Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Google search redirected

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Google search redirected

Unread postby otc » February 7th, 2012, 10:24 am

http://virusscan.jotti.org/en/scanresul ... 99124773d4
otc
Regular Member
 
Posts: 20
Joined: January 24th, 2012, 7:00 pm
Advertisement
Register to Remove

Re: Google search redirected

Unread postby otc » February 7th, 2012, 6:39 pm

says ext sys not allowed
otc
Regular Member
 
Posts: 20
Joined: January 24th, 2012, 7:00 pm

Re: Google search redirected

Unread postby otc » February 7th, 2012, 7:39 pm

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-02-07 15:30:00
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 FUJITSU_MHV2100BH_PL rev.00000029
Running: 4vi5131v.exe; Driver: C:\DOCUME~1\Bill\LOCALS~1\Temp\pwrdyfog.sys


---- System - GMER 1.0.15 ----

SSDT 89033720 ZwCreateKey
SSDT 88EE54A0 ZwCreateMutant
SSDT 89032520 ZwCreateProcess
SSDT 89032820 ZwCreateProcessEx
SSDT 88EE5860 ZwCreateSymbolicLinkObject
SSDT 89034FC0 ZwCreateThread
SSDT 89033D20 ZwDeleteKey
SSDT 89034620 ZwDeleteValueKey
SSDT 88EE5A40 ZwDuplicateObject
SSDT 88EE51A0 ZwLoadDriver
SSDT 89032B20 ZwOpenProcess
SSDT 89034C00 ZwOpenSection
SSDT 89032E20 ZwOpenThread
SSDT 89034020 ZwRenameKey
SSDT 89034320 ZwRestoreKey
SSDT 88EE5680 ZwSetSystemInformation
SSDT 89033A20 ZwSetValueKey
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xA84C0640]
SSDT 89033420 ZwTerminateThread
SSDT 89034DE0 ZwWriteVirtualMemory

Code \??\C:\DOCUME~1\Bill\LOCALS~1\Temp\catchme.sys pIofCallDriver

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Udfs \UdfsCdRom DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\meiudf \MeiUDF_Disk DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\meiudf \MeiUDF_CdRom DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Udfs \UdfsDisk DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

AttachedDevice \Driver\Tcpip \Device\Ip tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)

Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

---- EOF - GMER 1.0.15 ----
don't use aol or view point
otc
Regular Member
 
Posts: 20
Joined: January 24th, 2012, 7:00 pm

Re: Google search redirected

Unread postby otc » February 7th, 2012, 7:41 pm

otl wont complete window pops up that says list of index out of bounds (487)

OTL stalls when trying to scan google chrome

Thanks, OTC
otc
Regular Member
 
Posts: 20
Joined: January 24th, 2012, 7:00 pm

Re: Google search redirected

Unread postby Elrond » February 8th, 2012, 7:08 am

says ext sys not allowed

Sorry but I do not understand what you mean. Please explain.

I am doing some research to find out what is stopping OTL. Please be patient. :)
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem

Re: Google search redirected

Unread postby otc » February 8th, 2012, 7:34 am

when program was going through the "scan Modules" window pops up> use of index out of bounds (487)

Re: OTL the program was scanning at the bottom of screen you can see what is being scanned,when google chrome started the whole process stopped.

Also the redirection issue has stopped

Thanks
otc
Regular Member
 
Posts: 20
Joined: January 24th, 2012, 7:00 pm

Re: Google search redirected

Unread postby Elrond » February 8th, 2012, 12:46 pm

Please try the following:

Reboot the computer into Safe Mode and try to run OTL in this mode.

If you do not know how to start the computer in safe mode let me know and I will give you instructions. :)
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem

Re: Google search redirected

Unread postby otc » February 9th, 2012, 6:38 pm

Tried in safe mode the same thing happened. Scans some files and then stall scanning chrome.

Thanks, Bill
otc
Regular Member
 
Posts: 20
Joined: January 24th, 2012, 7:00 pm

Re: Google search redirected

Unread postby Elrond » February 9th, 2012, 11:49 pm

Let's check the version of OTL that you are trying to run.

When you open the OTL what is the version that you see at the top of the page. It starts with
OTL by OldTimer and then says Version. It should show 3.2.31.0
If it does not then delete the version of OTL that you have and download the latest version from url=http://oldtimer.geekstogo.com/OTL.exe and run it.

Please tell me if you used the latest version and if not please post the OTL log that you get.

An older version of OTL behaved exactly as you describe its behaviour on your computer.
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem

Re: Google search redirected

Unread postby otc » February 10th, 2012, 7:03 am

The OTL is the latest version.

Thanks, Bill
otc
Regular Member
 
Posts: 20
Joined: January 24th, 2012, 7:00 pm

Re: Google search redirected

Unread postby Elrond » February 10th, 2012, 8:39 am

Let's try the following:

Disable SUPERAntiSpyware
Programs like SUPERAntiSpyware, may interfere with the fix, so we need to temporarily disable it.
  • Right-click on the SUPERAntiSpyware icon, in the system tray.
  • Choose View Control Center... "Preferences/options" button/tab.
  • On the General and Startup...tab, uncheck, "Start SUPERAntiSpyware when Windows starts"
  • click Close to exit.
Don't forget to enable your SUPERAntiSpyware protection, when your computer is clean.

Now try the OTL again.

Sorry about the many tries to get OTL to run, but it is very disturbing that OTL does not run as expected. We are testing all the simpler solutions before getting to some more coplicated ones that will check the memory of the computer.

Please note that I will be off line an hour from now until about 27 hours from then.
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem

Re: Google search redirected

Unread postby Elrond » February 10th, 2012, 8:52 am

Disregard the last post and try the following instead.

OTS
Please download OTS.exe... by OldTimer. Save it to your desktop.
  1. Double click on OTSc.exe to run it.
    If you recieve the "Open File - Security Warning" prompt, press "Run".
  2. Click on Run Scan at the top left hand corner. It may take a few minutes...be patient, let it run.
  3. When done, Notepad will open with the log file "OTS.txt" contents. File can be found on your desktop.
Please post the entire OTS.txt file contents, in your next reply.
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem

Re: Google search redirected

Unread postby Elrond » February 13th, 2012, 8:40 pm

If I don't hear from you within the next 24 hours I am sorry but I will have to close the topic.
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem

Re: Google search redirected

Unread postby otc » February 14th, 2012, 10:32 am

Trendmicro keeps removing the OTS download

Thanks, Bill
otc
Regular Member
 
Posts: 20
Joined: January 24th, 2012, 7:00 pm

Re: Google search redirected

Unread postby Elrond » February 14th, 2012, 12:51 pm

Can you disable trend Micro for the time it takes to download the OTS and run it. Don't forget to reenable it again once it is done.
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 240 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware