GrahamDLovell
asked on
Possible virus with google javascript
In all of my browsers, IE10, Firefox21, Chrome, when I click to go to a new page (e.g. an Experts Exchange search), I often get sent to a different page (e.g. the Meatworks).
I can fix this in Firefox by disabling every advertising script with google in the name. I can't use IE or Chrome because they do not allow users to disable Ads.
However, I am perplexed that no-one else seems to have this problem, so I suspect I have a virus or some other kind of malicious software.
I have Microsoft Security Essentials which seems to keep me safe, apart from this problem.
Any suggestions.
I can fix this in Firefox by disabling every advertising script with google in the name. I can't use IE or Chrome because they do not allow users to disable Ads.
However, I am perplexed that no-one else seems to have this problem, so I suspect I have a virus or some other kind of malicious software.
I have Microsoft Security Essentials which seems to keep me safe, apart from this problem.
Any suggestions.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You should examine all your addons. I suggest you remove anything you are not using. And almost all 'toolbars' are spyware and some are used to deliver ads and popups to you. I don't allow ANY toolbars on my computers, not Google or Bing or Yahoo or any others.
ASKER
I agree. Everyone seems to want to add a toolbar to my browsers.
When you go to a new page, every toolbar you have 'phones home' to tell it's master where you are so they can add to your 'advertising portfolio'. Toolbars are better than tracking cookies for the advertisers.
ASKER
The problem with the "Google redirect" virus has re-emerged, and the program I thought that I had removed is still there. It is XmlNameSpace.exe. Now removed again, and the problem dropped back a step: it doesn't redirect.
However, IE still came up with bogus adverts.
I then tried removing all of the IE Add-Ins for which I didn't recognize the company name (using the menu option in Tools). I also disabled PlusIEEventHelper Class (purporting to be from Zeon Corporation).
This seems to help. I am not sure why. Any comments anyone
However, IE still came up with bogus adverts.
I then tried removing all of the IE Add-Ins for which I didn't recognize the company name (using the menu option in Tools). I also disabled PlusIEEventHelper Class (purporting to be from Zeon Corporation).
This seems to help. I am not sure why. Any comments anyone
Then I suggest using ComboFix from Bleepingcomputer http://www.bleepingcomputer.com/download/combofix/ (Not from anywhere else!). Run it then run MalwareBytes again. This will take a while but I have found it to be the most effective combination of scans. Of course, you have to be careful where you are going on the internet and what you are clicking on to avoid getting it again.
ASKER
MSE didn't find anything. Malwarebytes' rapid scan also didn't find anything that MSE hadn't disabled, but a full scan found one item in an old recovery section of the disk, and I have removed it. Here is the log entry:
..\Program Files\Microsoft.NET\SDK\v1
I don't get the redirects now, although I still get the annoying ads, except in Firefox, where AdBlock Plus seems to be effective.