Google Redirect (Google webhp)

By medley
May 7, 2010
  1. I have just gone through the 8 steps listed in the other sticky topic. Just being re-directed to a weird/fake version of google that definitely needs fixing. Hoping you nice people can help me :D

    Here are my logs:

    Attached Files:

  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Welcome to TechSpot, medley. I'll help with the malware.

    There's noit too much in these logs to be concerned about. I would like to direct your attention to HijackThis: it is not on our list of prelim programs and you actually tan it too soom. but you will need to delete this version- somehow you found a v2.0.0 (BETA) which is way out of date. so remove that and when it's time, I'll have you get the correct version.
    Please download ComboFix from Here and save to your Desktop.

    • [1]. Do NOT rename Combofix unless instructed.
      [2].Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      [3].Close any open browsers.
      [4]. Double click combofix.exe & follow the prompts to run.
    • NOTE: Combofix will disconnect your machine from the Internet as soon as it starts. The connection is automatically restored before CF completes its run. If it does not, restart your computer to restore your connection.
      [5]. If Combofix asks you to install Recovery Console, please allow it.
      [6]. If Combofix asks you to update the program, always allow.
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
      [7]. A report will be generated after the scan. Please post the C:\ComboFix.txt in next reply.
    Note: Do not mouseclick combofix's window while it's running. That may cause it to stall.
    Note: Make sure you re-enable your security programs, when you're done with Combofix..
    Then Run Eset NOD32 Online AntiVirus Scanner HERE
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the Active X control to install
    • Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    • Click Start
    • Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    • Click Scan
    • Wait for the scan to finish
    • Re-enable your Antivirus software.
    • A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

    Please leave both of those logs in the next reply,
  3. medley

    medley TS Rookie Topic Starter

    Here is the combofix.

    I will edit my post when the scanner is complete

    Attached Files:

    • log.txt
      File size:
      18.9 KB
    • eset.txt
      File size:
      305 bytes
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Please repeat the Eset scan. When you are finished, leave the entire log, not just the lower part. there is a part of a Trojan showing but what's it's in is missing.

    There are 3 file sharing programs installed on your system:
    You are currently using 3 files sharing programs:

    P2P or 'file sharing Warning:
    Even if you are using a "safe" P2P program, it is only the program that is safe. I suggest that you uninstall all of them for the following reasons:
    • As long as you are using file sharing networks and programs which are from sources that are not documented, you cannot verity that a download is legitimate.
    • Malware writers use these program to include malicious content.
    • Fie sharing is usually unmonitored and there is a danger that your private files might be accessed.
    • The 'sharing' also includes malware that the shared system has on it.
    • Files that are illegal can be spread through file sharing.

    Please read the information on P2P Warning to help you better understand these dangers.

    If you choose not to uninstall them, please do not use them while I am cleaning the system
    Custom CFScript

    • [1]. Close any open browsers.
      [2]. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      [3]. Open notepad and copy/paste the text in the code below into it:
    C:\Documents and Settings\day\Local Settings\temp\NOD1F07.tmp
    c:\documents and settings\day\Local Settings\Application Data\tuxbjwkmq
    c:\documents and settings\All Users\Application Data\TEMP
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    Save this as CFScript.txt, in the same location as ComboFix.exe

    Referring to the picture above, drag CFScript into ComboFix.exe

    When finished, it will produce a log for you at C:\ComboFix.txt . Please attach to your next reply.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...