InterviewSolution
Saved Bookmarks
InterviewSolution
| 1. |
Solve : Google redirect problem? |
|
Answer» You can use this tool to remove McAfee.
•Click the button. •Accept any security warnings from your browser. •Check •Push the Start button. •ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. •When the scan completes, push •Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next REPLY. •Push the button. •Push A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt Dave, I ran the ESET OnlineScanner and no threats were found. It took about four hours to scan my system's seventy thousand files. My observations of my current system status: my system does not have the redirect problem and I have sound thanks to your directions to remedy those problems. However, I think I still have some less serious issues regarding connection. During the mid-afternoon portion of the day (between about 2pm and 5pm) and mid-evening (about 7pm to 9pm) I have problems connecting to the Internet or, while on the Internet during those time periods, my system is so slow it seems as though my machine has locked up. I think this might be a problem with the Internet service provider (Earthlink) because my wife's computer, with whom I share that service via a wireless connection, has a similar problem but her's is not as severe. Also, I think some of my connection problem might be caused by my wireless network connection (Trendnet to Linksys router) since the signal STRENGTH changes occasionally; the signal strength is not steady since it changes from excellent or good to average on occasion. Additionally, I think an icon in the system tray on my computer is indicating intermittent or loss of wireless network connection when the wave symbol, that normally lights up periodically (white color to green color) next to the monitor symbol, either freezes in the on position (green light) or fails to light (white color). Any suggestions? What do I do next? I'm interested in making sure all viruses and malware have been removed from my system. I do appreciate all your help; my improved Internet experience due to your help has allowed me to explore and navigate all the health care options for my ailing father and mother in-law. Again, thank you. Ken Quote Any suggestions? What do I do next? I'm interested in making sure all viruses and malware have been removed from my system.I'm quite confident that your computer is clean. Let's run one more scan to check that connection problem Please download MiniToolBox to Desktop and run it. Checkmark the following boxes:
The MiniToolBox log: MiniToolBox by Farbar Ran by User (administrator) on 06-09-2011 at 11:45:46 Microsoft Windows XP Service Pack 3 (X86) *************************************************************************** ========================= Flush DNS: =================================== Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========================= IE Proxy Settings: ============================== Proxy is not enabled. No Proxy Server is set. "Reset IE Proxy Settings": IE Proxy Settings were reset. ========================= Hosts content: ================================= 127.0.0.1 localhost ========================= IP Configuration: ================================ # ---------------------------------- # Interface IP Configuration # ---------------------------------- pushd interface ip # Interface IP Configuration for "Local Area Connection" set address name="Local Area Connection" source=dhcp set dns name="Local Area Connection" source=dhcp register=PRIMARY set wins name="Local Area Connection" source=dhcp # Interface IP Configuration for "Wireless Network Connection 11" set address name="Wireless Network Connection 11" source=dhcp set dns name="Wireless Network Connection 11" source=dhcp register=PRIMARY set wins name="Wireless Network Connection 11" source=dhcp popd # End of interface IP configuration Windows IP Configuration Host Name . . . . . . . . . . . . : KenComputer Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet for hp Physical Address. . . . . . . . . : 00-0F-20-6F-6B-2E Ethernet adapter Wireless Network Connection 11: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : TRENDnet TEW-424UB 54M USB Dongle Physical Address. . . . . . . . . : 00-14-D1-48-33-9E Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.2.102 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.2.1 DHCP Server . . . . . . . . . . . : 192.168.2.1 DNS Servers . . . . . . . . . . . : 192.168.1.1 Lease Obtained. . . . . . . . . . : Tuesday, September 06, 2011 9:31:46 AM Lease Expires . . . . . . . . . . : Wednesday, September 07, 2011 9:31:46 AM Server: UnKnown Address: 192.168.1.1 Name: google.com Addresses: 74.125.93.106, 74.125.93.103, 74.125.93.147, 74.125.93.105 74.125.93.99, 74.125.93.104 Pinging google.com [74.125.93.99] with 32 bytes of data: Reply from 74.125.93.99: bytes=32 time=95ms TTL=53 Reply from 74.125.93.99: bytes=32 time=94ms TTL=53 Ping statistics for 74.125.93.99: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 94ms, Maximum = 95ms, Average = 94ms Server: UnKnown Address: 192.168.1.1 Name: yahoo.com Addresses: 209.191.122.70, 67.195.160.76, 69.147.125.65, 72.30.2.43 98.137.149.56 Pinging yahoo.com [98.137.149.56] with 32 bytes of data: Reply from 98.137.149.56: bytes=32 time=41ms TTL=56 Reply from 98.137.149.56: bytes=32 time=71ms TTL=56 Ping statistics for 98.137.149.56: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 41ms, Maximum = 71ms, Average = 56ms Pinging 127.0.0.1 with 32 bytes of data: Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms =========================================================================== Interface List 0x1 ........................... MS TCP Loopback interface 0x10003 ...00 0f 20 6f 6b 2e ...... Broadcom NetXtreme Gigabit Ethernet for hp 0x10004 ...00 14 d1 48 33 9e ...... TRENDnet TEW-424UB 54M USB Dongle =========================================================================== =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.102 25 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 192.168.2.0 255.255.255.0 192.168.2.102 192.168.2.102 25 192.168.2.102 255.255.255.255 127.0.0.1 127.0.0.1 25 192.168.2.255 255.255.255.255 192.168.2.102 192.168.2.102 25 224.0.0.0 240.0.0.0 192.168.2.102 192.168.2.102 25 255.255.255.255 255.255.255.255 192.168.2.102 10003 1 255.255.255.255 255.255.255.255 192.168.2.102 192.168.2.102 1 Default Gateway: 192.168.2.1 =========================================================================== Persistent Routes: None ========================= Event log errors: =============================== Application errors: ================== Error: (08/29/2011 00:11:06 PM) (Source: crypt32) (User: ) Description: Failed auto update retrieval of third-party root list SEQUENCE number from: with error: This network connection does not exist. Error: (08/29/2011 00:11:06 PM) (Source: crypt32) (User: ) Description: Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Error: (08/29/2011 00:11:06 PM) (Source: crypt32) (User: ) Description: Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Error: (08/29/2011 00:11:06 PM) (Source: crypt32) (User: ) Description: Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Error: (08/29/2011 00:11:06 PM) (Source: crypt32) (User: ) Description: Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Error: (08/29/2011 00:11:06 PM) (Source: crypt32) (User: ) Description: Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Error: (08/29/2011 00:11:05 PM) (Source: crypt32) (User: ) Description: Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Error: (08/29/2011 00:11:05 PM) (Source: crypt32) (User: ) Description: Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Error: (08/29/2011 00:11:05 PM) (Source: crypt32) (User: ) Description: Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Error: (08/29/2011 00:11:04 PM) (Source: crypt32) (User: ) Description: Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. System errors: ============= Error: (09/06/2011 09:30:46 AM) (Source: Service Control Manager) (User: ) Description: The IPSEC Services service terminated with the following error: %%1747 Error: (09/04/2011 10:37:16 AM) (Source: Windows Update Agent) (User: ) Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection. Error: (09/04/2011 10:35:32 AM) (Source: Service Control Manager) (User: ) Description: The IPSEC Services service terminated with the following error: %%1747 Error: (09/01/2011 09:57:19 PM) (Source: Service Control Manager) (User: ) Description: The IPSEC Services service terminated with the following error: %%1747 Error: (09/01/2011 09:30:57 PM) (Source: Service Control Manager) (User: ) Description: The IPSEC Services service terminated with the following error: %%1747 Error: (09/01/2011 09:08:36 PM) (Source: Service Control Manager) (User: ) Description: The IPSEC Services service terminated with the following error: %%1747 Error: (09/01/2011 08:19:46 PM) (Source: Service Control Manager) (User: ) Description: The IPSEC Services service terminated with the following error: %%1747 Error: (09/01/2011 08:18:51 PM) (Source: Service Control Manager) (User: ) Description: The Remote Access Connection Manager service failed to start due to the following error: %%231 Error: (09/01/2011 08:18:51 PM) (Source: Service Control Manager) (User: ) Description: The Remote Access Connection Manager service failed to start due to the following error: %%231 Error: (09/01/2011 08:18:22 PM) (Source: Service Control Manager) (User: ) Description: The Remote Access Connection Manager service DEPENDS on the Telephony service which failed to start because of the following error: %%1070 Microsoft Office Sessions: ========================= Error: (08/29/2011 00:11:06 PM) (Source: crypt32)(User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist. Error: (08/29/2011 00:11:06 PM) (Source: crypt32)(User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist. Error: (08/29/2011 00:11:06 PM) (Source: crypt32)(User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist. Error: (08/29/2011 00:11:06 PM) (Source: crypt32)(User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist. Error: (08/29/2011 00:11:06 PM) (Source: crypt32)(User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist. Error: (08/29/2011 00:11:06 PM) (Source: crypt32)(User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist. Error: (08/29/2011 00:11:05 PM) (Source: crypt32)(User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist. Error: (08/29/2011 00:11:05 PM) (Source: crypt32)(User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist. Error: (08/29/2011 00:11:05 PM) (Source: crypt32)(User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist. Error: (08/29/2011 00:11:04 PM) (Source: crypt32)(User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist. ========================= Memory info: =================================== Percentage of memory in use: 36% Total physical RAM: 1527.48 MB Available physical RAM: 966.02 MB Total Pagefile: 2904.86 MB Available Pagefile: 2485.6 MB Total Virtual: 2047.88 MB Available Virtual: 1905.03 MB ========================= Partitions: ===================================== 1 Drive c: () (Fixed) (Total:74.53 GB) (Free:51.72 GB) NTFS ========================= Users: ======================================== User accounts for \\ Administrator ASPNET Guest HelpAssistant SUPPORT_388945a0 User **** End of log **** The signal is going through but, like you said, it is intermittent. Have you tried hardwiring your computer to the modem? It would appear to be a problem with the wireless. Also, please reset your modem and router. Unplug them for a minute. Dave, With a hardwire connecting my computer to the router located at my wife's computer, I have a good Internet connection. My wife reset the router (pushed the button and unplugged the unit) and disconnected the modem (turned it off at the switch as well as unplugged the unit). It was a lot of work to follow the instructions to get the router, that is wired directly to my wife's system, back up and running but she was finally able to accomplish the task and she has her Internet phone and Internet connection back. There was a side benefit of all this work: we found and properly filed our computer system literature and found some other missing items as well! My system required more work and was not entirely successful. My wireless Internet connection is worse since the router/modem reset and my reinstalling the wireless software & adapter. After the resetting the modem and router, I could not hookup my system to the Internet (my system: Trendnet wireless USB adapter [TEW-424UB] to Linksys router [Wireless-G Broadband Router--mdl. WRT54G2]). After checking on the Trendnet status, I reentered the security key and was able to get some activity on that device (searching to establish a connection with the router) but still no connection. I decided to reinstall the Trendnet software on my computer. Immediately after reinstalling, I got fifteen minutes of uninterrupted, though slow, Internet connection until I was disconnected. I could only continue intermittent connection by repairing the connection (by clicking on the icon in the system tray to pop-up a window for that device and then clicking on "Repair"). I had to do this continually to receive about a minute or two of connection. I kept an eye on the signal strength during this phase of the problem and noticed that it would go from a good connection (multi-bar green) to weak connection (single bar red) back to fair connection (no bar) back to good connection and so forth. The Internet connection was slow during this time frame (for a minute or two) until I loss the connection entirely (red "X"). I have not had this condition in the past. Before the router/modem reset and my reinstalling the Trendnet software and adapter, I would routinely get periods of no connection to connection periods of an hour or two. Things have gone downhill in regard to wireless connectivity. By the way, I wonder if the wireless connection is having problems due to the building structure where I live. My place is a small townhouse and has concrete party walls (the wall between units) with wood framing in the interior of the unit. The router is located about twenty five feet away from my computer and is in another room. Again, the hardwire connection between my computer and the router is working very well and the Google redirect problem has been solved due to your direction. I have an uninterrupted Internet connection with the hardwire. I'm not sure if my wireless Internet connection problem is a virus\malware issue; perhaps I should start a new post? If so, please advise if I should uninstall the various anti virus software packages that I have installed on my system at your direction. Please include any tips on making the uninstalls successful. Thank you for your help to date. Ken Quote I'm not sure if my wireless Internet connection problem is a virus\malware issueFrom what you described to me, it would appear that the problem is with the router sending the signal or the receiver. Unfortunately, I can't help you with this. You could start another thread in another forum. Perhaps that may help. Let's do some cleanup. To uninstall ComboFix
(Note: Make sure there's a space between the WORD ComboFix and the forward-slash.)
To remove all of the tools we used and the files and folders they created do the following: Double click OTL.exe.
************************************************** Clean out your temporary internet files and temp files. Download TFC by OldTimer to your desktop. Double-click TFC.exe to run it. Note: If you are running on Vista, right-click on the file and choose Run As Administrator TFC will close all programs when run, so make sure you have saved all your work before you begin. * Click the Start button to begin the cleaning process. * Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. * Please let TFC run uninterrupted until it is finished. Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning. ***************************************************** Use the Secunia Software Inspector to check for out of date software. •Click Start Now •Check the box next to Enable thorough system inspection. •Click Start •Allow the scan to finish and scroll down to see if any updates are needed. •Update anything listed. . ---------- Go to Microsoft Windows Update and get all critical updates. ---------- I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free. SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox. * Using SpywareBlaster to protect your computer from Spyware and Malware * If you don't know what ActiveX controls are, see here Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future. Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly. Safe Surfing! Dave, I successfully completed the uninstall of ComboFix. I don't have OTL.exe on my system; it must have been removed by my running my anti-virus during this Google redirect problem process (see my reply #12, August 10--I shouldn't have done that as you mention in your introductory instructions). Do I delete or try to uninstall the following programs that are on my desktop that I downloaded at your direction? 1. TDSKiller.exe 2. tdskiller zip 3. Support-LogMeInRescue.exe 4. RootRepeal zip 5. MiniToolBox.exe 6. HjackThisInstaller.exe 7. esetsmartinstalaler_enu.exe I want to make sure I don't accidentally run these programs again. To delete I should double right click on the icon and left click on delete in that window? If I need to uninstall any of these programs, please provide instructions. Are there any other things I have to do to take care of any possible buried files from my deletion of programs that were on my system prior to my reply #12 of August 10 (deleted due to my errant running of my Deluxe Shield anti virus and PC Tools Spyware Doctor)? Those programs were: 1. Super Antispyware (SAS) 2. Malawarebytes 3. DDS 4. RKill 5. Combo.fix 6. Jotti's Malaware scan (I don't think this was a downloaded program?) The following describes what I did at that time of deletion of those programs (from my reply #12 in August): "I re-enabled my Deluxe Shield as well as my PC Tools Spyware Doctor antivirus checkers and ran them after the ComboFix scan. I'm not sure I did a good thing. The PC Tools Spyware caught a lot of items, though did not defined what items it caught, and fixed those files and the system does not run better." Thank you, KenQuote Do I delete or try to uninstall the following programs that are on my desktop that I downloaded at your direction?Yes. If the programs are installed on your desktop, simply delete them or drag them to your Recycling bin. If not installed on your desktop, uninstall them. Support-LogMeInRescue.exe is not one of the programs I asked you to install. You may keep SAS and MBAM, if you wish. Update them and run them on a regular basis. All the others can go. Dave, I got the other programs off my system per your direction. My system is running very well--thank you. Sorry about the "Support-LogMeIn" program citing. That was the Shield Deluxe anti-virus personnel log-in to help me install their new 2011 program after I thought I lost my password for the 2010 edition. That was a big mess and totally my fault. I now take better care of my passwords. I think I have one last question. To prevent the loss of my files on the hard drive, I saved some of my files (personal files and not programs I think) on thumb drives (two or three thumb drives up to 1GB capacity each) prior to all your work on my system. I want to know if I can reuse those thumb drives without jeopardizing my system? In other words, can I can plug those thumb drives back into my system, delete the contents, and reuse the thumb drives? I thought I should be safe rather than sorry and ask you before I do this. Ken Quote In other words, can I can plug those thumb drives back into my system, delete the contents, and reuse the thumb drives? I thought I should be safe rather than sorry and ask you before I do this.Yes. When you plug in the thumb drives hold the Shift key down for about 10 secs. while inserting them in the USB drive. Then, scan them with your AV and also with SAS and MBAM to be sure that they're clean. I will lock this thread. If you need it re-opened, please send me a pm. |
|