Google Redirect - Fixed

Status
Not open for further replies.
Great job. Keep clean!

Thread closing-------------------------------------------------------------------
Please download OTCleanIt http://download.bleepingcomputer.com/oldtimer/OTCleanIt.exe

Save to desktop.

This will remove all the tools we used to clean your computer.
These tools update so often they require downloading again later if needed.

Double-click OTCleanIt.exe. Click CleanUp. Yes to the "Begin cleanup Process?"

Approve all if prompted by Firewall, Widows Defender or other guards or security programs about OTCleanIt attempting access to the Internet, allow all.

If prompted to Reboot click Yes.
OTCleanit will delete itself when finished, if not delete it by yourself.

-------------------------------------------------------------------------------------
Run CCleaner again twice or more on Cleanup temps, then on left click Registry then Scan for issues also repeat till clean.

D/L install and run ATF-Cleaner clear all except passwords in all browsers you have. Run repeatedly until no more found.

http://www.majorgeeks.com/ATF_Cleaner_d4949.html
-------------------------------------------------------------------------------------
The issues found is in System Restore so do the below

Start-Programs-Accessories-System Tools-Disk- System Restore and create a new Restore point. Name it "After cleanup at TechSpot".

Then Start-Programs-Accessories-System Tools-Disk Cleanup
Click OK to accept C:
Select all Boxes
Then click More Options
Here click System Restore and OK to "Are you sure" and the OK to Run.

As this runs it clears all but the most recent Restore Point but it does one other thing that can contain infested files and a huge amount of disk space.

It clears what is known as Shadow copies which are used by specialized back up programs.

This is if you have the Volume Shadow Copy running which is the default.
-------------------------------------------------------------------------------------

Every 2 weeks or so run mbam and sas until clean They take a while so leave scanning while you are sleeping working or watching TV. If not done under the gun they can be schedules not to interfere with computer time.

If they find something they can not clean then get back to us.

Additionally run CCleaner.

I have been using ThreatFire for more than a year, it just went from ver 3 to ver 4.

It was designed to co-exist with other Virus scanners.

Additionally it uses totally different process to protect. While conventional Virus scanners work from definitions ThreatFire works on recognizing Virus/Malware activity. It's like looking at it with 2 sets of eyes and from a different angle.

http://www.threatfire.com/Download/
-------------------------------------------------------------------------------------
Look at http://www.javacoolsoftware.com/spywareblaster.html

Run SpyBot ocassionally and use the Immunize function.
http://www.safer-networking.org/en/download/

Install Hostman and allow it to disable DNS Client and select all 4 Host files and the Update
Hostman http://www.abelhadigital.com/2008/07...-released.html

A Disk scan and Defrag are in order.

Mike
 
Mike,

All steps completed from you last post except for Hostman. Your link did not work.

What is your recommendation for an Antivirus program and Firewall? I was thinking of using Avira for AV and Zonealarm for firewall.

Thanks for all your help. After I get your thoughts on the above I'll create a complete backup and then follow your maintenance recommendations.

Gary
 
Hi Mike.....Removed ZoneAlarm and AVG, installed Comodo and Hostsman. I think I'm good. I want to thank you for sticking with me through all of this and I want to express my appreciation to all the tech experts that take their time to help lowly PC users like myself.

I guess we can close this thread now.

Bye.
 
Hi Gary

Yes I think we are clean of Malware. But for full performance an cleanliness you might want consider doing this post.

https://www.techspot.com/vb/post692855-17.html

Same but not as bad for AVG.

D/L and run AVG Cleanup tool http://www.avg.com/filedir/util/avg_arm_sup_____.dir/avgremover.exe

Next:
Start-Search-Files and Folders. In location set to search your Local Hard Drive (usually C:\ ) or All Local Drives.

Select Advanced Search Options and set to search subfolders and hidden files.

Now paste

Grisoft;avg7;avg8

into the search box and click Search Now. Delete all it finds! Empty Recycle bin.

Run AutoRuns click the Everything Tab look down the column Publisher for anything not Microsoft delete any line referencing Grisoft avg7 and avg8
----------------------------------------------------------------------------------------------------------------------------------
If you are paranoid do the following also.

D/L Regseeker http://www.hoverdesk.net/freeware.htm

Run it and select "Find in Registry" the following 1 at a time.
grisoft
avg7
avg8

Then in Regseeker select Clean Registry and do a general Reg clean before rebooting.

And finally you will be clean of AVG.

Mike
 
Well Mike.....I followed the procedure for cleaning Zonealarm, including the clean registry steps. Rebooted okay then decided.....why not use RegSeeker to clean Norton and Symatec because I thought SYMMSICleanup.reg was what crashed my system.

Guess what, just using ReSeeker to clean Norton and Symantec crashed my system again! So whatever registy keys I deleted for Norton and Symantec caused the train wreck originally and again last night.

No problem though, I had made a full backkup prior to cleaning zonealarm so restored the system and no damage done. I plan to clean zonealarm again and then move on to cleaning AVG unless you have some other thoughts.

I will await you reply first though.

Gary
 
You have a handle on this. You have the backups.

Clean the AVG and ZA.

Get a new image if you tackle the Norton/Symantec.

If you do any more then just remove norton.

I am almost 99% positive it is the Symantec that is doing it but you likely have enough of it gone to not cause a problem.

Good luck,

Need me,

I'll be here!

Mike
 
Understood. I'll proceed but I think I'll leave Norton alone for now. BTW, do you know Robert Smith? His father is the city attornery for Lexington. Robert is my son-in-law.

Thanks for all the help!

Gary
 
Status
Not open for further replies.
Back