Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

google and yahoo misdirects

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: google and yahoo misdirects

Unread postby dan12 » March 23rd, 2009, 8:48 pm

Go to Start>Run and highlight the contents of the box below then use CTRL+C to copy them and CTRL+V to paste them into the run dialogue box.

Code: Select all
cmd /c copy C:\WINDOWS\system32\drivers\etc\hosts "%userprofile%\desktop\hosts.txt"


Click OK, notepad will then open with your host file. Copy and paste the whole Hosts file in your next reply.
User avatar
dan12
MRU Honors Grad Emeritus
 
Posts: 6123
Joined: March 30th, 2006, 3:22 am
Location: Leicestershire
Advertisement
Register to Remove

Re: google and yahoo misdirects

Unread postby b2thej1 » March 23rd, 2009, 10:01 pm

89.149.227.223 google.ae
89.149.227.223 google.as
89.149.227.223 google.at
89.149.227.223 google.az
89.149.227.223 google.ba
89.149.227.223 google.be
89.149.227.223 google.bg
89.149.227.223 google.bs
89.149.227.223 google.ca
89.149.227.223 google.cd
89.149.227.223 google.com.gh
89.149.227.223 google.com.gi
89.149.227.223 google.com.hk
89.149.227.223 google.com.jm
89.149.227.223 google.com.ly
89.149.227.223 google.com.mx
89.149.227.223 google.com.my
89.149.227.223 google.com.na
89.149.227.223 google.com.nf
89.149.227.223 google.com.ng
89.149.227.223 google.ch
89.149.227.223 google.com.np
89.149.227.223 google.com.om
89.149.227.223 google.com.pa
89.149.227.223 google.com.pr
89.149.227.223 google.com.qa
89.149.227.223 google.com.sg
89.149.227.223 google.com.tj
89.149.227.223 google.com.tr
89.149.227.223 google.com.tw
89.149.227.223 google.com.ua
89.149.227.223 google.dj
89.149.227.223 google.com.vc
89.149.227.223 google.it.ao
89.149.227.223 google.de
89.149.227.223 google.dk
89.149.227.223 google.dm
89.149.227.223 google.dz
89.149.227.223 google.ee
89.149.227.223 google.fi
89.149.227.223 google.fm
89.149.227.223 google.fr
89.149.227.223 google.ge
89.149.227.223 google.gg
89.149.227.223 google.gm
89.149.227.223 google.gr
89.149.227.223 google.gy
89.149.227.223 google.ht
89.149.227.223 google.ie
89.149.227.223 google.im
89.149.227.223 google.in
89.149.227.223 google.it
89.149.227.223 google.ki
89.149.227.223 google.kz
89.149.227.223 google.la
89.149.227.223 google.li
89.149.227.223 google.lk
89.149.227.223 google.lv
89.149.227.223 google.ma
89.149.227.223 google.md
89.149.227.223 google.ms
89.149.227.223 google.mu
89.149.227.223 google.mv
89.149.227.223 google.mw
89.149.227.223 google.nl
89.149.227.223 google.no
89.149.227.223 google.nr
89.149.227.223 google.nu
89.149.227.223 google.pl
89.149.227.223 google.pn
89.149.227.223 google.pt
89.149.227.223 google.ro
89.149.227.223 google.ru
89.149.227.223 google.rw
89.149.227.223 google.sc
89.149.227.223 google.se
89.149.227.223 google.sh
89.149.227.223 google.si
89.149.227.223 google.sm
89.149.227.223 google.sn
89.149.227.223 google.st
89.149.227.223 google.tl
89.149.227.223 google.tm
89.149.227.223 google.tt
89.149.227.223 google.us
89.149.227.223 google.vg
89.149.227.223 google.vu
89.149.227.223 google.ws
89.149.227.223 google.co.bw
89.149.227.223 google.co.ck
89.149.227.223 google.co.id
89.149.227.223 google.co.il
89.149.227.223 google.co.in
89.149.227.223 google.co.jp
89.149.227.223 google.co.ke
89.149.227.223 google.co.kr
89.149.227.223 google.co.ls
89.149.227.223 google.co.ma
89.149.227.223 google.co.mz
89.149.227.223 google.co.nz
89.149.227.223 google.co.th
89.149.227.223 google.co.tz
89.149.227.223 google.co.ug
89.149.227.223 google.co.uk
89.149.227.223 google.co.za
89.149.227.223 google.co.zm
89.149.227.223 google.co.zw
89.149.227.223 google.com
89.149.227.223 google.com.af
89.149.227.223 google.com.ag
89.149.227.223 google.com.ai
89.149.227.223 google.com.ar
89.149.227.223 google.com.au
89.149.227.223 google.com.bn
89.149.227.223 google.com.br
89.149.227.223 google.com.by
89.149.227.223 google.com.bz
89.149.227.223 google.com.co
89.149.227.223 google.com.cu
89.149.227.223 google.com.ec
89.149.227.223 google.com.et
89.149.227.223 google.com.fj
89.149.227.223 www.google.ae
89.149.227.223 www.google.as
89.149.227.223 www.google.at
89.149.227.223 www.google.az
89.149.227.223 www.google.ba
89.149.227.223 www.google.be
89.149.227.223 www.google.bg
89.149.227.223 www.google.bs
89.149.227.223 www.google.ca
89.149.227.223 www.google.cd
89.149.227.223 www.google.com.gh
89.149.227.223 www.google.com.gi
89.149.227.223 www.google.com.hk
89.149.227.223 www.google.com.jm
89.149.227.223 www.google.com.ly
89.149.227.223 www.google.com.mx
89.149.227.223 www.google.com.my
89.149.227.223 www.google.com.na
89.149.227.223 www.google.com.nf
89.149.227.223 www.google.com.ng
89.149.227.223 www.google.ch
89.149.227.223 www.google.com.np
89.149.227.223 www.google.com.om
89.149.227.223 www.google.com.pa
89.149.227.223 www.google.com.pr
89.149.227.223 www.google.com.qa
89.149.227.223 www.google.com.sg
89.149.227.223 www.google.com.tj
89.149.227.223 www.google.com.tr
89.149.227.223 www.google.com.tw
89.149.227.223 www.google.com.ua
89.149.227.223 www.google.dj
89.149.227.223 www.google.com.vc
89.149.227.223 www.google.it.ao
89.149.227.223 www.google.de
89.149.227.223 www.google.dk
89.149.227.223 www.google.dm
89.149.227.223 www.google.dz
89.149.227.223 www.google.ee
89.149.227.223 www.google.fi
89.149.227.223 www.google.fm
89.149.227.223 www.google.fr
89.149.227.223 www.google.ge
89.149.227.223 www.google.gg
89.149.227.223 www.google.gm
89.149.227.223 www.google.gr
89.149.227.223 www.google.gy
89.149.227.223 www.google.ht
89.149.227.223 www.google.ie
89.149.227.223 www.google.im
89.149.227.223 www.google.in
89.149.227.223 www.google.it
89.149.227.223 www.google.ki
89.149.227.223 www.google.kz
89.149.227.223 www.google.la
89.149.227.223 www.google.li
89.149.227.223 www.google.lk
89.149.227.223 www.google.lv
89.149.227.223 www.google.ma
89.149.227.223 www.google.md
89.149.227.223 www.google.ms
89.149.227.223 www.google.mu
89.149.227.223 www.google.mv
89.149.227.223 www.google.mw
89.149.227.223 www.google.nl
89.149.227.223 www.google.no
89.149.227.223 www.google.nr
89.149.227.223 www.google.nu
89.149.227.223 www.google.pl
89.149.227.223 www.google.pn
89.149.227.223 www.google.pt
89.149.227.223 www.google.ro
89.149.227.223 www.google.ru
89.149.227.223 www.google.rw
89.149.227.223 www.google.sc
89.149.227.223 www.google.se
89.149.227.223 www.google.sh
89.149.227.223 www.google.si
89.149.227.223 www.google.sm
89.149.227.223 www.google.sn
89.149.227.223 www.google.st
89.149.227.223 www.google.tl
89.149.227.223 www.google.tm
89.149.227.223 www.google.tt
89.149.227.223 www.google.us
89.149.227.223 www.google.vg
89.149.227.223 www.google.vu
89.149.227.223 www.google.ws
89.149.227.223 www.google.co.bw
89.149.227.223 www.google.co.ck
89.149.227.223 www.google.co.id
89.149.227.223 www.google.co.il
89.149.227.223 www.google.co.in
89.149.227.223 www.google.co.jp
89.149.227.223 www.google.co.ke
89.149.227.223 www.google.co.kr
89.149.227.223 www.google.co.ls
89.149.227.223 www.google.co.ma
89.149.227.223 www.google.co.mz
89.149.227.223 www.google.co.nz
89.149.227.223 www.google.co.th
89.149.227.223 www.google.co.tz
89.149.227.223 www.google.co.ug
89.149.227.223 www.google.co.uk
89.149.227.223 www.google.co.za
89.149.227.223 www.google.co.zm
89.149.227.223 www.google.co.zw
89.149.227.223 www.google.com
89.149.227.223 www.google.com.af
89.149.227.223 www.google.com.ag
89.149.227.223 www.google.com.ai
89.149.227.223 www.google.com.ar
89.149.227.223 www.google.com.au
89.149.227.223 www.google.com.bn
89.149.227.223 www.google.com.br
89.149.227.223 www.google.com.by
89.149.227.223 www.google.com.bz
89.149.227.223 www.google.com.co
89.149.227.223 www.google.com.cu
89.149.227.223 www.google.com.ec
89.149.227.223 www.google.com.et
89.149.227.223 www.google.com.fj
89.149.227.223 search.yahoo.com
89.149.227.223 www.search.yahoo.com
89.149.227.223 search.live.com
89.149.227.223 search.msn.com
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
b2thej1
Regular Member
 
Posts: 71
Joined: March 8th, 2009, 11:19 pm

Re: google and yahoo misdirects

Unread postby dan12 » March 24th, 2009, 4:52 am

Do the following.

  • Double-click OTMoveIt3.exe to run it.
  • Copy the lines in the codebox below.
Code: Select all
:Files
C:\WINDOWS\system32\drivers\etc\hosts

  • Return to OTMoveIt3, right click in the Paste Instructions for Items to be Moved window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar), and paste it in your next reply.
  • Close OTMoveIt3

Next

Double click on HostsXpert.exe to launch it.
  • You will get a prompt that you do not have a Hosts file and asked if you want to create one.
  • Answer Yes.
  • Click on the Make Read Only button.
  • Exit out of HostsXpert.



Go to Start>Run and highlight the contents of the box below then use CTRL+C to copy them and CTRL+V to paste them into the run dialogue box.

Code: Select all
cmd /c copy C:\WINDOWS\system32\drivers\etc\hosts "%userprofile%\desktop\hosts.txt"


Click OK, notepad will then open with your host file. Copy and paste the whole Hosts file in your next reply.
User avatar
dan12
MRU Honors Grad Emeritus
 
Posts: 6123
Joined: March 30th, 2006, 3:22 am
Location: Leicestershire

Re: google and yahoo misdirects

Unread postby b2thej1 » March 24th, 2009, 8:56 am

here's the hosts file-why is nothing there?


# Copyright © 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a "#" symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
#
127.0.0.1 localhost
b2thej1
Regular Member
 
Posts: 71
Joined: March 8th, 2009, 11:19 pm

Re: google and yahoo misdirects

Unread postby dan12 » March 24th, 2009, 1:13 pm

Because it's been reset to default, all the entries you saw there were bad everytime you googled they redirected you to the ip address that showed up to the left.
How are the redirects now? my last post will have some information in if you wanted to run a hostfile.
User avatar
dan12
MRU Honors Grad Emeritus
 
Posts: 6123
Joined: March 30th, 2006, 3:22 am
Location: Leicestershire

Re: google and yahoo misdirects

Unread postby dan12 » March 24th, 2009, 2:08 pm

If you want to install a Hosts file, then using HostsXpert is the easiest way to install one.

  • Double click on HostsXpert.exe to launch the programme.
  • Check to see if top button on left hand side says Make Writable ?
    • If it does. click on it then proceed to next instruction.
    • If not, just proceed to next instruction
  • Click on the Download button (lower left hand side)
    • Click on MVPs Hosts... button.
    • Click on Replace button.
    • Press OK in the box that pops up. (HostsXpert will now download and update your Hosts file)
  • When finished.
    • Click on File Handling button.
    • Click on Make Read Only ? to secure it against infection.
  • Exit the programme.

Now post host file as you did previously.
User avatar
dan12
MRU Honors Grad Emeritus
 
Posts: 6123
Joined: March 30th, 2006, 3:22 am
Location: Leicestershire

Re: google and yahoo misdirects

Unread postby b2thej1 » March 24th, 2009, 11:57 pm

dan u rock !!!! i have been googling and yahoo searching on both browsers !!!!! :D :D :D :D :D :D
the hosts file that i replaced is too long to put here so i'm gonna try and attach it as an attachment...let me know if you get it and if its okay...should it be so long and is a host file really needed ?
b2thej1
Regular Member
 
Posts: 71
Joined: March 8th, 2009, 11:19 pm

Re: google and yahoo misdirects

Unread postby b2thej1 » March 25th, 2009, 12:05 am

part 1

# This MVPS HOSTS file is a free download from: #
# http://www.mvps.org/winhelp2002/ #
# #
# Notes: the browser does not read this "#" symbol #
# You can create your own notes, after the # symbol #
# This *must* be the first line: 127.0.0.1 localhost #
# *********************************************************#
# ---------------- Updated: March-15-2009 -----------------#
# *********************************************************#
# #
# Entries with comments are all searchable via Google. #
# #
# Disclaimer: this file is free to use for personal use #
# only. Furthermore it is NOT permitted to copy any of the #
# contents or host on any other site without permission or #
# meeting the full criteria of the below license terms. #
# #
# This work is licensed under the Creative Commons #
# Attribution-NonCommercial-ShareAlike License. #
# http://creativecommons.org/licenses/by-nc-sa/3.0/ #

127.0.0.1 localhost

#start of lines added by WinHelp2002
# [Misc A - Z]
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]
127.0.0.1 phpadsnew.abac.com
127.0.0.1 a.abnad.net
127.0.0.1 b.abnad.net
127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]
127.0.0.1 d.abnad.net
127.0.0.1 e.abnad.net
127.0.0.1 t.abnad.net
127.0.0.1 z.abnad.net
127.0.0.1 banners.absolpublisher.com
127.0.0.1 tracking.absolstats.com
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 gtb5.acecounter.com
127.0.0.1 gtb19.acecounter.com
127.0.0.1 gtcc1.acecounter.com
127.0.0.1 gtp1.acecounter.com #[eTrust.Tracking.Cookie]
127.0.0.1 wgc1.acecounter.com
127.0.0.1 acestats.com
127.0.0.1 www.acestats.com
127.0.0.1 achmedia.com
127.0.0.1 ads.active.com
127.0.0.1 am1.activemeter.com
127.0.0.1 www.activemeter.com #[eTrust.Tracking.Cookie]
127.0.0.1 ads.activepower.net
127.0.0.1 stat.active24stats.nl #[eTrust.Tracking.Cookie]
127.0.0.1 ad2games.com
127.0.0.1 ad.ad24.ru
127.0.0.1 at.ad2click.nl
127.0.0.1 cms.ad2click.nl
127.0.0.1 ads.ad2games.com
127.0.0.1 as.ad611.com
127.0.0.1 banner.ad.nu
127.0.0.1 cl21.v4.adaction.se
127.0.0.1 www.adagencypro.com
127.0.0.1 ads.adap.tv
127.0.0.1 tag1.adaptiveads.com
127.0.0.1 ff.adatoms.com #[Adware.MyCentria]
127.0.0.1 update.adatoms.com
127.0.0.1 www.adbanner.ro
127.0.0.1 vad.adbasket.net
127.0.0.1 adbard.net
127.0.0.1 web.adblade.com
127.0.0.1 ad.pop1.adbn.ru
127.0.0.1 ad.top1.adbn.ru
127.0.0.1 ad.rich1.adbn.ru
127.0.0.1 www.adblick.com
127.0.0.1 adserv.adbonus.com
127.0.0.1 www.adbonus.com
127.0.0.1 james.adbutler.de #[Tenebril.TrackingCookie]
127.0.0.1 www.adbutler.de #[SunBelt.AdButler.de]
127.0.0.1 adc2.adcentriconline.com
127.0.0.1 adcp.adcentriconline.com
127.0.0.1 bell.adcentriconline.com #[Wildcard DNS]
127.0.0.1 content.adcentriconline.com
127.0.0.1 media.adcentriconline.com
127.0.0.1 publicis.adcentriconline.com
127.0.0.1 ad-clix.com
127.0.0.1 www.ad-clix.com
127.0.0.1 adcomplete.com
127.0.0.1 www.adcomplete.com
127.0.0.1 axa.addcontrol.net #[Ewido.TrackingCookie.Addcontrol]
127.0.0.1 www.add-hhh.info #[TR/Dialer.22352.B]
127.0.0.1 ads.addynamix.com #[SpySweeper.Spy.Cookie]
127.0.0.1 e13.media.addynamix.com
127.0.0.1 www.adeos.eu
127.0.0.1 pt.server1.adexit.com
127.0.0.1 www.adexit.com
127.0.0.1 www.ad4ever.com
127.0.0.1 track.adform.net
127.0.0.1 ads.adfox.ru
127.0.0.1 gazeta.adfox.ru
127.0.0.1 www.adgroups.net
127.0.0.1 www.ad-groups.com #[Ban Man Pro Banner Code]
127.0.0.1 host1.adhese.be #[Adhese Datamine Tag]
127.0.0.1 host2.adhese.be
127.0.0.1 host3.adhese.be #[ad.be.doubleclick.net]
127.0.0.1 host4.adhese.be
127.0.0.1 ads.adhsm.adhese.com
127.0.0.1 pool.adhsm.adhese.com
127.0.0.1 ssl3.adhost.com
127.0.0.1 www2.adhost.com
127.0.0.1 mztag.ad-indicator.com
127.0.0.1 zone10.adicate.com
127.0.0.1 adfarm1.adition.com
127.0.0.1 imagesrv.adition.com
127.0.0.1 ad.adition.net
127.0.0.1 hosting.adjug.com
127.0.0.1 tracking.adjug.com
127.0.0.1 adsearch.adkontekst.pl
127.0.0.1 community.adlandpro.com #[Ad-Aware Tracking.Cookie]
127.0.0.1 pk.adlandpro.com
127.0.0.1 te.adlandpro.com #[eTrust.Tracking.Cookie]
127.0.0.1 trafficex.adlandpro.com
127.0.0.1 www.adlandpro.com #[Ad-Aware Tracking.Cookie]
127.0.0.1 whip.adlash.com
127.0.0.1 publicidad.adlead.com
127.0.0.1 www.adlimg03.com
127.0.0.1 classic.adlink.de
127.0.0.1 regio.adlink.de
127.0.0.1 west.adlink.de
127.0.0.1 rc.de.adlink.net #[eTrust.Tracking.Cookie]
127.0.0.1 tr.de.adlink.net
127.0.0.1 ads3.adman.gr #[eTrust.Tracking.Cookie]
127.0.0.1 r2d2.adman.gr
127.0.0.1 js.admeld.com
127.0.0.1 tag.admeld.com
127.0.0.1 admigo.ru
127.0.0.1 data.admigo.ru
127.0.0.1 www.adminder.com #[SpySweeper.Spy.Cookie]
127.0.0.1 apps.admission.net #[Spotlight Ads]
127.0.0.1 appcache.admission.net
127.0.0.1 view.admission.net
127.0.0.1 rms.admeta.com #[admeta.basefarm.net][eTrust.Tracking.Cookie]
127.0.0.1 ads.admodus.com #[eTrust.Tracking.Cookie]
127.0.0.1 ad.adnet.biz #[eTrust.Tracking.Cookie]
127.0.0.1 ad.adnetwork.com.br
127.0.0.1 adnext.fr
127.0.0.1 adpixel.com.ru
127.0.0.1 tt11.adobe.com #[adobe.tcliveus.com]
127.0.0.1 agoraua.adocean.pl
127.0.0.1 s1.ad.adocean.pl #[Ewido.Tracking.Cookie]
127.0.0.1 s1.advicepl.adocean.pl
127.0.0.1 s1.centrumcz.adocean.pl #[eTrust.Tracking.Cookie]
127.0.0.1 s1.cz.adocean.pl
127.0.0.1 s1.czgde.adocean.pl
127.0.0.1 s1.gg.adocean.pl
127.0.0.1 s1.gojobsru.adocean.pl
127.0.0.1 s1.idg.adocean.pl
127.0.0.1 s1.my.adocean.pl
127.0.0.1 s1.myao.adocean.pl
127.0.0.1 s1.pracuj.adocean.pl
127.0.0.1 s1.skgde.adocean.pl
127.0.0.1 s2.ad.adocean.pl
127.0.0.1 ad01.adonspot.com
127.0.0.1 ad02.adonspot.com
127.0.0.1 www.adplz.com
127.0.0.1 ab.adpro.com.ua
127.0.0.1 system.adquick.nl
127.0.0.1 www.adquest.nl
127.0.0.1 www.adreap.com #[Parking Service]
127.0.0.1 adx.adrenaline.cz
127.0.0.1 adroll.com
b2thej1
Regular Member
 
Posts: 71
Joined: March 8th, 2009, 11:19 pm

Re: google and yahoo misdirects

Unread postby b2thej1 » March 25th, 2009, 12:09 am

part 2...

27.0.0.1 c.adroll.com
127.0.0.1 www.adsforindians.com
127.0.0.1 www.adranking.de
127.0.0.1 www.adreporting.com #[SunBelt.Adreporting.com]
127.0.0.1 cntr.adrime.com
127.0.0.1 images.adrime.com #[Adsolutions]
127.0.0.1 ad.adriver.ru
127.0.0.1 www.adrotate.net
127.0.0.1 serv.ad-rotator.com #[SpySweeper.Spy.Cookie]
127.0.0.1 ad.ads8.com
127.0.0.1 vip.ads8.com
127.0.0.1 www.ads183.com
127.0.0.1 ads2stats.com
127.0.0.1 antevenio.flux.ads-click.com
127.0.0.1 www.advpoints.com
127.0.0.1 acnetwork.flux.acsyndication.com
127.0.0.1 img.ads-click.com
127.0.0.1 ad.ads.dk
127.0.0.1 tdkads.ads.dk
127.0.0.1 js.adscale.de
127.0.0.1 ih.adscale.de
127.0.0.1 www.adsentra.com
127.0.0.1 www.adservtech.com
127.0.0.1 adservicedomain.info
127.0.0.1 adsfac.net #[Facilitate Tracking Code]
127.0.0.1 images.adshuffle.com
127.0.0.1 this.content.served.by.adshuffle.com
127.0.0.1 adsfac.eu
127.0.0.1 www.adshot.de
127.0.0.1 network.adsmarket.com
127.0.0.1 allchix.adsmax.com
127.0.0.1 www2.adsmax.com
127.0.0.1 www.adsodainteractive.com
127.0.0.1 www.adspace.be
127.0.0.1 ads.adsponse.de
127.0.0.1 adserve.adster.com
127.0.0.1 images.adster.com
127.0.0.1 www.adstreamsupply.com
127.0.0.1 o.adtargeter.com
127.0.0.1 openx.adtext.ro
127.0.0.1 ads.adtiger.de
127.0.0.1 www.adtiger.de
127.0.0.1 ads.adgoto.com
127.0.0.1 ad.adtoma.com
127.0.0.1 downldcl.adtoolsinc.com
127.0.0.1 www.adtoolsinc.com
127.0.0.1 adtrade.ro
127.0.0.1 www.adtrade.ro
127.0.0.1 www.adtrade.net
127.0.0.1 www.adtrader.com
127.0.0.1 adtraf.ru
127.0.0.1 ads.adtube.de
127.0.0.1 adultadmoney.com
127.0.0.1 www.adultadmoney.com
127.0.0.1 ad.adver.com.tw
127.0.0.1 ads.advertise.net
127.0.0.1 www.advertisingstats.com
127.0.0.1 advertisingpurchase.com
127.0.0.1 ad.adverticum.net
127.0.0.1 img.adverticum.net
127.0.0.1 imgs.adverticum.net
127.0.0.1 www.advertising365.com
127.0.0.1 ad.advertstream.com
127.0.0.1 images.adviews.de
127.0.0.1 www.adviews.de
127.0.0.1 www.traf.advscripts.com
127.0.0.1 ad.adworx.at
127.0.0.1 www.ad-z.de
127.0.0.1 aeoworld.de
127.0.0.1 www.aeoworld.de #[W32/WMF-exploit]
127.0.0.1 hits.affiliatetraction.com
127.0.0.1 banners.affilimatch.de
127.0.0.1 tracker.affistats.com #[msvrl.dll]
127.0.0.1 adz.afterdawn.net
127.0.0.1 stats.agent.co.il
127.0.0.1 rmbannerserver.agestado.com.br
127.0.0.1 stats.agentinteractive.com
127.0.0.1 d.aggregateknowledge.com
127.0.0.1 ads.airamerica.com
127.0.0.1 adserver.akqa.net #[Ad-Aware Tracking.Cookie]
127.0.0.1 download.alexa.com #[Trackware.Alexa][SPYW_ALEXA.A]
127.0.0.1 certify.alexametrics.com
127.0.0.1 download.china.alibaba.com #[Adware.AlibabaTB][AdWare.ToolBar.Alibabar.b]
127.0.0.1 acookie.alimama.com
127.0.0.1 tracking.allposters.com
127.0.0.1 ad.allstar.cz
127.0.0.1 network.alluremedia.com.au
127.0.0.1 adtaobao.allyes.cn
127.0.0.1 taobaoafp.allyes.cn
127.0.0.1 bokee.allyes.com
127.0.0.1 demoafp.allyes.com
127.0.0.1 eastmoney.allyes.com
127.0.0.1 smarttrade.allyes.com
127.0.0.1 sroomafp.allyes.com
127.0.0.1 taobaoafp.allyes.com
127.0.0.1 tom.allyes.com
127.0.0.1 uuseeafp.allyes.com
127.0.0.1 yeskyafp.allyes.com
127.0.0.1 www.almondnetworks.com
127.0.0.1 www.almoso3h.com #[Trojan-PSW.Win32.VB.cl]
127.0.0.1 www.alsaloumainvestment.com #[Win32/SpamTool.Gadina]
127.0.0.1 www11.alsto.com #[WebBug.eluminate]
127.0.0.1 ad.altervista.org
127.0.0.1 pqwaker.altervista.org
127.0.0.1 bantam.ai.net
127.0.0.1 fiona.ai.net
127.0.0.1 adimg.alice.it
127.0.0.1 adv.alice.it
127.0.0.1 altmedia101.com
127.0.0.1 adserver.alt.com
127.0.0.1 count1.altastat.com
127.0.0.1 feed1.altastat.com
127.0.0.1 www.alwayson-network.com
127.0.0.1 ads.amdmb.com
127.0.0.1 widgets.amung.us
127.0.0.1 whos.amung.us #[WebBug]
127.0.0.1 dynamic1.anandtech.com
127.0.0.1 dynamic2.anandtech.com
127.0.0.1 advert.ananzi.co.za
127.0.0.1 advert2.ananzi.co.za
127.0.0.1 adserver.ancestry.com #[RealMedia]
127.0.0.1 adserver04.ancestry.com #[RealMedia]
127.0.0.1 box.anchorfree.net
127.0.0.1 www.andyhoppe.com
127.0.0.1 www.antarasystems.com
127.0.0.1 www.anticlown.com
127.0.0.1 ads.antionline.com
127.0.0.1 junior.apk.net
127.0.0.1 ads.applinet.nl
127.0.0.1 arank.com
127.0.0.1 ad2.arbocontext.ro
127.0.0.1 nu.arnostat.nl
127.0.0.1 banner.arttoday.com
127.0.0.1 ads.asia1.com.sg
127.0.0.1 asimpleinternet.com #[Tenebril.SpecialOffers]
127.0.0.1 www.asimpleinternet.com
127.0.0.1 ads.ask.com #[sv-click.looksmart.com]
127.0.0.1 contextual.syndication.ask.com
127.0.0.1 www.asknew.com #[Spamdexing]
127.0.0.1 ads.asp.net
127.0.0.1 ads.aspalliance.com
127.0.0.1 www.astoplist.com
127.0.0.1 ads.associatedcontent.com
127.0.0.1 www.ati-etailer.de
127.0.0.1 ads.auctionads.com
127.0.0.1 audiogalaxy.com
127.0.0.1 www.audiogalaxy.com
127.0.0.1 banners.audioholics.com
127.0.0.1 ads.auctioncity.co.nz
127.0.0.1 rotabanner.auto.ru
127.0.0.1 ads.autotrader.co.za
127.0.0.1 adserving.autotrader.com #[SunBelt.AdServing.AutoTrader.com]
127.0.0.1 avantlink.com
b2thej1
Regular Member
 
Posts: 71
Joined: March 8th, 2009, 11:19 pm

Re: google and yahoo misdirects

Unread postby b2thej1 » March 25th, 2009, 12:14 am

part 3...

127.0.0.1 www.avantlink.com
127.0.0.1 www.avsads.com
127.0.0.1 rev.avsforum.com
127.0.0.1 engine.awaps.net
127.0.0.1 charstam.awardspace.info #[JS/TrojanClicker.Agent.NAA]
127.0.0.1 analytics.aweber.com
127.0.0.1 b3a70b.t.axf8.net
127.0.0.1 caea4e.r.axf8.net
127.0.0.1 caea4e.t.axf8.net
127.0.0.1 fdff44.r.axf8.net
127.0.0.1 fdff44.t.axf8.net
127.0.0.1 axload.to #[Adware.Webprefix][Trojan.Downloader.6588.E]
127.0.0.1 valid.axload.to
# [B]
127.0.0.1 ads.badische-zeitung.de
127.0.0.1 bar.baidu.com #[Win32/Adware.Toolbar.Baidu][Sophos.JS/BDHelper-A]
127.0.0.1 download.baigoo.com #[AdWare.Win32.Baigoo.a][Trackware.Baigoo]
127.0.0.1 www.baltictop.com
127.0.0.1 error.banan.cz
127.0.0.1 adsrv.bankrate.com
127.0.0.1 adserver.banneradministration.com
127.0.0.1 www.bannerbox.cn
127.0.0.1 bannerboxes.com #[BannerBoxes Ad Code]
127.0.0.1 clicks.bannerboxes.com
127.0.0.1 feeds.bannerboxes.com
127.0.0.1 www.bannerboxes.com
127.0.0.1 www.banner-exchange.nl
127.0.0.1 www.bannergratis.it
127.0.0.1 ad.bannerhost.ru
127.0.0.1 banners.bannerlandia.com.ar
127.0.0.1 www.bannermanagement.nl
127.0.0.1 www.banner-rotation.com
127.0.0.1 www.bannerspace.com
127.0.0.1 www3.bannerspace.com #[SpySweeper.Spy.Cookie]
127.0.0.1 www5.bannerspace.com
127.0.0.1 www6.bannerspace.com
127.0.0.1 www7.bannerspace.com #[Tenebril.Tracking.Cookie]
127.0.0.1 banners.bariloche.org
127.0.0.1 ads.vg.basefarm.net #[RealMedia]
127.0.0.1 ad.batanga.com
127.0.0.1 ads.baz.ch
127.0.0.1 ad16.bb.ru
127.0.0.1 ad2.bbmedia.cz
127.0.0.1 adidnes2.bbmedia.cz
127.0.0.1 bbeplayer.com #[WebBug]
127.0.0.1 stat.bdirect.ru
127.0.0.1 ad.beepworld.de
127.0.0.1 autocontext.begun.ru
127.0.0.1 promo.begun.ru
127.0.0.1 referal.begun.ru
127.0.0.1 www.belstat.be
127.0.0.1 www.belstat.com
127.0.0.1 www.belstat.nl
127.0.0.1 oas.benchmark.fr #[RealMedia]
127.0.0.1 bestinshowjewelry.com #[HTML/TrojanDownloader.Agent.BP]
127.0.0.1 www.bestinshowjewelry.com
127.0.0.1 webtrends.besite.be
127.0.0.1 www.bestofferdirect.com
127.0.0.1 www.besttoolbars.net #[ADW_TBARWIN32.A]
127.0.0.1 www.best-top.ro
127.0.0.1 ads.betanews.com
127.0.0.1 banner.betfred.com
127.0.0.1 cmss.bettersex.com #[WebBug.eluminate]
127.0.0.1 www.bettertextads.com
127.0.0.1 stats.big-boards.com
127.0.0.1 bighop.com
127.0.0.1 ad0.bigmir.net
127.0.0.1 ad1.bigmir.net
127.0.0.1 ad4.bigmir.net
127.0.0.1 ad5.bigmir.net
127.0.0.1 ad6.bigmir.net
127.0.0.1 ad7.bigmir.net
127.0.0.1 adi.bigmir.net
127.0.0.1 c.bigmir.net #[SecuritySpace.WebBug]
127.0.0.1 i.bigmir.net
127.0.0.1 bigtracker.com
127.0.0.1 bighits.net
127.0.0.1 bounty.bighits.net
127.0.0.1 www.bighits.net
127.0.0.1 counter.bigli.ru
127.0.0.1 banex.bikers-engine.com
127.0.0.1 ad2.billboard.cz
127.0.0.1 bill-support.com
127.0.0.1 bin-layer.ru
127.0.0.1 adserver.bizhat.com
127.0.0.1 dc.bizjournals.com
127.0.0.1 server2.bkvtrack.com
127.0.0.1 ads2.blastro.com
127.0.0.1 ads3.blastro.com
127.0.0.1 ads4.blastro.com
127.0.0.1 blatsnarf.net
127.0.0.1 ads.blick.ch
127.0.0.1 streamstats1.blinkx.com
127.0.0.1 ads.blizzard.com
127.0.0.1 ads.blog.com
127.0.0.1 tracker.blogbeat.net
127.0.0.1 blogcounter.com
127.0.0.1 ads.blogdrive.com
127.0.0.1 mapstats.blogflux.com
127.0.0.1 topsites.blogflux.com
127.0.0.1 ad.blogged.com
127.0.0.1 pcbutts1-therealtruth.blogspot.com
127.0.0.1 t.blogreaderproject.com #[WebBug]
127.0.0.1 www.blogtoplist.com
127.0.0.1 ads.bloodhorse.com
127.0.0.1 adserver.bloodhorse.com
127.0.0.1 core.bluefly.com #[WebBug.eluminate]
127.0.0.1 blogmark.bokee.com #[Adware.BocaiToolbar]
127.0.0.1 track.blogcounter.de
127.0.0.1 www.blogcounter.de
127.0.0.1 ads.blogherads.com
127.0.0.1 www3.bloomingdales.com #[WebBug.eluminate]
127.0.0.1 blueadvertise.com #[Google.Diagnostic]
127.0.0.1 adserver2.blueadvertise.com
127.0.0.1 cbpublishing.blueadvertise.com
127.0.0.1 creditburner.blueadvertise.com
127.0.0.1 adserver.bluewin.ch
127.0.0.1 www.blvdstatus.com
127.0.0.1 ie-stat.bmmetrix.com
127.0.0.1 t.bmmetrix.com
127.0.0.1 www.bmmetrix.com #[WebBug][Tracking.Cookie]
127.0.0.1 ads.boardtracker.com
127.0.0.1 ranks.boardtracker.com
127.0.0.1 ad.bodybuilding.com
127.0.0.1 adimage.bokee.com
127.0.0.1 ad.bol.bg
127.0.0.1 adv.bol.bg
127.0.0.1 ads.bomis.com
127.0.0.1 banners.bookmaker.com
127.0.0.1 ccc.boolans.com #[Adware.Rugo]
127.0.0.1 err.boom.ru
127.0.0.1 www.borlander.com.cn #[ADSPY/Boran.X.19.C]
127.0.0.1 adc.brandreachsys.com
127.0.0.1 bans.bride.ru
127.0.0.1 ads.bridgetrack.com
127.0.0.1 cc.bridgetrack.com
127.0.0.1 citi.bridgetrack.com #[Ad-Aware.Tracking.Cookie]
127.0.0.1 citi.bridgetrack.com.edgesuite.net
127.0.0.1 rccl.bridgetrack.com #[MVPS.Criteria]
127.0.0.1 goku.brightcove.com #[WebBug]
127.0.0.1 adsrv2.brownpride.com
127.0.0.1 www.browserplugin.com #[HJTH.EroticAccess][wobz.de]
127.0.0.1 bsdpng.info
127.0.0.1 btbilgisayarkursu.com #[Win32/TrojanDownloader.Small.AWA]
127.0.0.1 www.btbilgisayarkursu.com #[Win32/TrojanDownloader.Small.AWA]
127.0.0.1 www.bulletads.com
127.0.0.1 bullz-eye-ads.com
127.0.0.1 bunnezone.com #[Win32/Jep.Russ]
127.0.0.1 ad1.bustcash.com
127.0.0.1 www.buycheapadvertising.com
127.0.0.1 s3.buysellads.com
127.0.0.1 stats.buysellads.com
127.0.0.1 txads.buzzcity.com
127.0.0.1 www.buzzclick.com
127.0.0.1 adnetwork.buzzlogic.com
127.0.0.1 tr.buzzlogic.com
127.0.0.1 byet.org
127.0.0.1 tracking.byindia.com
127.0.0.1 www.byip.cn #[Google.Warning]
127.0.0.1 blog.byethost.com
# [C]
127.0.0.1 ads.calgarystampede.com
127.0.0.1 www.cambodiaoutsourcing.com
127.0.0.1 ads.canalblog.com
127.0.0.1 stats.canalblog.com
127.0.0.1 ads.caniamedia.com
127.0.0.1 ad.caradisiac.com
127.0.0.1 ads.cardplayer.com
127.0.0.1 ads.cars.com
127.0.0.1 images.cashfiesta.com #[AdWare.CashFiesta.a]
127.0.0.1 www.cashfiesta.com #[McAfee.Adware-CashFiesta]
127.0.0.1 www.cashfiesta.net
127.0.0.1 banner.casinoking.com #[AdWare.Win32.Casino.ae]
127.0.0.1 cativern.com
127.0.0.1 www.cbproads.com
127.0.0.1 ads.cbtopsites.com
127.0.0.1 www.cd321.com
127.0.0.1 ads.cdfreaks.com #[eTrust.Ads.cdfreaks]
127.0.0.1 cetrk.com #[Crazy Egg]
127.0.0.1 adserver.cducinema.com
127.0.0.1 cts.channelintelligence.com #[switch.atdmt.com]
127.0.0.1 chapmanmediagroup.com
127.0.0.1 www.champrank.de
127.0.0.1 count.channeladvisor.com
127.0.0.1 abc.checkm8.com
127.0.0.1 ny.checkm8.com
127.0.0.1 rmm1u.checkm8.com
127.0.0.1 txmonthly.checkm8.com
127.0.0.1 web.checkm8.com #[CHECKM8 AD TAGS]
127.0.0.1 web2.checkm8.com
127.0.0.1 ads.checkm8.co.za
127.0.0.1 checkmystats.com.au
127.0.0.1 ads.china.com
127.0.0.1 ad.chip.de
127.0.0.1 chromet.com #[Win32/Agent.ETH]
127.0.0.1 ad.cibleclick.com #[eTrust.Cibleclick]
127.0.0.1 www.cibleclick.com #[Ad-Aware.Tracking.Cookie]
127.0.0.1 www.classicequipment.com #[Google.Warning]
127.0.0.1 board.classifieds1000.com

let me know if you want or need to see more....do i really need a host file...before i replaced it the computer seemed to work ok or was i just imagining ?
b2thej1
Regular Member
 
Posts: 71
Joined: March 8th, 2009, 11:19 pm

Re: google and yahoo misdirects

Unread postby dan12 » March 25th, 2009, 5:46 pm

Some useful reading here on the host file.
please remove the following.

SystemLook
GMER
RootRepeal
BOOTLOG
Rooter.exe


let me know when done
User avatar
dan12
MRU Honors Grad Emeritus
 
Posts: 6123
Joined: March 30th, 2006, 3:22 am
Location: Leicestershire

Re: google and yahoo misdirects

Unread postby b2thej1 » March 26th, 2009, 12:43 am

dan...great info on the hostfile...i noticed that most of the ads were stopped by ie and firefox...then after reading the
hostfile info i know why- they were redirected...how ironic...great protection...thx !!!!!

i removed system look, gmer, and rooter exe...i couldn't find root repeal and bootlog.
b2thej1
Regular Member
 
Posts: 71
Joined: March 8th, 2009, 11:19 pm

Re: google and yahoo misdirects

Unread postby b2thej1 » March 26th, 2009, 1:06 am

i did a search and found root repeal which i deleted but still unable to find bootlog.

thx, b2thej1 :D
b2thej1
Regular Member
 
Posts: 71
Joined: March 8th, 2009, 11:19 pm

Re: google and yahoo misdirects

Unread postby b2thej1 » March 26th, 2009, 1:22 am

dan 12

U ROCK !!!!! THANKS A MILLION I APPRECIATE EVERYTHING YOU DID AND AM SO VERY GRATEFUL !!!!!!!

b2thej1
:colors: :D :D :D :D :lol: :lol: :lol: :lol:
b2thej1
Regular Member
 
Posts: 71
Joined: March 8th, 2009, 11:19 pm

Re: google and yahoo misdirects

Unread postby dan12 » March 26th, 2009, 3:41 am

CLEAN UP
Let's clear out the programs we've been using to clean up your computer, they are not suitable for general malware removal and could cause damage if used inappropriately.
Any logs you saved you may now delete.
Programs I had you download, ATF, good little application you can put in your toolbox,malwarebytes don't forget to update before running any scans.

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



  • Double-click OTMoveIt3.exe. (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator")
  • Click the CleanUp! button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes, if not delete it by yourself.


  • Click on START - RUN and type in MSCONFIG go to the BOOT.INI tab and un check by /BOOTLOG
  • Click on OK and you will be prompted to RESTART Windows. Please do restart now.

Let me know when you have done above and all went ok.
dan
User avatar
dan12
MRU Honors Grad Emeritus
 
Posts: 6123
Joined: March 30th, 2006, 3:22 am
Location: Leicestershire
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 289 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware