Google redirect virus

February 25, 2009 at 23:37:29
Specs: Windows XP
Every time I tried to open up a link from either google or yahoo I was redirected to a different site. I tried using malwarebytes, which found like 25 malware, but now I can't even connect to the internet. I'm using a router. I don't know much about computers in general, so if you need any more information I'll try to provide it. Thanks

See More: Google redirect virus

Report •


#1
February 26, 2009 at 01:06:00
Firstly check the simple stuff like is your router turned on, did i pay the internet bill, is there a connection to the router from my computer....? You'll be surprised how easy it is to miss the simple stuff.

Try loading a restore point. Loading restore points doesnt get rid of malware however it does 'reload' system settings that could have been effected by the malware. So this could bring your computer to a state previously were your settings for the internet were ok.

If that doesnt work try loading safe mode with networking (f8 before the windows loading screen) and getting on the internet through there to download windows defender. There is a trick to install it under safe mode in this post or download it and install it under your normal login out of safe mode. Scan with defender and your other malware software also try and get your hands on some software to clean your registry.


Report •

#2
February 26, 2009 at 10:42:24
"Try loading a restore point. Loading restore points doesnt get rid of malware"

That's correct and if you are wondering, System Restore does not reload Malware. Like Stephen said, it just reloads system settingts.


Report •

#3
February 26, 2009 at 15:50:30
I tried restoring but it said no changes were made since the restore point. Also, I removed the spyware with Malwarebytes, and after that the internet wouldn't connect.

Report •

Related Solutions

#4
February 27, 2009 at 15:55:16
Can anybody please help?

Report •

#5
February 27, 2009 at 17:09:22
"System Restore does not reload Malware. Like Stephen said, it just reloads system settings."

Not quite true. It's a well known fact that virii often hide in System Restore. That's why it's always a good idea to turn off System Restore, before removing malware. Be sure to turn it back on, once the machine is clean of malware.

As for the internet connection problem, it's more than likely a corrupted winsock setting. For more information (and a fix) go to http://windowsxp.mvps.org/winsock.htm.

Please let us know if you found someone's advice to be helpful.


Report •

#6
February 27, 2009 at 18:11:05
Have you tried booting into safe mode with networking(restart pc and before loading windows comes up, press and hold F8 key)? If that works and you can get to the internet, download and install Avast anti-virus and say yes to the boot scan and see what that comes up with. Avast scans the system restore folders during the boot scan.

Silence is golden but duct tape is silver


Report •

#7
March 2, 2009 at 22:11:41
Hey guys,

Tried loading in safe mode and it still wouldn't connect. I'm pretty sure something must have been removed when I used malwarebytes, but I don't know.


Report •

#8
March 3, 2009 at 02:48:16
"Can anybody please help?"

I tried, but it seems you disregarded my post.

Did you even try the winsock fix from the link I provided in response number 5?

Oh well, I guess I can give you one more chance to heed my advice......

Direct link to the fix (without the reading material):
http://www.snapfiles.com/get/winsoc...

Try the fix. It might be as simple as that.

Else, you could try opening a command prompt, typing "netsh winsock reset catalog" (without the quotes), and press Enter.

This is, in fact, a common problem, often encountered after removal of malware.

Please let us know if you found someone's advice to be helpful.


Report •

#9
March 3, 2009 at 10:29:51
Does IE show the site is a security threat and asks if you want to continue and if you choose yes IE closes?

I had that on Sunday but Avast came out with an update pretty quickly which made short work of the issue.

The culprit was sitting in Doc and Settings, User folder, Google folder.

HTH
Bryan


Report •

#10
March 3, 2009 at 16:22:27
Sci-Guy: Sorry to have seemed prudent, no I didn't try your suggestion (couldn't understand). I just used winsockfix and it didn't help, neither did that command line.

Bryco: No, it doesn't say it's a security threat. What happens is that the little logo in the corner says there's a connection, but when I open up IE it doesn't load any pages because it says it can't connect.


Report •

#11
March 3, 2009 at 16:36:26
From start>run, type in cmd and click ok. Type in the command "ipconfig/all > c:\ip.txt" at the command prompt without the quotes. Open the file ip.txt on your c: drive and post the results.

Silence is golden but duct tape is silver


Report •

#12
March 9, 2009 at 18:51:05

Windows IP Configuration

Host Name . . . . . . . . . . . . : Basement2
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.or.comcast.net

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection
Physical Address. . . . . . . . . : 00-13-20-46-9D-8C

Ethernet adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.or.comcast.net
Description . . . . . . . . . . . : D-Link AirPlus G DWL-G510 Wireless PCI Card
Physical Address. . . . . . . . . : 00-0F-3D-60-E9-8F
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.0.100
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
Lease Obtained. . . . . . . . . . : Monday, March 09, 2009 6:12:56 PM
Lease Expires . . . . . . . . . . : Monday, March 16, 2009 6:12:56 PM

Report •

#13
March 10, 2009 at 15:50:17
Your getting an ip address and everything is being assigned as it should. From the same command prompt you got the ip info from, enter the command "ping 192.168.0.1" and see if you get a reply or not. Next try doing a "ping google.com" and see if you get a reply.

Locate the hosts file in C:\WINDOWS\system32\drivers\etc and open it with notepad, are there any other entries then 127.0.0.1 localhost?

Do you have any firewall software running? Have you tried your wired connection to see if it gets to the internet?

Silence is golden but duct tape is silver


Report •

#14
March 11, 2009 at 17:00:59
When I entered ping 192.168.01 there was a reply, same with ping google.com.

There are no other entries

I have McAfee running firewall. The wired connection does have access to then internet.


I did something yesterday, and now I can get to my homepage, yahoo, but no images are downloaded. And I can’t connect to any other website.


Report •

#15
March 11, 2009 at 17:17:20
Your connection to the router and out to the internet is there so try temporarily disabling the firewall and see if you can connect to the web. I'm assumming your using Internet explorer?

Silence is golden but duct tape is silver


Report •

#16
March 11, 2009 at 17:32:37
Turned firewall off and still nothing. Yeah I'm using internet explorer

Report •

#17
March 22, 2009 at 21:01:59
Sci-guy if you are going to quote me get it right when you do hey.

Report •


Ask Question