Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirects Problem


  • Please log in to reply
No replies to this topic

#1 Whaler54

Whaler54

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:17 PM

Posted 31 March 2011 - 04:34 PM

I'm having a problem with browser redirects (Firefox and Chrome, I don't use IE) with Google search results. When I click on a link some times it sends me to the wrong pages, usually very suspect type pages that want me to buy or download something. I'll try to give as much detail as possible as to when it started.

I had no problems through Tuesday. When I went to use the computer Wed. morning (computer was on all night) I had no internet connection. I called Comcast Wed after work and they told me my modem was too old and would no longer work on their system. I went to Best Buy and got a new modem, came home, installed it and everything worked fine. The computer was left on again Wed night. On Thursday the computer was used during the day by my wife and some family members. My wife is careful on the internet, but I don't know about the family members. {EDIT: When I got home from work my ipod would not sync, I was getting a service error. I googled how to fix this and it told me to restart the Apple Mobile Device service. That fixed it.} When I got home from work on Thursday is when I first noticed the redirects (my wife thinks it happened to her earlier in the day too.)

I use Microsoft Security Essentials for my anti-virus and Windows Firewall for the firewall (they've worked well up until recently.) I ran a quick scan with Malware Bytes and it detected and removed:

c:\Documents and Settings\HP_Administrator\Local Settings\Temp\78.tmp (Trojan.FakeAlert) -> Delete on reboot.
c:\documents and settings\hp_administrator\local settings\Temp\79.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\documents and settings\hp_administrator\local settings\temporary internet files\Content.IE5\BOR7FHQO\payload.exe[1].exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

I then ran a quick scan with MSE and it detected and removed:

VirTool:JS/Obfuscator.AI
Exploit:Java/CVE-2010-0842.H
Exploit:Java/CVE-2010-0840.BB

I booted the computer and still had redirects going on so I then re-ran a quick scan with Malware Bytes and it was clean. I then ran a full scan with MSE overnight and it detected and removed:

Rogue:Win32/Winwebsec
Adware:Win32/OpenCandy

This morning I ran SuperAntiSpyware and it detected and removed tracking cookies.

I still have the redirects though, so here I am. Actually I had a heck of a time getting here thanks to the redirects (even typing the address directly into Chrome got redirected), I had to use a link through the welcome email (I registered today on my work computer).

I am running Windows XP with Open DNS to block potential problem sites (adult, warez, etc - I have a 7yr old who sometimes uses the computer and I don;t want her to accidentally go on them). I also use CrashPlan as a backup as well as an external HD for backup. I'm concerned that even if I remove the virus from my computer it would still be on either the external drive or CrashPlan.

**EDIT**
I think it has to do with the Apple Mobile Device service. I just stopped it and my redirects have stopped.

**EDIT 2**
The redirects started again even though the Apple Mobile Device service is still stopped. Dang, thought I had it!

Edited by Whaler54, 31 March 2011 - 07:09 PM.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users