Google redirect problem

By qauser001 ยท 7 replies
Mar 6, 2009
  1. Hi:

    I read so may forums to solve this problem and am submitting the logs on the 8 steps, i hope i have them covered.

    Please review and let me know if it can be fixed.

    I do not have logs for SAS.

    Appreciate youe help.


    Did anyone get a chance to look at the log files i pasted? Thanks
  2. Taff

    Taff TS Rookie Posts: 38


    I would run mbam again, update it first.
    "Files Infected:
    C:\WINDOWS\system32\winlm77.dll (Trojan.Agent) -> No action taken.
    C:\WINDOWS\ld01.exe (Backdoor.Bot) -> No action taken."

    Good luck,

  3. rev_olie

    rev_olie TS Guru Posts: 560

    After you have done as Taff suggested you need to go back and reinstall Hijackthis.

    You currently have it installed in the wrong location. All good renaming the file but it needs to stay in the correct place.

    Re load to the Program as stated from the instructions above and post a new log.
  4. qauser001

    qauser001 TS Rookie Topic Starter

    Here are updated logs. MBAM did fine 4 more infections. both MBAM and Hijack logs are attached.

    I noticed after reboot that IE will not open my home page, firefox told me it was looking for some proxy so i removed the proxy settings and now it seems the searh links are working, but i have to reboot again to see if the proxy is reset.

    I will quote again if that happens.

    truly appreciate your help on this.

    Thank you.

    Attached Files:

  5. rev_olie

    rev_olie TS Guru Posts: 560

    Right Ive had a look at your malwarebytes logs and you didn't do anything!.

    There is not action taken on all of the items.
    Re run malwarebytes and when the entries come up make sure you tick in the box next to the item to remove it.
    Take a look here for more info

    I cant take a look at your HJT log now as i'm going to college so haven't got time but i will do later.
  6. qauser001

    qauser001 TS Rookie Topic Starter

    Actually when i ran MBAM, it did find 4 infections and i removed them. I ran it again after update and it did not find anything.

    So MBAM did its job i think. Now the redirect problem seem to have gone, i tried it several times.

    Please let me know your observations on the hijack log when you get a chance.

    Thanks again.
  7. rev_olie

    rev_olie TS Guru Posts: 560

    Right overall your HJT log looks fine. Nothing there to suggest anything bad.

    However as my opinion and that of many others on this and other forums you should remove Norton/Symantec Anti Virus products.
    They use high volumes of RAM processing speed etc and as you can see doesn't offer you the best protection.
    Go with EITHER Avira or NOD32. These offer better protection and Aivra is free (if you don't mind the pop up upon update)
    Run this Norton Removal Tool if you want to rid your self of it

    However if you feel you like what you have then stick with it (and well see you next time you get infected ;) )
  8. qauser001

    qauser001 TS Rookie Topic Starter

    You guys are awesome!!!

    Many thanks for the help.:grinthumb
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...