Another Google redirect problem

Discussion in 'Malware Help (A Specialist Will Reply)' started by yeziam, Oct 24, 2009.

  1. yeziam

    yeziam Private E-2

    I had a problem with a persistent google redirect that I was unable to resolve on my own. I have looked at some of the other threads but still no solution. This problem has been going on for about three to four days and Avira did not alert me to any issues. I've now switched to Avast.

    Anyhow, I followed every step outlined in the Malware Removal Guide sticky thread prior this posting yet the problem persists.

    Thanks in advance for all your help and guidance.
     

    Attached Files:

    yeziam, Oct 24, 2009
    #1
  2. yeziam

    yeziam Private E-2

    MGtools Log
     

    Attached Files:

    yeziam, Oct 24, 2009
    #2
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Lets start with this:
    Please Disable Spybot's TeaTimer

    * Run Spybot and click Mode
    * Select Advanced Mode.
    * Then click Tools and select Resident.
    * Now in the right window pane, uncheck TeaTimer.
    * Also while this is open, in the left column now select IE Tweaks
    * and then in the right pane make sure all the Miscellaneous locks are unchecked.
    * Now quit Spybot!

    Now use windows explorer to find and delete:
    c:\windows\rundll22.exe
    C:\Documents and Settings\Coley\Local Settings\temp\2mBka+cd.zip.part
    C:\Documents and Settings\Coley\Local Settings\temp\ZGTemp
    C:\Documents and Settings\Coley\Local Settings\temp\zT5jtWb_.exe.part

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

    Then attach the below logs:
    * C:\MGlogs.zip

    Make sure you tell me how things are working now!
     
    TimW, Oct 26, 2009
    #3
  4. yeziam

    yeziam Private E-2

    Thanks for your response.

    I still have the redirect after completing the steps outlined above. Attached is the new log you requested.
     

    Attached Files:

    yeziam, Oct 26, 2009
    #4
  5. yeziam

    yeziam Private E-2

    Also, when seeing if the redirect still existed, Avast gave me a warning of a "Trojan.FakeAV.CA" which I selected the "abort connection" button.
     
    yeziam, Oct 26, 2009
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You need to tell me exactly what Avast was reporting. I suspect there is something in your temp internet files. Have you cleaned them out completely?

    You can try doing this>

    http://www.superantispyware.com/onlinescan.html

    Reboot immediately after scanning if it finds and removes anything. Let me know if anything was found. It does not save a log.
     
    TimW, Oct 30, 2009
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds