Guys, I have been getting this error when I try to go to www.google.com: Click to view full size! and this error if I try and search something in the google bar at the top right hand corner of mozilla. Click to view full size! does anyone know what the hell is going on? i dont even speak russian!
You um... might wanna do malware/virus scan. http://www.malwarebytes.org/ Edit: Also, what DNS server(s) are you using? Command prompt and type 'ipconfig /all'.
DNS trojan probably malwarebytes or super anti spyware if they cant remove it nuke it edit: i pointed at your sys tray icons and waited for a pop up... DERP!!
hah too funny! Im doing a full Malware Bytes scan now. Ive got 3 print screens for from my ip config. Im sorry I dont really know what they mean. Click to view full size! Click to view full size! Click to view full size!
Well your Dell Wi-Fi adapter is using the Belkin's DNS relay, so that's all good... as long as the Belkin is using your ISP's (or another reputable server). You can check via the Belkin's web admin page, but probably just wait and see what Malwarebytes turns up first (if anything). Edit: Did you install Hamachi yourself?
Yeah I did install Hamachi a while. Havent really ever used it. I did full system scans on both Malware Bytes and Super Anti Spyware and while they both picked up issues neither have resolved this particular issue. I am not in the mood to reformat...
Do a tracert to google and see where your packets are going. It sounds very much like a bit of malware is changing your DNS.
I have done the tracert results are below. I dont know what they mean unfortunately. Click to view full size! Also, im not sure if it actually makes a difference but I am using my galaxy s as a wireless access point to use the web as i am on holidays. So the Belkin is not being used at the moment.
Your hosts table seems infected. That is not the right IP for any of googles servers. The server is located in Germany, and is that FreedomRussia one. The IP turns up a lot of malware related hits on google. Here is one such link: http://www.bleepingcomputer.com/forums/topic364517.html and another: http://forums.malwarebytes.org/index.php?showtopic=72269 Edit: Looks like you have something similar to VirusDoctor: http://www.symantec.com/security_response/writeup.jsp?docid=2009-020410-5338-99&tabid=2 It edits the hosts file redirect certain URL's to malicious IP's. If you open up your hosts in C:\Windows\System32\drivers\etc with notepad, I'm sure you'll have a bunch of bogus entries.
go to C:\windows\system32\drivers\etc and open the hosts file in notepad, clear everything in it and just have it like this: 127.0.0.1 localhost ::1 localhost Save it, reboot and tell us how you go
Cant hurt trying... if that doesn't work: http://www.bleepingcomputer.com/combofix/how-to-use-combofix
I had a google redirect problem some time ago. Scans with SAS and MB didn't find the cause. I'd let Nod license lapse. I run as a restricted user all the time so I was a bit surprised to get the infection. Installed new AVG free and didn;t find anything. Anyway, I installed Comodo firewall and it flagged files attempting to open ports etc. So I tracked them down that way, booted into safe mode and deleted them. Been fine since but I am too lazy to reformat as well.
Well that final thing has worked. I did the combo fix and temp file cleanup and while they found things the issue persisted. I jumped into that host file and there were some bogus entries further down the page. I have deleted those, reset, and it has been fixed. Thanks so much for the quick help guys, its amazing having this unbelievable wealth of knowledge at your fingertips with so many of you willing to help. It is really appreciated and im sure many others appreciate it as well. I think I will run the anti malware again just to try and make sure nothing else has reinfected as you said domlebo.
No worries. You were easy to help, as you had some detail (screenshots etc). Most people just go "My interwebz is broken, FIX IT"
I'll tell you what I had a chuckle when i opened my browser and typed in www.google.com and it went to that web page in russian. I thought to myself "wow buddy you just got own3d."
