehaving as far as IE redirects to r3.google.com and a lot of other crazy web sites. Help me!!
     
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Welcome to TechSpot. I'll help with the malware.

    About this:
    Malware help is specific for the member who started the thread. While we may ask members to run the same scans, it is only if it is appropriate for their problem. Most of the malware infections can cause searches to be redirected- but nor all for the same reason. So what we do about it depended on what the malware is.

    If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

    When you have finished, leave the logs for review in your next reply .

    Important!
    Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.
     
  3. jgrassel

    jgrassel TS Rookie Topic Starter

    Sweet

    I shall follow along as exactly as possible. Thank you sir!!
     
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Take your time. Be sure to paste the logs in- use multiple posts if needed.

    If you are using a flash drive between the computers, that is most likely how the malware spread. I'll have you disinfect that also.
     
  5. jgrassel

    jgrassel TS Rookie Topic Starter

    Didn't get too far (sad)

    Malware Bytes is un able to update.
    MBAM_error_updating...

    I saw somewhere about booting into safe mode w/networking and trying it...but I'll wait to hear from you.

    Also in regards to your previous note I did not use any flash drives between the laptops.
     
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Usually this happens if there is already a copy of Malwarebytes on the system. Although you gave me part of the error message, you didn't give the error number, so I'm making an educated guess. Look in Add/Remove Programs and uninstall any Malwarebytes program there. After that, do a right click> Delete on the setup file on the desktop.

    Now, start over with the Malwarebytes download and scan.

    We use a free version for this scan and when we finish with the cleaning, we have the cleaning tools removed. Some people keep Mbam though, thinking it's a good program to have on the system. But you cannot update the version we give you, so removing whatever you had and d/l again should allow you to run the program.
     
  7. jgrassel

    jgrassel TS Rookie Topic Starter

    Wow, Malware still not working...

    I did what you said, re-downloaded from your site, and got this:

    An error has occurred. Please report this error code to our support team.
    MBAM_ERROR_Updating (12007,0,WinHttpSendRequest)

    Step 3 in the process said to make sure the check boxes on Malware were checked (one for update and one for launch) so I did that (actually they were checked by default).

    So anyhow, still no good on updating/running Malware Bytes.
     
  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Please download randmbam.exe

    It will try to create random names and shortcuts for Malwarebytes Anti Malware(MBAM) if you have it installed already.

    Once done, try running a scan again
     
  9. jgrassel

    jgrassel TS Rookie Topic Starter

    Still no luck

    Since my last post, I completely wiped my computer and re-did win XP from scratch. Amazingly, r3.google.com and other redirects are still happening.
    Since then I went through the 8 steps again, but once again I am still stuck.
    Unfortunately your suggesting of multiple versions of malware bytes did not produce any different results.
     
  10. jgrassel

    jgrassel TS Rookie Topic Starter

    I should add...

    one of the first things I did after establishing internet again was to install McAfee virus scanning and get that all setup. The next thing I did was to go through hours of Microsoft updates including IE 7 (but not 8 thinking that was maybe part of the issue).
     
  11. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    IF you did a reformat/reinstall and are still having malware problems, you may have saved an infected file, then put it back on the system and it reinfected it.

    What is your status now. Do you want me to close the thread? IF not, you will need to follow the preliminary scans in the link I left.
     
     
  12. jgrassel

    jgrassel TS Rookie Topic Starter

    definitely still want help!

    I am basically back at the same point...malware will not update and the suggested file that spawns different malware versions (from you a few days ago) does now work.

    When I reimaged I did not xfer any old file from the laptop. I used the Dell cds from the original shipment of the pc. After that I did use my company VPN to install mcafee.then the only web site I

    Is it possible that my sons ps3 is holding the infection. It is the only other think on our network at home?
     
  13. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    I don't have anything to work with- no logs. Please run DDS and GMER- links are in Reply #2. Skip Mbam for now.

    Also include this: Run Eset NOD32 Online AntiVirus scan HERE
    1. Tick the box next to YES, I accept the Terms of Use.
    2. Click Start
    3. When asked, allow the Active X control to install
    4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    5. Click Start
    6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    7. Click Scan
    8. Wait for the scan to finish
    9. Re-enable your Antivirus software.
    10. A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
     
  14. jgrassel

    jgrassel TS Rookie Topic Starter

    Problem Solved!

    OK, here's the scoop!
    I brought home from work a virgin, perfect laptop. Within a few minutes of connecting to my router and then re-booting, redirects while googling were happening regularly.
    No other computers, PS3, Wii, or anything else on the network.
    So I turned my rath on the router!
    Rebooted it and reset to factory defaults. Then re-setup WEP and 128bit encription. Then re-connected the supposedly infected laptop.
    IT WORKED!! no redirects what soever.
    Feeling pretty cocky at that point, I went to my other laptop (the one we have been chatting about) and re-connected it to the router using the new settings - and voila, it works perfectly. I ran Malware bytes, (updated it no problem first) and Malware found nothing.
    So I believe that my router was hacked.
    What do you think?...
     
  15. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Since I didn't see any logs, I can only make an educated guess at what the problem might have been:

    If you had a DNS Changer malware infection, the initial instructions would have been:
    DNS Changer
    You will need to do a DNS Flush, then reset your router.
    Start> Run> type cmd> enter> at the C prompt type ipconfig /flushdns (note space before the /)

    Exit the Command prompt when finished and shut the system down.-

    • [1]. Shut down your computer, and any other computer connected to your router.
      [2]. On the back of the router, there should be a small hole or button labelled RESET. Using a bent paper clip or similar item, hold that in continuously for twenty seconds.
      [3]. Unplug the router. Wait sixty seconds.
      [4].Now holding again the reset button, plug it back in. Continue holding the reset button for twenty seconds. Unplug the router again.
      [5].With the router unplugged, start your computer. Run MBAM again.
      [6].Connect to the router again. The turn the router back on.
      [7].When it stabilizes, reboot your workstation and try to access the internet. If you have any issues, access the Router configuration page and re-enter your authentication information.
      [8]. Reboot the system and test the internet. You may have to reconfigure the router settings based on your setup.

    It sound like you did the second part.
    I would advise checking the system for malware. Sometimes a user will stop if one problem is resolved, thinking all malware is then gone. This is usually not the case.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.