Solved Google being redirected

Status
Not open for further replies.
C

Calculus225

Hi.
When I click on Google search results I am being redirected to random sites. The sites seem to do their own version of a search related to my desired topic but takes me to other sites. Hopefully the wonderful volunteers on this site can help me. I have had the problem for a few weeks now. Here are the logs from the 8-step process (attached).

Thanks.
 

Attachments

  • mbam-log-2010-08-11 (16-25-51).txt
    891 bytes · Views: 5
  • gmer.log
    5.8 KB · Views: 2
  • DDS.txt
    10.3 KB · Views: 2
  • Attach.txt
    9.8 KB · Views: 1
Hi and welcome to TechSpot forums :)

==

Please download JavaRa

If you get this message:
Problems with the download? Please use this direct link or try another mirror.

Select the Direct link download unzip it to your Desktop.

Double click JavaRa.exe then click Remove Older Versions.

Follow any prompts; a log will popup (JavaRa.log)-- please post the contents of this log.

Next, open JavaRa.exe again, and select Search For Updates.

Select Update Using Sun Java's Website --> Search, and continue the instructions for downloading and installing the latest Java version. Look for JDK 6 Update 21 (JDK or JRE). On the right select this one Download JRE..

In Vista and Windows 7 run the tool as Administrator.

====

Please download ComboFix by sUBs from HERE or HERE
  • You must download it to and run it from your Desktop
  • Physically disconnect from the internet.
  • Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
  • Double click combofix.exe & follow the prompts.
  • When finished, it will produce a log. Please save that log to post in your next reply.
  • Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Run Combofix ONCE only!!
 
Finally, ready for next steps.

Thanks, Crunchie.

The Java update went smoothly. (log attached)

The ComboFix program was more problematic. The version downloaded from your link said it had expired and could run with reduced functionality. I said yes, but it just erased itself and nothing happened. I downloaded another copy of ComboFix from another server. This one stalled after making a restore point. Said it started to scan for infected files, but never got to stage-1. I had to reboot to get rid of it. Ran it again today and everything ran as expected. (log attached)

Let me know what is next.

Calculus225
 

Attachments

  • JavaRa.log
    7.9 KB · Views: 1
  • ComboFix.txt
    13 KB · Views: 1
Are you still being re-directed?

Please Run the ESET Online Scanner and post the ScanLog with your post for assistance.
  • You will need to use Internet Explorer to complete this scan.
  • You will need to temporarily Disable your current Anti-virus program.
  • Be sure the option to Remove found threats is Un-checked at this time (we may have it clean what it finds at a later time), and the option to Scan unwanted applications is Checked.
  • When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please post that log for us as directed below.

NOTE: If you are unable to complete the ESET scan, please try another from the list below:

 
Redirects are gone (so far)

Thanks Crunchie.

Yes, it appears the redirects are gone.

The ESET scan found another couple of threats. Should I scan again and remove them?

Calculus225

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=7.00.6000.17055 (vista_gdr.100414-0533)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=09f57a88aee09e458eed9ffb831bd1df
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-08-13 12:19:14
# local_time=2010-08-12 08:19:14 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=768 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=102906
# found=2
# cleaned=0
# scan_time=6129
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\isapnp.sys.vir Win32/Olmarik.ZC trojan 00000000000000000000000000000000 I
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1398\A0071984.sys Win32/Olmarik.ZC trojan 00000000000000000000000000000000 I
 
Yes, rescan with ESET and then;

  • Click START then RUN and copy/paste the following bolded text into the Run box and click OK:

    ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.

  • CF_cleanup.png
 
Thank you so much!

ESET successfully removed the Olmarik trojan and I have successfully removed Combofix from my computer.

Everything seems to be running smoothly.

Thanks again.
Calculus225
 
Status
Not open for further replies.

Similar threads

midian182
Google's AI-powered search can recommend malicious sites, including scams and malware
Replies
6
Views
144
James Ryan
J
D
Google is changing how it shows search results to European users
Replies
1
Views
166
Mr Majestyk
M
A
Google updates Search to fight low-quality spammy content, doesn't mention "AI" at all
Replies
5
Views
148
UdyrL
UdyrL

Latest posts

Back