google redirects

Ok, start by uninstalling these programs. Alot of free programs have malware bundled with them.

Free Internet Eraser
Free PDF Converter
Free Video Converter V 1.0
Eusing Free Registry Cleaner
AML Free Disk Defrag 1.1
TweakNow RegCleaner

Now go into your firefox extensions and disable/uninstall

Dealio
Search Settings

Close out your browser and then try searching again and see if you still get redirected.
 
google redirects cont

I uninstalled those apps and went to add ons ans ext and can not find anything that is listed as Dealio
 
Are you using IE or firefox to visit this forum? If IE, click on tools, manage add-ons. click on search providers. What is listed there?
 
google redirects cont

This is what is listed for IE:
Name Shockwave Flash Object
Publisher Adobe Systems Incorporated
Status Enabled
File date Wednesday, December 01, 2010, 9:07 AM
Version 10.1.102.64

Name Research
Publisher Microsoft Corporation
Status Enabled
File date Monday, July 14, 2003, 10:57 PM
Version 11.0.5510.0

Name Discuss
Publisher Not Available
Status Enabled
Version 6.0.2900.5951

Name Java(tm) Plug-In 2 SSV Helper
Publisher Sun Microsystems, Inc.
Status Disabled
File date Sunday, April 25, 2010, 10:55 AM
Version 6.0.200.2
Load time (0.31 s)
 
nashr1928 said:
This is what is listed for IE:
Name Shockwave Flash Object
Publisher Adobe Systems Incorporated
Status Enabled
File date Wednesday, December 01, 2010, 9:07 AM
Version 10.1.102.64

Name Research
Publisher Microsoft Corporation
Status Enabled
File date Monday, July 14, 2003, 10:57 PM
Version 11.0.5510.0

Name Discuss
Publisher Not Available
Status Enabled
Version 6.0.2900.5951

Name Java(tm) Plug-In 2 SSV Helper
Publisher Sun Microsystems, Inc.
Status Disabled
File date Sunday, April 25, 2010, 10:55 AM
Version 6.0.200.2
Load time (0.31 s)
Click to expand...

That is not the search providers box, thats the toolbars and extensions box.
 
google redirects cont

Sorry. I looked and only Bing is listed. I have recently tried using that instead of google to see if it works better for a search engine.
 
google redirects cont

Yes. Im connected with thru a comcast cable box but connected direct. The small netbook I have is connected thru a wireless router with a secure connection.
 
Are you having any redirect issues with the netbook? The reason I'm asking is that i've been researching this and it seems you could have a dns issue on your router causing them. Can you go into your routers settings and tell me what your dns addresses are? Do you have the router set to obtain address automatically or do you have it set manually? This seems to be the case with this certain redirect.
 
google redirects cont

Its now made its way back to firefox but not as bad. The wireless settings are:
Security WEP. Key1=5162B03586. Internet IP Address=Get Dynamically From ISP. Router MAC Address=Use Computer MAC Address. This is a Netgear Smartwizard. Provided by my carrier.
 
Well something is amiss in your router settings. Your IP address belongs to comcast in Oregon, usa but your dns servers are coming from India. Please call your internet provider to check your dns servers. You might have to do a hard reset on your router.
 
google redirects cont

Hello John. It looks like that was the final thing wrong. I had my carrier reset the router then I went thru their sequence to reset at my end. No redirects now when I log on to this site. Im not sure how this happened and now Im not sure how to prevent this. Now I must start on the netbook. It still has redirects. Thanks so very much for your help. Rick
 
google redirects cont

It looks like I spoke to soon. Redirects are back on both brousers. Im tempted to just wipe & clean. Its so much work reconstructing everything. darn it I wish there were another way?? I decided to dump IE. I emptied all info and made firefox my default.
 
Last edited:
First off, make sure your dns servers haven't changed again. It's also possible you got infected before the dns servers got fixed. Run malwarebytes again after updating it and post new logs of mwb and hijackthis.
 
google redirects cont

I scanned everything last nite with no internet connection. I contacted my provider again and looked at my system and all is ok. I have shut down the wireless for now until I have found a way to configure it correctly. I am now on ethernet connection only. I checked that and its on automatic settings, so no dns manually. Im going to use the system for a day or so to see if anything comes back thru ethernet connection. If ok then I will procede to the wireless. Thanks again......

Rick
 
Hello
@nashr1928
If you allow me, I will try to help you.

Please,follow the instructions:
http://www.bleepingcomputer.com/tutorials/tutorial62.html

Upload file for analize (reanalize)

c:\windows\system32\drivers\eufs.sy
c:\windows\system32\drivers\oreans32.sys

report here the URL in the address bar of the VT results page

........................

Open notepad and copy/paste the text in the quotebox below into it:

Code: 
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63 A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63 A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUt il10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63 A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F 2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F 2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F 2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"


Save this as CFScript

2a5lkpz.gif



Close all browser windows and refering to the picture above, drag CFScript into Combofix.exe. ComboFix will try to download new version of program,click the Yes button.
Then post the resultant log (C:\Combofix.txt )
 
google redirects cont

I have continued scanning with the tools you have suggested. I had my provider reset the wireless router and selected DNS automatically and have no more redirects. Thanks so much for your very valuable assistance. Thanks again.......... Rick
 
You must log in or register to reply here.
Back
Top