Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirecting to blank page before visiting Google.com


  • Please log in to reply
5 replies to this topic

#1 WeirdComputerProblem

WeirdComputerProblem

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 01 December 2016 - 05:25 PM

Hi BleepingComputer, my computer has been redirecting to a blank page before visiting Google.com or any other website.

Sometimes certain websites do not work, and it will work again after restarting the router.

Tried updating firmware on the router but it does the same thing.

Email password were changed a few times along with Steam.

Tried updating firmware on the router but it does the same thing.

 

Attached are the logs

 

Thanks

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,225 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:06 AM

Posted 03 December 2016 - 11:22 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Temporarily disable your AV program so it does not interfere.
Info on how to disable your security applications How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - Security Mini-Guides.

Download Zoek tool from here

When the download appears, save to the Desktop.
On the Desktop, right-click the Zoek.exe file and select: Run as Administrator
(Give it a few seconds to appear.)

Next, copy/paste the entire script inside the code box below to the input field of Zoek:
createsrpoint;
autoclean;
emptyclsid;
emptyffcache;
FFdefaults;
emptyiecache;
iedefaults;
emptychrcache;
CHRdefaults;
emptyalltemp;
emptyfolderscheck;delete
ipconfig /flushdns;b
Now...
Close any open Browsers.
Click the Run script button, and wait. It takes a few minutes to run all the script.

When the tool finishes, the zoek-results.log is opened in Notepad.
The log is also found on the systemdrive, normally C:\
If a reboot is needed, the log is opened after the reboot.

Please attach the zoek-results.log in your reply.
===

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png which is located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.

Restart Chrome.
===


Post the log and please provide an update on how the computer is behaving after running the above script.

#3 WeirdComputerProblem

WeirdComputerProblem
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 03 December 2016 - 05:20 PM

Hi nasdaq, I ran zoek with the script posted. It seems to be the same as before.

But the problems are sometimes random and so are the password changes.

 

Attached is the log

 

 
Thanks

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,225 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:06 AM

Posted 04 December 2016 - 08:20 AM


Reset your router. It may be infected.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

====
How to tell if my Wireless is secure.
http://www.ehow.com/how_6775466_tell-wireless-secure_.htm

===

If the problem persists download the Free version of Avast from this site.
https://www.avast.com/index

When installed scan the computer.

Any change?

#5 WeirdComputerProblem

WeirdComputerProblem
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 08 December 2016 - 02:38 PM

Hi nasqaq, the router was factory restored and this is the system log today.
.
.
.
Nov 9 21:38:38 DoS: UdpEchoChargen Attack source=189.103.72.78 destination=173.243.70.39
Nov 9 21:38:40 DoS: UdpEchoChargen Attack source=189.103.72.78 destination=173.243.70.39
Nov 9 21:38:42 DoS: UdpEchoChargen Attack source=189.103.72.78 destination=173.243.70.39
Nov 9 21:38:46 DoS: UdpEchoChargen Attack source=189.103.72.78 destination=173.243.70.39
Nov 9 21:45:53 DoS: UdpEchoChargen Attack source=91.105.27.145 destination=173.243.70.39
Nov 9 21:45:56 DoS: UdpEchoChargen Attack source=91.105.27.145 destination=173.243.70.39
Nov 9 21:45:58 DoS: UdpEchoChargen Attack source=91.105.27.145 destination=173.243.70.39
Nov 9 21:46:02 DoS: UdpEchoChargen Attack source=91.105.27.145 destination=173.243.70.39
Nov 9 21:46:10 DoS: UdpEchoChargen Attack source=91.105.27.145 destination=173.243.70.39
Nov 9 21:48:44 DoS: UdpEchoChargen Attack source=66.69.207.95 destination=173.243.70.39
Nov 9 21:48:45 DoS: UdpEchoChargen Attack source=66.69.207.95 destination=173.243.70.39
Nov 9 21:48:47 DoS: UdpEchoChargen Attack source=66.69.207.95 destination=173.243.70.39
Nov 9 21:48:49 DoS: UdpEchoChargen Attack source=66.69.207.95 destination=173.243.70.39
Nov 9 21:48:51 DoS: UdpEchoChargen Attack source=66.69.207.95 destination=173.243.70.39
Nov 9 21:48:56 DoS: UdpEchoChargen Attack source=66.69.207.95 destination=173.243.70.39
Nov 9 21:51:13 wlan0: Delete MC entry not found!
Nov 9 22:09:58 DoS: UdpEchoChargen Attack source=78.61.248.225 destination=173.243.70.39
Nov 9 22:09:59 DoS: UdpEchoChargen Attack source=78.61.248.225 destination=173.243.70.39
Nov 9 22:10:00 DoS: UdpEchoChargen Attack source=78.61.248.225 destination=173.243.70.39
Nov 9 22:10:03 DoS: UdpEchoChargen Attack source=78.61.248.225 destination=173.243.70.39
Nov 9 22:10:08 DoS: UdpEchoChargen Attack source=78.61.248.225 destination=173.243.70.39

What should I do?

Thanks

Edited by WeirdComputerProblem, 08 December 2016 - 02:38 PM.


#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,225 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:06 AM

Posted 09 December 2016 - 08:25 AM


It is suggested on this page that after a Factory reset you should reconfigure the router.

http://www.linksys.com/us/support-article?articleNum=139791

Not sure what is the model of you router.

This may help.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

====
How to tell if my Wireless is secure.
http://www.ehow.com/how_6775466_tell-wireless-secure_.html

Keep me posted.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users