Google Redirect, Gmail, and Blogger problems

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

mb123

Thread Starter
Joined
Jan 18, 2011
Messages
6
Hello there, I'm having some issues with my internet and I just might punch someone (ok, kidding :cool:). I had a trojan infect my laptop a few weeks ago, and malwarebytes took care of that, but I am still having this problem (been like 2 weeks?) with the google redirecting, gmail not opening at all, and blogger not opening at all. Very annoying (error: The connection to www.google.com was interrupted while the page was loading).

I've tried AVG, McAfee (my normal security I use), Malwarebytes, and Hitman Pro.

I did everything that was requested, and those are attached, but I'm thinking the GMER didn't do as it was supposed to (it errored after scanning for about 25 minutes saying "GMER hasn't found any system modification) I included an empty ark.txt file just for the fun of it (y).

Let me know what I need to to fix the GMER, and then I would really appreciate any help! I know you all do this by volunteering, and that's awesome, I will be so thankful if I can just.get.this.thing.to.go.AWAY! Have a good evening, and look forward to hearing from you!
 

Attachments

mb123

Thread Starter
Joined
Jan 18, 2011
Messages
6
Yes, McAfee is my normal security software I use, but I uninstalled it to try AVG to get rid of this virus - AVG wouldn't let me install unless my other security software was uninstalled.
 

kevinf80

Kevin
Malware Specialist
Joined
Mar 21, 2006
Messages
11,447
Hiya mb123

You have remnants of McAfee still installed, also your Hosts file appears to be infected, as follows please :-

Please download OTM by OldTimer.
Alternative Mirror
Save it to your desktop.
Double click OTM.exe to start the tool. Vista or Windows 7 users right click and select Run as Administrator
  • Copy the text between the dotted lines below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    -------------------------------------------------------------------

    :Files
    ipconfig /flushdns /c
    C:\Windows\System32\drivers\mfeavfk.sys
    C:\Windows\System32\drivers\mferkdk.sys
    C:\Windows\System32\drivers\mfesmfk.sys
    :Services
    mfeavfk
    mferkdk
    mfesmfk
    :Commands
    [EmptyFlash]
    [Purity]
    [EmptyTemp]
    [ResetHosts]

    ---------------------------------------------------------------------
  • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red
    button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTM

Post the log from OTM, let me know if the re-directs have stopped.

Kevin
 

mb123

Thread Starter
Joined
Jan 18, 2011
Messages
6
I just might fly over to wherever you are and give you a big ole hug. Seriously, just made my day. I see my gmail and tried several google searches that I know redirected me in the past, and no redirecting! I did see that firefox blocked a redirect when I went to blogger, not sure what that was about, but it blocked it so I guess that's good.

My OTM blurb:

All processes killed
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Melissa\Desktop\cmd.bat deleted successfully.
C:\Users\Melissa\Desktop\cmd.txt deleted successfully.
File/Folder C:\Windows\System32\drivers\mfeavfk.sys not found.
File/Folder C:\Windows\System32\drivers\mferkdk.sys not found.
File/Folder C:\Windows\System32\drivers\mfesmfk.sys not found.
========== SERVICES/DRIVERS ==========
Service mfeavfk stopped successfully!
Service mfeavfk deleted successfully!
Service mferkdk stopped successfully!
Service mferkdk deleted successfully!
Service mfesmfk stopped successfully!
Service mfesmfk deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Melissa
->Temp folder emptied: 8067920 bytes
->Temporary Internet Files folder emptied: 253585521 bytes
->Java cache emptied: 2397065 bytes
->FireFox cache emptied: 45303082 bytes
->Flash cache emptied: 2705 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 35163 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50199 bytes
RecycleBin emptied: 9538222 bytes

Total Files Cleaned = 304.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTM by OldTimer - Version 3.1.17.2 log created on 01222011_091039

Files moved on Reboot...
C:\Users\Melissa\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Melissa\AppData\Local\Mozilla\Firefox\Profiles\fjsehxfd.default\Cache\_CACHE_001_ moved successfully.
C:\Users\Melissa\AppData\Local\Mozilla\Firefox\Profiles\fjsehxfd.default\Cache\_CACHE_002_ moved successfully.
C:\Users\Melissa\AppData\Local\Mozilla\Firefox\Profiles\fjsehxfd.default\Cache\_CACHE_003_ moved successfully.
C:\Users\Melissa\AppData\Local\Mozilla\Firefox\Profiles\fjsehxfd.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Melissa\AppData\Local\Mozilla\Firefox\Profiles\fjsehxfd.default\urlclassifier3.sqlite moved successfully.
C:\Users\Melissa\AppData\Local\Mozilla\Firefox\Profiles\fjsehxfd.default\XPC.mfl moved successfully.
C:\Users\Melissa\AppData\Local\Mozilla\Firefox\Profiles\fjsehxfd.default\XUL.mfl moved successfully.

Registry entries deleted on Reboot...
 

kevinf80

Kevin
Malware Specialist
Joined
Mar 21, 2006
Messages
11,447
All hugs are accepted, you just fly to the UK and lay them on me...

  • Re-open Malwarebytes and check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Post the log from Malwarebytes quick scan, also let me know if there are any remaining issues.

Kevin
 

mb123

Thread Starter
Joined
Jan 18, 2011
Messages
6
I guess there wasn't any results to show, or remove...I didn't see any anyways.

As for remaining issues, I think I just might be cured!!

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5570

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

1/22/2011 9:34:32 AM
mbam-log-2011-01-22 (09-34-32).txt

Scan type: Quick scan
Objects scanned: 166469
Time elapsed: 2 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
 

kevinf80

Kevin
Malware Specialist
Joined
Mar 21, 2006
Messages
11,447
OK, just surf about and use as normal for a couple of hours or so, if all is OK come and let me know. You can mark thread as solved once you are confident your system is responding normally,

Kevin
 

mb123

Thread Starter
Joined
Jan 18, 2011
Messages
6
Kevin,

Looks like I'm good to go, thank you SOOO much for your help. I really appreciate it. You guys are awesome.

I'll marked this solved :D

Thanks again,

Melissa
 

kevinf80

Kevin
Malware Specialist
Joined
Mar 21, 2006
Messages
11,447
Hiya Melissa,

Good to hear all is ok, one last task for you. Re-open OTM and hit the Clean up tab, follow the prompts and re-boot if requested. It will remove tools we may have used, also itself.

Take care,

Kevin
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top