Google hijack/redirect problem

Status
Not open for further replies.
K

Knowing4Certain

When using Google Toolbar in IE or Firefox, the results page would be either Google's UK or Germany/Deutchland version. When I would click on the first or second result I would be redirected to one of those cheap "search engine" pages. The same thing happens when I type in google.com and do a search.

I ran the 8-Step program (please see attachments).

Thanks in advance for your help.
 

Attachments

  • hijackthis.log
    21.1 KB · Views: 6
Hi Knowing4Certain,

Welcome to Techspot first of all. Second thing I will say, is you have QUITE a mess. Please re-open HijackThis, and do a System Scan Only. Then, check off the following problems to be fixed... (Basically, every thing with O1 in the beginning)
  • O1 - Hosts: 74.125.45.100 4-open-davinci.com
  • O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
  • O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
  • O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
  • O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
  • O1 - Hosts: 74.125.45.100 secure-plus-payments.com
  • O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
  • O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
  • O1 - Hosts: 74.125.45.100 www.getavplusnow.com
  • O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
  • O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
  • O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
  • O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
  • O1 - Hosts: 88.198.198.204 google.ae
  • O1 - Hosts: 88.198.198.204 google.as
  • O1 - Hosts: 88.198.198.204 google.at
  • O1 - Hosts: 88.198.198.204 google.az
  • O1 - Hosts: 88.198.198.204 google.ba
  • O1 - Hosts: 88.198.198.204 google.be
  • O1 - Hosts: 88.198.198.204 google.bg
  • O1 - Hosts: 88.198.198.204 google.bs
  • O1 - Hosts: 88.198.198.204 google.ca
  • O1 - Hosts: 88.198.198.204 google.cd
  • O1 - Hosts: 88.198.198.204 google.com.gh
  • O1 - Hosts: 88.198.198.204 google.com.hk
  • O1 - Hosts: 88.198.198.204 google.com.jm
  • O1 - Hosts: 88.198.198.204 google.com.mx
  • O1 - Hosts: 88.198.198.204 google.com.my
  • O1 - Hosts: 88.198.198.204 google.com.na
  • O1 - Hosts: 88.198.198.204 google.com.nf
  • O1 - Hosts: 88.198.198.204 google.com.ng
  • O1 - Hosts: 88.198.198.204 google.ch
  • O1 - Hosts: 88.198.198.204 google.com.np
  • O1 - Hosts: 88.198.198.204 google.com.pr
  • O1 - Hosts: 88.198.198.204 google.com.qa
  • O1 - Hosts: 88.198.198.204 google.com.sg
  • O1 - Hosts: 88.198.198.204 google.com.tj
  • O1 - Hosts: 88.198.198.204 google.com.tw
  • O1 - Hosts: 88.198.198.204 google.dj
  • O1 - Hosts: 88.198.198.204 google.de
  • O1 - Hosts: 88.198.198.204 google.dk
  • O1 - Hosts: 88.198.198.204 google.dm
  • O1 - Hosts: 88.198.198.204 google.ee
  • O1 - Hosts: 88.198.198.204 google.fi
  • O1 - Hosts: 88.198.198.204 google.fm
  • O1 - Hosts: 88.198.198.204 google.fr
  • O1 - Hosts: 88.198.198.204 google.ge
  • O1 - Hosts: 88.198.198.204 google.gg
  • O1 - Hosts: 88.198.198.204 google.gm
  • O1 - Hosts: 88.198.198.204 google.gr
  • O1 - Hosts: 88.198.198.204 google.ht
  • O1 - Hosts: 88.198.198.204 google.ie
  • O1 - Hosts: 88.198.198.204 google.im
  • O1 - Hosts: 88.198.198.204 google.in
  • O1 - Hosts: 88.198.198.204 google.it
  • O1 - Hosts: 88.198.198.204 google.ki
  • O1 - Hosts: 88.198.198.204 google.la
  • O1 - Hosts: 88.198.198.204 google.li
  • O1 - Hosts: 88.198.198.204 google.lv
  • O1 - Hosts: 88.198.198.204 google.ma
  • O1 - Hosts: 88.198.198.204 google.ms
  • O1 - Hosts: 88.198.198.204 google.mu
  • O1 - Hosts: 88.198.198.204 google.mw
  • O1 - Hosts: 88.198.198.204 google.nl
  • O1 - Hosts: 88.198.198.204 google.no
  • O1 - Hosts: 88.198.198.204 google.nr
  • O1 - Hosts: 88.198.198.204 google.nu
  • O1 - Hosts: 88.198.198.204 google.pl
  • O1 - Hosts: 88.198.198.204 google.pn
  • O1 - Hosts: 88.198.198.204 google.pt
  • O1 - Hosts: 88.198.198.204 google.ro
  • O1 - Hosts: 88.198.198.204 google.ru
  • O1 - Hosts: 88.198.198.204 google.rw
  • O1 - Hosts: 88.198.198.204 google.sc
  • O1 - Hosts: 88.198.198.204 google.se
  • O1 - Hosts: 88.198.198.204 google.sh
  • O1 - Hosts: 88.198.198.204 google.si
  • O1 - Hosts: 88.198.198.204 google.sm
  • O1 - Hosts: 88.198.198.204 google.sn
  • O1 - Hosts: 88.198.198.204 google.st
  • O1 - Hosts: 88.198.198.204 google.tl
  • O1 - Hosts: 88.198.198.204 google.tm
  • O1 - Hosts: 88.198.198.204 google.tt
  • O1 - Hosts: 88.198.198.204 google.us
  • O1 - Hosts: 88.198.198.204 google.vu
  • O1 - Hosts: 88.198.198.204 google.ws
  • O1 - Hosts: 88.198.198.204 google.co.ck
  • O1 - Hosts: 88.198.198.204 google.co.id
  • O1 - Hosts: 88.198.198.204 google.co.il
  • O1 - Hosts: 88.198.198.204 google.co.in
  • O1 - Hosts: 88.198.198.204 google.co.jp
  • O1 - Hosts: 88.198.198.204 google.co.kr
  • O1 - Hosts: 88.198.198.204 google.co.ls
  • O1 - Hosts: 88.198.198.204 google.co.ma
  • O1 - Hosts: 88.198.198.204 google.co.nz
  • O1 - Hosts: 88.198.198.204 google.co.tz
  • O1 - Hosts: 88.198.198.204 google.co.ug
  • O1 - Hosts: 88.198.198.204 google.co.uk
  • O1 - Hosts: 88.198.198.204 google.co.za
  • O1 - Hosts: 88.198.198.204 google.co.zm
  • O1 - Hosts: 88.198.198.204 google.com

Please also download CCleaner
 
AnonymousSurfer said:
you have QUITE a mess
Click to expand...
You're not kidding, it is quiet a mess:
Registry threats detected : 126
File threats detected : 21
Click to expand...
And having
ZoneAlam
Spyware Doctor
Spybots S&D
Installed didn't seem to help either

I also notice the Windows is installed to C:\WINNT
Which sometimes means it has already had a repair in the distant past

I would recommend backup all data, and re-install clean, myself
 
I followed AnonymousSurfer's recommendations without success. I was actually just thinking the same thing that you have suggested (i.e., backup all data and re-install clean) just before I logged back in here. So at this point, that is what I'm going to do. Thank you.
 
Here's some help with that ;)

Microsoft's Windows XP Professional Repair Install step by step (* Including Delete Partition): http://www.windowsxpprofessional.windowsreinstall.com/sp2sp3installxpcdoldhdd/indexfullpage.htm
Microsoft's Windows XP Home Repair Install step by step (* Including Delete Partition): http://www.windowsxphome.windowsreinstall.com/sp2sp3installxpcdoldhdd/indexfullpage.htm
* Warning deleting the Partition will remove all User data and Windows system files

Driver Updates: https://www.techspot.com/vb/topic117607.html

XP Service Pack 3: http://support.microsoft.com/kb/322389
 
Google.com redirects to Google.nl

I had run into this issue on a customers PC this week. The Host File had been compromised badly. It is now hidden and when you try to access the Host file, you get an error message "access is denied". I had run Malwarebytes, SuperAntiSpyware, CCLeaner, and a few other Antivirus programs, I was able to remove the original threat but Google would keep redirecting to Google.nl. I removed the hard drive from the laptop and tried to access the Host file from another PC, but still got an error "access is denied" I tried running recovery mode, still "access is denied". However.. I was able to resolve the issue by renaming the old ETC folder to ETCXXX and created a new ETC folder. I then copied the services, lmhosts, protocols and new hosts file from another computer (or the I386 folder). Now, the virus is gone and Google.com is not redirecting to Google.nl. To test it, I ran a Hijackthis, and the host section is now clean.
 
Status
Not open for further replies.

Similar threads

Daniel Sims
AI-powered Google search can now generate images and text drafts
Replies
1
Views
247
WhoCaresAnymore
WhoCaresAnymore
A
Google is bringing a more personalized Search experience to mobile users
Replies
1
Views
228
maxxcool7421
M
Daniel Sims
Thousands of websites infected to redirect users in Google Ads view-pumping scam
Replies
5
Views
637
Feng Lengshun
F

Latest posts

Back