Google search results redirecting to wrong page

Discussion in 'Malware Help (A Specialist Will Reply)' started by Perception2010, Feb 4, 2010.

  1. Perception2010

    Perception2010 Private E-2

    Greetings!

    I only just came across this forum today after looking for solutions to my problem! I have tried scans and what not, but to no avail, so thought i would take my problem to a forum where an expert can assist me!

    When i type something into the google search engine the results appear as normal, but when i click on some of the results it redirects to the wrong page but with same/similar subject as the search.

    While the page is redirecting, the words fresh-weather.com and other ad type names sometimes show up. It's as if the redirect is going via these sites.

    Now i believe the problem is the result of me trying to run a game which i had downloaded from a dodgy site. It was an exe.file. I can give the website and link details if need be.

    I have carried out the READ & RUN ME FIRST instructions but no luck.

    I was unable to run the RootRepeal program successfully (i disabled all appropriate programs) as it starts up and gets stuck displaying the message 'Initializing please wait'.

    The rest of the logs are attached.

    I am running windows xp home edition. I hope one of you tech savvy people out there can come to my rescue because this problem has been driving me nuts!!!

    Thanks for reading and looking forward to your feedback :)
     

    Attached Files:

    Perception2010, Feb 4, 2010
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!


    Go to TDSSKiller and Download TDSSKiller.zip to your Desktop
    • Extract its contents to your Desktop so that you have TDSSKiller.exe directly on your Desktop and not in any subfolder of the Desktop.
    • Click Start > Run and copy/paste the following bold command into Run box and hit Enter.
    "%userprofile%\Desktop\TDSSKiller.exe" -v
    • Follow the instructions to type in "delete" when it asks you what to do when if finds something.
    • When done, a log file should be created on your C: drive named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run. Please attach this log to your next reply. (See: HOW TO: Attach Items To Your Post )
    Are you still having problems?
     
    chaslang, Feb 6, 2010
    #2
  3. Perception2010

    Perception2010 Private E-2

    Hi, first of all thanks for taking the time out to help!

    I done the TDSSKiller thing and still having the same problem. I have attached the log.

    Just some more info (just in case it helps i dunno!). The redirect problem happens with both firefox and IE.

    The exe. file (which appears to have caused this as described in my initial post), was downloaded to my desktop. After running the file, it was no longer on my desktop and both my anti-virus and ad-aware programs straight away alerted me of some dodgy content being found. I carried out anti-virus and spyware scans which detected some nasty stuff. Then scans are showing up clean now.

    Awaiting step 2!
     

    Attached Files:

    Perception2010, Feb 7, 2010
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Okay, looking back at your Malwarebytes log shows you had a DNS Changer infection. These DNS hijackers can sometimes cause router hardware settings to get corrupted (i.e., infected)

    If you have a router hooked up then you need to follow the instructions for your hardware and reset it to factory default settings. Normally there is a recessed push button type switch that needs to be held down for some number of seconds to do this. After resetting to factory defaults on your router, you will need to reconfigure the router for your network if you have made any changes to the default network setup.

    Also do the following.

    Click Start > Run and type in cmd
    • Click OK.
    • This will open a command prompt.
    • Type or copy and paste the following line in the command window:
      ipconfig /flushdns
    • Hit Enter
    • Exit the command window

    Did either of the above instructions help?
     
    chaslang, Feb 8, 2010
    #4
  5. Perception2010

    Perception2010 Private E-2

    Hi,

    I am not using a router so the first option doesn't apply to me!

    I tried the 2nd instruction of typing CMD into start, run etc. but no luck.

    Now i didn't use the computer for 3 days after the last instruction, and today, after turning the pc on, windows will not boot up. I get the message:

    "We apologize for the inconvenience, but Windows did not start successfully. A recent hardware or software change might have caused this".

    I cannot boot in any of the options available. If i choose to boot in any of the 3 safe mode options offered, a list of files appear on the screen containing the path windows/system32/drivers etc and then it just freezes on that page; i have no option but to use the power switch to turn the computer off.

    I do not have the windows xp cd as my pc came with xp pre-installed. I have a recovery disc which i created...don't know if that would be of any help?

    Thanks
     
    Perception2010, Feb 13, 2010
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I'm sorry but this is a new problem that has nothing to do with flushing your DNS cache. Flushing the DNS cache only clears some network information related to the Domain Name Server (DNS) . If your PC cannot boot now, it is due to something else. Possibly some other software that was installed or even an automatic update to some program.....even Windows.

    First physically unplug the power to your PC and also unplug the network cable for an hour or so. Then plug them back in and see if you can bootup. If not, then the below would be you next choice.


    Another possible solution may be to use the Recovery Console that you installed while working thru the process of running ComboFix. Booting to the Recovery Console will allow you to try and run the below process to restore a previous registry hive which may fix any registry corruption that could be preventing your PC from booting.


    Work thru this: http://support.microsoft.com/default.aspx?scid=kb;en-us;307545&sd=tech

    Yes it may be somewhat complex/tedious based on your PC skills but it could be the only solution it your PC still does not boot.
     
    chaslang, Feb 13, 2010
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds