Solved Google redirect and new IE windows opening
- Thread starter Mister Ed
- Start date
Broni -
I think you hit the proverbial 'nail on the head' with the router! After doing the router reset and that not working ... I undid the incoming LAN cable from the router and put it directly into the computer (by passed the router). I surfed around for 5-10 min and no pop-ups ... no redirects.
Now, I know one of the rules is about doing things on your own ... but I figured flipping the cables wouldn't be a big deal to try (especially following your thoughts on the router being the issue). Its the only thing I have tried without following your explicit instructions ... I promise.
So, if the issue is in the router (it is disconnected now) where do I go from here? I'm guessing for the computer to pick up from your earlier post where I left off (by the Mr. Clean pic)?
And then what about the router?
Standing by ... not doing anything else until I hear from you ... I promise!!
I think you hit the proverbial 'nail on the head' with the router! After doing the router reset and that not working ... I undid the incoming LAN cable from the router and put it directly into the computer (by passed the router). I surfed around for 5-10 min and no pop-ups ... no redirects.
Now, I know one of the rules is about doing things on your own ... but I figured flipping the cables wouldn't be a big deal to try (especially following your thoughts on the router being the issue). Its the only thing I have tried without following your explicit instructions ... I promise.
So, if the issue is in the router (it is disconnected now) where do I go from here? I'm guessing for the computer to pick up from your earlier post where I left off (by the Mr. Clean pic)?
And then what about the router?
Standing by ... not doing anything else until I hear from you ... I promise!!
I tried resetting again, twice, and get the redirect (with router connected).
I am resetting correctly ... it is one of the only processes that you have written about ... that I actually knew what I was doing, LOL. Push hold the recessed button, the green light goes off, comes back on blinking (orange I think) and then to green when ready.
I am resetting correctly ... it is one of the only processes that you have written about ... that I actually knew what I was doing, LOL. Push hold the recessed button, the green light goes off, comes back on blinking (orange I think) and then to green when ready.
Broni
Posts: 56,041 +517
Do you have another browser to see, if redirection is present there too?
Reconnect router and...
1. Go Start>Run ("Start search" in Vista and Win 7), type in:
cmd
Click OK (hold CTRL nad SHIFT keys and press Enter in Vista and Win 7).
2. At Command Prompt, paste this:
ipconfig /all>c:\ipconfig_all.txt¬epad c:\ipconfig_all.txt&exit
Hit Enter.
3. Copy and paste what you see in Notepad into a Reply here.
Reconnect router and...
1. Go Start>Run ("Start search" in Vista and Win 7), type in:
cmd
Click OK (hold CTRL nad SHIFT keys and press Enter in Vista and Win 7).
2. At Command Prompt, paste this:
ipconfig /all>c:\ipconfig_all.txt¬epad c:\ipconfig_all.txt&exit
Hit Enter.
3. Copy and paste what you see in Notepad into a Reply here.
Nope ... only IE on the computers.
Windows IP Configuration
Host Name . . . . . . . . . . . . : ed-nxaibjwwpxn5
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection
Physical Address. . . . . . . . . : 00-07-E9-51-93-55
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.2.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 192.168.2.1
Lease Obtained. . . . . . . . . . : Friday, February 25, 2011 11:30:48 PM
Lease Expires . . . . . . . . . . : Monday, January 18, 2038 10:14:07 PM
Windows IP Configuration
Host Name . . . . . . . . . . . . : ed-nxaibjwwpxn5
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection
Physical Address. . . . . . . . . : 00-07-E9-51-93-55
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.2.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 192.168.2.1
Lease Obtained. . . . . . . . . . : Friday, February 25, 2011 11:30:48 PM
Lease Expires . . . . . . . . . . : Monday, January 18, 2038 10:14:07 PM
Wait a minute!!
Does this look right?? Copied from my http://router/ page
DNS Address 213.109.67.25
One web site I checked shows it originating in the Russian Federation.
--------------------------------
Also found ..... Secondary DNS Address > 213.109.76.134. Also from the Russian Federation.
I'm thinking something's rotten in Russia!!!
Does this look right?? Copied from my http://router/ page
DNS Address 213.109.67.25
One web site I checked shows it originating in the Russian Federation.
--------------------------------
Also found ..... Secondary DNS Address > 213.109.76.134. Also from the Russian Federation.
I'm thinking something's rotten in Russia!!!
This is a copy of my http://router page. The first DNS shows on that page, when it did not show on that report I ran for you ... I kinda went hmmm ... and looked it up (I almost sound like I know what I'm talking about ... but not!).
+++++++++++++++++++++++++++++++++++
You will need to log in before you can change any settings.
Language
Current Language English
Available Languages
Time February 26, 2011 9:30:44 AM
Version Info
Hardware F7D3302 v1
Firmware 1.00.23 (Aug 30 2010)
Boot Loader 0.08e
Serial No. 121015G3101791
Internet Settings
WAN MAC Address 00:07:e9:51:93:55
Connection Type Dynamic
WAN IP 10.100.2.83
Subnet Mask 255.255.0.0
Default Gateway 10.100.0.1
DNS Address 213.109.67.25
LAN Settings
LAN/WLAN MAC 94:44:52:61:18D
IP Address 192.168.2.1
Subnet Mask 255.255.255.0
DHCP Server Enabled (0 LAN, 2 WLAN Clients)
Features
Firewall Settings Enabled
SSID Belkin.48DD
Security WPA-Personal ( PSK )
UPnP Enabled
Remote Management Disabled
WPS Enabled
Guest Access Enabled
SSID Belkin.48DD.guests
Password/PSK 2B38B53842
++++++++++++++++++++++++++++
So, I was looking at what it would take to to change that. On my router I can click on any of the line items(above) to go into another page for the set up of that item. (probably all similar? but I have no clue). So if I click on the DNS address above I go to the set up page for that and this is what I see:
==================
WAN > DNS
If your ISP provided you with a specific DNS address to use, enter the address in this window and click "Apply Changes" .
Automatic from ISP
DNS Address > 213.109.67.25 . . .
Secondary DNS Address > 213.109.76.134 . . .
DNS = Domain Name Server. A server located on the Internet that translates URL's (Universal Resource Links) like www.belkin.com to IP addresses.You must enter the DNS settings provided by your ISP if you don't use the Automatic DNS function More Info
+++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++
You will need to log in before you can change any settings.
Language
Current Language English
Available Languages
Time February 26, 2011 9:30:44 AM
Version Info
Hardware F7D3302 v1
Firmware 1.00.23 (Aug 30 2010)
Boot Loader 0.08e
Serial No. 121015G3101791
Internet Settings
WAN MAC Address 00:07:e9:51:93:55
Connection Type Dynamic
WAN IP 10.100.2.83
Subnet Mask 255.255.0.0
Default Gateway 10.100.0.1
DNS Address 213.109.67.25
LAN Settings
LAN/WLAN MAC 94:44:52:61:18
D IP Address 192.168.2.1
Subnet Mask 255.255.255.0
DHCP Server Enabled (0 LAN, 2 WLAN Clients)
Features
Firewall Settings Enabled
SSID Belkin.48DD
Security WPA-Personal ( PSK )
UPnP Enabled
Remote Management Disabled
WPS Enabled
Guest Access Enabled
SSID Belkin.48DD.guests
Password/PSK 2B38B53842
++++++++++++++++++++++++++++
So, I was looking at what it would take to to change that. On my router I can click on any of the line items(above) to go into another page for the set up of that item. (probably all similar? but I have no clue). So if I click on the DNS address above I go to the set up page for that and this is what I see:
==================
WAN > DNS
If your ISP provided you with a specific DNS address to use, enter the address in this window and click "Apply Changes" .
Automatic from ISP
DNS Address > 213.109.67.25 . . .
Secondary DNS Address > 213.109.76.134 . . .
DNS = Domain Name Server. A server located on the Internet that translates URL's (Universal Resource Links) like www.belkin.com to IP addresses.You must enter the DNS settings provided by your ISP if you don't use the Automatic DNS function More Info
+++++++++++++++++++++++++++++++++
I have since deleted the two Russian dns and clicked on the box 'Automatic from ISP'. And reset the router.
I no longer see the two Russian DNS entries. And I have seen no redirect or pop upd in some limited testing (but actually using the same google search as I had been ... clicking on the same links).
So ... how to keep this from happening agina to the router?
Will pick up from where I left off in the earlier thread (on the computer) setting the restore point etc (by the Mr. Clean pic).
I no longer see the two Russian DNS entries. And I have seen no redirect or pop upd in some limited testing (but actually using the same google search as I had been ... clicking on the same links).
So ... how to keep this from happening agina to the router?
Will pick up from where I left off in the earlier thread (on the computer) setting the restore point etc (by the Mr. Clean pic).
Log after running OTL setting the new restore point:
=======
All processes killed
========== OTL ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Ed Schaar
->Temp folder emptied: 221272 bytes
->Temporary Internet Files folder emptied: 12585609 bytes
->Java cache emptied: 13291 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 1031 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 12.00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Ed Schaar
->Flash cache emptied: 0 bytes
User: LocalService
->Flash cache emptied: 0 bytes
User: NetworkService
Total Flash Files Cleaned = 0.00 mb
Restore points cleared and new OTL Restore Point set!
OTL by OldTimer - Version 3.2.21.0 log created on 02262011_123154
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Ed Schaar\Local Settings\Temporary Internet Files\Content.IE5\P391SIIF\sh32[1].html not found!
File\Folder C:\Documents and Settings\Ed Schaar\Local Settings\Temporary Internet Files\Content.IE5\MB829HG6\crosspixel-dest[1].htm not found!
C:\Documents and Settings\Ed Schaar\Local Settings\Temporary Internet Files\Content.IE5\MB829HG6\topic161631-2[1].html moved successfully.
Registry entries deleted on Reboot...
=======
All processes killed
========== OTL ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Ed Schaar
->Temp folder emptied: 221272 bytes
->Temporary Internet Files folder emptied: 12585609 bytes
->Java cache emptied: 13291 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 1031 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 12.00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Ed Schaar
->Flash cache emptied: 0 bytes
User: LocalService
->Flash cache emptied: 0 bytes
User: NetworkService
Total Flash Files Cleaned = 0.00 mb
Restore points cleared and new OTL Restore Point set!
OTL by OldTimer - Version 3.2.21.0 log created on 02262011_123154
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Ed Schaar\Local Settings\Temporary Internet Files\Content.IE5\P391SIIF\sh32[1].html not found!
File\Folder C:\Documents and Settings\Ed Schaar\Local Settings\Temporary Internet Files\Content.IE5\MB829HG6\crosspixel-dest[1].htm not found!
C:\Documents and Settings\Ed Schaar\Local Settings\Temporary Internet Files\Content.IE5\MB829HG6\topic161631-2[1].html moved successfully.
Registry entries deleted on Reboot...
Similar threads
Latest posts
-
Trump warns Apple CEO Tim Cook against expanding iPhone assembly in India- scavengerspc replied