Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google.analytics.com, epoclick, internet redirects, infected, help!


  • Please log in to reply
3 replies to this topic

#1 LCFL

LCFL

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 27 October 2010 - 01:50 PM

Hi,
I signed up and made an account because I saw someone else had the same problem (I googled and this site came up), but they had Windows XP professional and I have Windows 7.

I need help please!!! This is driving me INSANE!!!!

Computer: Microsoft Windows 7 Home Premium

Problem:

Our computer is infected with malware that redirects us, specifically to (4) different pop-up windows. One is google-analytics.com, the other is epoclick.com, the other is some sort of "fake" virus-scan site, and the fourth just shows the "internet cannot display web page."

It does this all.the.time. I use IE - pretty sure I have the latest version. I do not want to get another browser, I'd prefer to stick with IE.

Also, because of this malware, I cannot use windows update at all! It simply will NOT let us update Windows.

I even called Microsoft - they had us run scans, all of which show NOTHING is infected. I KNOW this computer is infected, and it's driving me insane.

Please, please help!! I hope there is a solution to this nightmare!! This computer is brand new! Custom built and less than 6 months old, so having these issues is double-frustrating to me!

Any help is greatly appreciated!!

Edited by Orange Blossom, 27 October 2010 - 05:48 PM.
Move to AII for initial assistance. ~ OB


BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,962 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:02:28 AM

Posted 29 October 2010 - 10:42 AM

Hello,

Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 Lars69camaro

Lars69camaro

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 31 October 2010 - 08:55 AM

Chased this rotten malware for a week straight. Superantispyware,MBAM,S&D,AVG, nothing fixed it.
Verizon, Westell 2200 modem w/ Linksys WRT54G router.
I had a wireless Linksys router that was unlocked. Logged on to it and found that those SOBs had hijacked it! Easy to fix though.

Connect via enet cable directly to your router. Type in its IP address (typically 192.168.1.1) goto the setup page. There you'll see the DNS addresses. they ALL should be 0.0.0.0 If not you've been hijacked. Set them all to zeros (0.0.0.0). Make sure you lock down your router with a unique name and password, not the default ones the router comes with. You may need to power down/up the router to complete the cycle.

Boom you should be all set.

In the event you can't talk to your router, push and hold the little reset button on the back (maybe need a ball point pen) and try again. You may need to go through your setup your all over with a host name and provider depending on what service you have. Not that big of a deal.

Hope this helps

#4 LCFL

LCFL
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 04 November 2010 - 07:02 PM

Chased this rotten malware for a week straight. Superantispyware,MBAM,S&D,AVG, nothing fixed it.
Verizon, Westell 2200 modem w/ Linksys WRT54G router.
I had a wireless Linksys router that was unlocked. Logged on to it and found that those SOBs had hijacked it! Easy to fix though.

Connect via enet cable directly to your router. Type in its IP address (typically 192.168.1.1) goto the setup page. There you'll see the DNS addresses. they ALL should be 0.0.0.0 If not you've been hijacked. Set them all to zeros (0.0.0.0). Make sure you lock down your router with a unique name and password, not the default ones the router comes with. You may need to power down/up the router to complete the cycle.

Boom you should be all set.

In the event you can't talk to your router, push and hold the little reset button on the back (maybe need a ball point pen) and try again. You may need to go through your setup your all over with a host name and provider depending on what service you have. Not that big of a deal.

Hope this helps


First, orange blossom - thank you so much for responding! Lars had it right - we tried his method first since it was the quickest, and it worked! We're "cured!" Thanks so much Lars for that info! And thank you so much to both of you for helping people fix their computers!!!! :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users