Websites in Chrome redirecting

Hello - I have recently started having at least a couple web pages redirect to spam/ad sites in Google Chrome. It doesn't matter if I type the address directly into Chrome's address bar or use google search and go to the link from there. Not all sites are redirected and I note this does not yet appear to be an issue in FF or IE. Before visiting this forum, I did install and ran Kaspersky TDSS killer which found Rootkit.Boot.Wistler.a. I ran the cure and rebooted but at least one webpage continues to redirect. (e.g. If I type Justintv into Chrome's address bar I get redirected to surveyrewardz.org). I then ran MBR.exe per instructions and have attached the logs for both.

Also, as a secondary and perhaps related issue, I can no longer use a flash drive on this machine. When plugged in they show in Device Manager but do not auto start and when I try to open them, Windows prompts to format the drive. The drives function normally in other machines. When I do run format it says the drive cannot be formatted.

I have attached the TDSS Killer and the MBR.exe logs

Thank you in advance for your assistance.

 

OK, I have read and followed all procedures (except for MGTools) in the READ & RUN ME FIRST guide and also followed all the steps for fixing google redirecting/hijacking problems BUT am still having some problems with at least one website redirecting. FYI - I could not access the MGTools download link anywhere on majorgeeks.com as all the links directed me to the following message: "You don't have permission to access /chaslang/files/MGtools.exe on this server" I tried googling it in order to download directly but could not find a reputable site for download and so didn't want to chance it...I note that some sites suggested that MGTools itself was malware, but I'm sure you're aware of this already. I have attached all the relevant and requested logs (save for MGlogs.zip as noted above) per Step 3 in the RUN & READ ME FIRST Procedures. Thanks again for your assistance.

 

I could not access the internet via safe mode with networking. I suspect because Windows is not managing my connection, that may have something to do with it. I am using Intel ProSet wireless, so perhaps that program is not running in safe mode.

BTW, since my last post after running all the scans attached, I rebooted my computer and it took 10 min to boot up the first time and was running extremely slow. I restarted and the same thing occurred...10 min boot time and running at a snail's pace. Can't say with 100% certainty that the programs that were executed as part of the malware scanning had anything to do with it, but I did a system restore and things are back to where they were with boot time and system performance.

 

Hello - please see requested logs of OTL scan attached.

 

OK, I uninstalled Chrome with Revo and the problem still persists ...although the website I try to go to is now being redirected to a different survey site. Again, so far as I can tell, the redirect only applies to one particular web address. I note that Revo did not prompt me to delete any registry keys after uninstall as is usually the case.

 

Yes, to date only one website that I am aware of redirects. Justintv.com. If I type it directly into Chrome's address bar it will redirect to surveyrewardz.org, but if I search via google and hit the link, Chrome gives me a warning that says you are trying to access a website called a248.e.akamai.net. After flushing my DNS and rebooting my router, I did actually ignore the warning and went to the site and then justin.tv opens OK, although with a red line crossing out the https and a red x through the padlock. I am using the HTTPS Everywhere extension in Chrome and it states that only partial encryption for JustinTV which likely explains the red x and markings over https. I'd be curious to know if any of the scans sent showed any obvious signs of malware?

 

Well, I tried both FF and IE and no issues with either one.

 

CORRECTION...I just tried typing justintv.com in both FF's and IE's address bars and they BOTH redirected me to the same site! surveyrewardzcentral.org. However, when I google the sites and jump to the URL, unlike in Chrome, they both open fine in FF and IE with no security or certificate warnings.

 

I've attached a screenshot of what comes up when I type justintv.com into Chrome's address bar. If you hit the survey start button it prompts you through a series of survey questions and then ends with a selection of prizes to choose that you could win. I didn't go this far into the survey.

 

BTW: Not sure if you got my corrected update on the issue happening in other browsers. I had originally posted that FF and IE were not having this problem however a subsequent check confirms that both are now redirecting to surveyrewardz.org when typing justintv.com directly into the address bar, however when using google search and jumping to the URL, the site opens without incident or warning on both FF and IE.

 

So far, I'm not noticing any other surfing anomalies. It may very well be a JustinTV issue. In any event, its good to know it is not malware. Thanks for your help!