Google searches redirecting to ad sites

Status
Not open for further replies.
M

Maia

Posts: 8   +0
Hi All -

Here is my situation - I have a server that was built for my home. It is running on Windows Server 2003 Enterprise Edition with SP2. Of course, I was only supposed to use this as a server for an application I was running on other computers in my home, but I was occasionally using it for Internet access. Lo and behold, I was on Facebook and caught one of their viruses. Now I am having the following problems:

1. Google searches are redirecting to ad sites. I have to copy and paste the URL to get anywhere now.
2. Ad boxes are popping up on occasion.

I don't have anti-virus software on this server - of course because I wasn't supposed to be using it :)

Any idea what to do now? I can't seem to find any anti-virus software for Windows Server 2003. and from what I have read on this site, it doesn't look like anti-virus software is going to kill this thing. Any insights would be appreciated and would save me a trip to the geek squad
 
Log files for Google redirects

Here are my log files - thank you!
 

Attachments

  • SUPERAntiSpyware Scan Log - 06-19-2009 - 23-04-39.log
    3.1 KB · Views: 5
  • 2009 Jun 19 - 10_38_40 PM_953.log
    6.1 KB · Views: 6
  • 2009 Jun 19 - 10_39_20 PM_062.log
    3.1 KB · Views: 5
Touch wanted you to run the 8 Steps so you need to get him a MalwateBytes log!

Mike

EDIT: Also he might like to know what those other logs are from!

As for Virus protection on Win2k3 ThreatFire works well and Comodo used to but i think they changed it!
 
Logs from Malware

Hi Mike - those logs are from the Malware program. I could not get the program for free so I purchased it and then it ran three times and those are the three logs. Maybe the free logs have a different title?

Thanks,

Maia
 
Yep they are very different! Don't have even the name of MBAM and not a positive statement that it even cleaned anything! The freeware log is very clear on this.

Touch should check in soon!

For now run SAS again and confirm a clean log!

Then do this...

Download ComboFix

Get it here: https://www.techspot.com/downloads/5587-combofix.html
Or here: http://subs.geekstogo.com/ComboFix.exe

Double click combofix.exe follow the prompts.

Install Recovery Console if connected to the Internet!

When finished, it will open a log.
Attach the log and a new HJT log in your next reply.

Note: Do not click combofix's window while its running. That may cause it to stall.

Mike

NOTE: I am only trying to keep the ball rolling till Touch returns!
 
Can't download

Hi there -

Some of these software downloads are not compatible with Windows Server 2003. I had to uninstall SOS because it was locking up my machine. I think the Malware software helped to fix this - but are there other logs I could provide at this point?

Thanks,
 
I don't know what you mean by SOS perhaps SAS (SuperAntiSpyWare)?

But you have already posted a log from SAS? And i have a Server 2K3 and SAS runs just fine.

Now not many have Svr 2k3 so ComboFix does not run on 2k3!

If it is in fact SAS that locks up now it is likely that it is the Malware, there are some that can interfere with MBAM and SAS.

So delete the ComboFix redownload SAS and install and update and run the SAS in Safe Mode! It had findings in its last run that we need to confirm gone or that it finds no more. Also there are other Tools in SAS beside just scanning we may need to use!

Also as I just started to help you keep the ball rolling for Touch so did look closely at you Logs.

I see no sign of a Virus scanner (likely how you got this way) and as most free ones don't run on server get and install ThreatFire now as it runs on Server. http://majorgeeks.com/PC_Tools_ThreatFire_d5190.html

Install and Scan go to Settings an Max the Sensitivity level. Approve and remember the good programs like IE etc and watch closely for a bad boy!

Since we can't run ComboFix get DrWeb Cureit: http://majorgeeks.com/Dr.Web_CureIT_d4783.html But run it in Safe Mode.

Mike
 
I think it's fixed

I purchased the Malware and won't be using the computer for Internet access any longer! Thanks for all of your assistance. Appreciate it!
 
Status
Not open for further replies.

Similar threads

D
Google is cracking down on third-party apps that block YouTube ads
2
Replies
25
Views
278
Underdog
Underdog
Cal Jeffrey
Despite the denials, "your devices are listening to you," says ad company
2
Replies
36
Views
814
kinetix
K
E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
476
eriksnyman1
E

Latest posts

Back