Ammo For Sale

« « NRA Convention Stuff | Home | My main beef against Apple » »

A puzzler

For the last couple of days, my computer has started going to myspace. That is, any url with google in it redirects to myspace. My various spyware and virus scanners have picked up nothing. Clearing browser caches do nothing. And it affects both chrome and firefox at the same time. It’s fixed by a reboot and nothing else. Then it will appear later. Any idea what sort of critter this is?

ETA: Affects IE too.

ETA: Ip release and renew fixes it too.

37 Responses to “A puzzler”

  1. Fangbeer Says:

    What OS?

    Did you check your hosts file?

  2. SayUncle Says:

    windows 7. i don’t know what a host file is.

  3. PhillipC Says:

    If it was a hosts file, it wouldn’t be fixed by a reboot. That was my first thought too.

    It sounds like a DNS corruption. First thing to try is to flush your DNS cache, which is actually simpler than it sounds. Get to the Network Connections folder, right click on the network connection you’re using for the Internet, and click Repair. If it resolves the issue, that’s where you’d start looking for the wee beastie that’s troubling you.

  4. Freiheit Says:

    In Windows:
    Start -> Run
    Type “cmd” hit Enter
    Type ping google.com, note the IP address
    Type ping myspace.com, note the IP address
    Use a tool like network-tools.com to do a WHOIS on each.

    Also check your router and/or modem. It’s possible that has a bad DNS entry in it. I like to use Google for DNS 4.4.4.4, 4.4.8.8 .

  5. The Duck Says:

    Not A clue, but mine suddenly wants a password, and user name to get email, and won’t accept ether one

  6. Aaron Spuler Says:

    Might try restarting the cable modem and router to see if that fixes it.

  7. Sean Says:

    You said various spyware virus programs…

    You are aware you shouldnt have more than 1 antivirus software installed at a time, having more than 1 is counter productive and they work against each other.

    also what spyware program are you using?

    I suggest SpyBot Search and Destroy from safernetworking.org

    its the best, and the community behind it is AMAZING.

    if you check out the forums there on safernetworking you can learn how to use “hijackthis” which is a good tool to hunt down obscure issues in your computer.

    Hope this helps. Computer problems are such a headache.

  8. Some Guy Says:

    It’s the Emo Virus. It starts with Myspace, then eventually, your computer starts writing crappy poetry and cutting itself.

  9. kirk Says:

    Emo Virus.. Now that is damn funny.

    Uncle, sorry to hear you are having issues with your Microsloth products…

    Better get the Droid firing on all cylinders to keep up the blog…

  10. SayUncle Says:

    i used the MS essentials and it came up nothing. so i tried another online one.

  11. Justin Buist Says:

    It’s malware of some kind. Not sure which one, or what product will fix it, but that’s what it is.

  12. Magus Says:

    Superantispyware – http://www.superantispyware.com
    Malwarebytes’ Anti-Malware – http://www.malwarebytes.org
    Spybot Search & Destroy – http://www.safer-networking.org

    Trojan Remover – 30 day free fully functional scanner
    http://www.simplysup.com/tremover/download.html

    If the above don’t fix it, try combofix. Be sure to follow the instructions carefully:
    http://www.bleepingcomputer.com/combofix/how-to-use-combofix

    Try the suggestions at this page: Remove Google redirect virus
    http://deletemalware.blogspot.com/2010/02/remove-google-redirect-virus.html

  13. SayUncle Says:

    malwarebytes doesn’t work.

  14. Rob K Says:

    It sounds like DNS cache poisoning to me. (Domain Name Service maps the name to the IP address.)

  15. homeuser Says:

    I agree with the suggestion that it is malware. They will often disable antimalware programs. Maybe the instructions here will help:

    http://www.geekstogo.com/forum/How-to-fix-Google-Redirects-t267407.html

    I’ve solved these problems before by making a Ubuntu USB key bootable and check the disk drives (running antimalware programs) after booting into an alternate OS from the USB key.

  16. SayUncle Says:

    seems to be taken care of for now. if it resurfaces, will try other measures.

  17. Jamoka Says:

    or you might get a mac…..

  18. ATLien Says:

    yeah he can get a mac if he wants to burn money for no reason.

  19. Mu Says:

    Yeah, get a Mac. Mac 10 for starters.

  20. Kristopher Says:

    Agreed. Get a MAC-10, and hose down the PC with it after saving personal files.

    Then load a new PC as a dual-boot machine. Windows for games and other OS restrictive programs, and UNIX for internet use.

  21. Rabbit Says:

    I thought this was on a Mac. That’s why I hadn’t suggested ccleaner.

  22. Standard Mischief Says:

    It’s the Emo Virus. It starts with Myspace, then eventually, your computer starts writing crappy poetry and cutting itself.

    What’s your mood? What music are you currently listening to? (j/k)

    I’d second the Ubuntu idea, except that you should boot from CD-ROM instead of USB stick. If you still have the issue, it’s most defenantly downstream from you (routers, your ISP’s DNS, etc)

    Ubuntu is super-easy for n00bs. Once you’ve burned the disk, you boot from the read-only media. The “live” disk has it’s own OS onboard and changes nothing about your PC unless you mount your own hard disk to read or write to it.

    If you like it, it’s a super-easy way to be very secure when doing stuff like online banking.

  23. Standard Mischief Says:

    s/defenantly/definitely/g

  24. SebastianWho'llGetHisBlogRunningEventually Says:

    I had something like this a ways back, it was a really annoying redirect. The only thing that killed it was that super duper virus and bot cleaner…shit what’s it called? Not a spyware killer like Malwarebytes or CCleaner, but a DOS operated program that I can’t remember the name of.

    Somebody more savvy than me will know exactly what I’m talking about. It’s really common…shit it’s pissing me off I can’t remember the name of it.

    yeah he can get a mac if he wants to burn money for no reason

    I’d say not having to deal with crap like this is a reason. 🙂

  25. SayUncle Says:

    yeah, cause macs don’t get bugs.

  26. SebastianWho'llGetHisBlogRunningEventually Says:

    Seeing as I use both every day…in my limited experience, it’s not even close. The usual defense of the PC folks is “well yeah, but that’s cause our OS is the huge portion of the market share so bug programmers spend more time hacking them”.

    Even if that’s 100% true (and I doubt that it is), as the end user, who cares?

    The iMac is way more stable than my XP machine, by a factor of 10 crashes to 1 best I can tell, and is largely glitch and bug free.

    Apples aren’t perfect, but this is one particular problem they just don’t seem to have.

    The biggest problem Apple has is the average American’s tendency to think that if something sells more than something else, it must be “better”. Kinda like assuming that American Idol finalists make the best music.

  27. DOuglas2 Says:

    I used to encounter the problem of anything “Google” redirecting to nothing useful. It happened about every 6-weeks to two months on my wife’s Mac, (which does run spyware/virus protection as a service to those we share files with).
    Using a different DNS always fixed the problem, and when I was in a hurry using google.ca or google.uk for search allowed me to work (but not use gmail or other personal services).

  28. SebastianWho'llGetHisBlogRunningEventually Says:

    My buddy Wes to the rescue.

    http://www.bleepingcomputer.com/combofix/how-to-use-combofix

    Combofix is what I thinking of. When I had that browser redirect bot, all of the spyware killers couldn’t fix it, but that did, and made life a lot easier.

    That should probably do the trick.

  29. Chris Says:

    you have a BHO, no no not a Barack Hussein Obama… A browser Hijacker Object…

    Go get a program called hijackThis and run it, it will easily fix the problem and it is free.

  30. Jailer Says:

    If you have trouble again go here and follow this tutorial TO THE LETTER. Haven’t found anything it won’t fix yet.

  31. Jailer Says:

  32. GarrenShipley Says:

    Yeah, sounds like a BHO to me… hijackThis is an awesome piece of software. Had this problem on a Windows 98 machine once… cleared it right up, once I found the right string to kill.

  33. Countertop Says:

    Where does BHO come from? I’ve never heard of this kind of thing.

  34. Tango Says:

    Uncle, I’ve seen this time and time again. First thing that sticks out is that it fixes when you reboot or flush your network settings, but comes back. this indicates an actively running application. Second, it sounds like it’s either setting you up to use a proxy, or more likely it’s hijacked your DNS entries and added its own crap into there so when you resolve a hostname, it just points it to MySpace’s IP address. This is the most likely.

    Download, install, and run “Malwarebytes Anti-Malware”. It’s free and works great.

  35. SayUncle Says:

    hasn’t recurred since flushing DNS. And, as said earlier, malwarebytes doesn’t find anything.

  36. SebastianWho'llGetHisBlogRunningEventually Says:

    Yeah, for some reason spyware eliminators like Malware (which seem to keep you from downloading stuff you don’t want) don’t catch this sort of browser terrorist.

    You need Combofix or Hijackthis.

  37. Kristopher Says:

    Or just drop to UNIX and be done with it, either Macintosh or free versions like Ubuntu.

    You can run most Windows programs in a vmware window in UNIX, or a number of proprietary programs on the mac.

    UNIX/Mac boxes don’t get virii because rooting a UNIX box is a job for the skilled. Hacking a Windows box is something any script kiddie / spammer can do.

Remember, I do this to entertain me, not you.

Uncle Pays the Bills

Find Local
Gun Shops & Shooting Ranges


bisonAd

Categories

Archives