Google re-direct and then some

[chonkychicken]

Hi,

I've had a google re-direct for a long time and have putt up with it. However There is one site that I now am not able to gain access to whatsoever from my pc and this is very frustrating.

The site is Torrentech.org.

My Hijackthis txt file is attached. If anyone know a fix for this please drop a note.

many thankis

CC

 

[Tmagic650]

Some strange things...

Remove, but not dangerous:
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)

These are from a Russian site. If you don't know these, delete them:

O17 - HKLM\System\CCS\Services\Tcpip\..\{3372EE2F-1AAC-49A4-8CB1-929E057CDD26}: NameServer = 85.255.114.87,85.255.112.62
O17 - HKLM\System\CCS\Services\Tcpip\..\{B3FB40D7-E8FE-4C1D-BF95-D442E1FA64D0}: NameServer = 85.255.114.87,85.255.112.62
O17 - HKLM\System\CCS\Services\Tcpip\..\{D388E13D-678B-4845-A2F4-6A462B8E55F5}: NameServer = 85.255.114.87,85.255.112.62
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.87 85.255.112.62
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.87 85.255.112.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.87 85.255.112.62

You might try running the Eset Online Scanner ESET Online Scanner

 

[chonkychicken]

Thank you.

I have removed the offenders and I am downloading Eset for a trial as the online scanner does not want to co-operate. However at this stage I am still unable to access my favorite torrent site. Are there any other avenues I could use to eliminate this problem?

 

[AnonymousSurfer]

Torrents and Torrent Sites are probably how you picked up these problems. Recommended to NOT go back to any torrent sites. Using torrents (P2P) also opens up your computer to other people... Another possible way you could have gotten this.

 

[Bobbye]

chonkychicken, you have a DNS Changer malware infection. First do this:

DNS Changer
You will need to do a DNS Flush, then reset your router.
Start> Run> type cmd> enter> at the C prompt type ipconfig /flushdns (note space before the /)

Exit the Command prompt when finished and shut the system down.-

• 
  [1]. Shut down your computer, and any other computer connected to your router.
  [2]. On the back of the router, there should be a small hole or button labelled RESET. Using a bent paper clip or similar item, hold that in continuously for twenty seconds.
  [3]. Unplug the router. Wait sixty seconds.
  [4].Now holding again the reset button, plug it back in. Continue holding the reset button for twenty seconds. Unplug the router again.
  [5].With the router unplugged, start your computer. Run MBAM again.
  [6].Connect to the router again. The turn the router back on.
  [7].When it stabilizes, reboot your workstation and try to access the internet. If you have any issues, access the Router configuration page and re-enter your authentication information.
  [8]. Reboot the system and test the internet. You may have to reconfigure the router settings based on your setup.

After doing this, please start at the beginning:

Follow the steps in out Virus and Malware removal thread HEREhttps://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/.

[/B]When you have finished, attach the logs for Malwarebytes and Superantispyware in your next reply.

Rescan with HijackThis and paste the new log in the next reply.

Tmasgic and Anonymous Surfer, please refrain from replying in this forum.