Redirecting with message "Oops! The page you are looking for may be temporarily"

Welcome to Major Geeks!

You need to attach the other logs from ComboFix and AVG Antispyware that were requested. However I would note up front that this does not sound like malware. Sounds more like a caching issue, a DNS issues, or a possible router issue (power cycle and also look for a firmware update).

After you attach the other two logs we may know more but right now I'm not seeing any malware issues. I do have a few things for you to do but they are not going to solve your problem.

First do you recognize the below URL and IP addresses:

Why did someone use the folder name C:\SYSROOT instead or C:\Windows ? Not that it is a problem but it is a great way to run into some kind of compatibility issue sooner or later.

Do you recognize the below files?

Code:

"C:\Documents and Settings\amitgautam_bhatia\Templates\AlcorDemo\"
alcrmef.sys   Mar  6 2007       17824  "alcrmef.sys"
smartap.exe   Mar  6 2007      802816  "smartap.exe"

Run this Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

Uninstall the below old versions of software:
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 13
Java 2 Runtime Environment, SE v1.4.2_01
Viewpoint Media Player <-- should have been uninstalled in step 0 of the READ ME

Make sure you reboot after uninstalling the above!

After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment


Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {9b935470-ad4a-11d5-b63e-00c04faedb18} (Oracle JInitiator 1.1.8.16) -

After clicking Fix, exit HJT.

I now suggest you click Start, Run, and enter ipconfig /flushall and click OK.

I don't expect the above to have any effect put the flushall could.

 

The what about the folder name they are in: AlcorDemo Does that sound familiar?

Are you sure about this. No one use Windows Messenger. It is an old outdated instant messenger that Microsoft even removed from Windows XP SP2. It was prone to popups and other issues. Don't confuse it with MSN Messenger and Windows Live Messenger which are the current actual supported Microsoft versions of instant messenger tools.

That does not matter. After the 30 days it just does not provide any protection. It is still useful as a scanner/removal tool. It should be able to generate a log, but sometimes a reboot is required after installing.


I'm still not seeing any issues in your logs. Are you still having problems? If so, run the below.



Download HostsXpert and then follow the below steps.

• Unzip HostsXpert.zip
  [*]It will create a folder named HostsXpert in whatever folder you extract it to.
  [*]Run HostsXpert.exe by double clicking on it.
  [*]click the Make Writeable? button.
  [*]click Restore Microsoft's Hosts File and then click OK.
  [*]Click the X to exit the program

Now are you still having problems?

 

You're welcome.

If you are not having any other malware problems, it is time to do our final steps:

1. If we used ComboFix then UNINSTALL COMBOFIX (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN
   • Now type combofix /u in the runbox and click OK.
   • Note: The space between the X and the /U, it must be there.
2. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
3. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
4. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!

 

You're welcome. Surf safely!