Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Possible virus with google javascript

Posted on 2013-06-19
8
Medium Priority
?
791 Views
Last Modified: 2013-11-22
In all of my browsers, IE10, Firefox21, Chrome, when I click to go to a new page (e.g. an Experts Exchange search), I often get sent to a different page (e.g. the Meatworks).

I can fix this in Firefox by disabling every advertising script with google in the name. I can't use IE or Chrome because they do not allow users to disable Ads.

However, I am perplexed that no-one else seems to have this problem, so I suspect I have a virus or some other kind of malicious software.

I have Microsoft Security Essentials which seems to keep me safe, apart from this problem.

Any suggestions.
0
Comment
Question by:GrahamDLovell
  • 4
  • 3
8 Comments
 
LVL 84

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 750 total points
ID: 39261575
Run a full scan.  You have something called a 'Google Redirect Virus'.  If MSE doesn't find and remove it, we can suggest other things that will.
0
 
LVL 84

Accepted Solution

by:
David Johnson, CD, MVP earned 750 total points
ID: 39261640
try malwarebytes (http://www.malwarebytes.org) and scan your computer.
0
 

Author Comment

by:GrahamDLovell
ID: 39264611
Here is progress so far:

MSE didn't find anything. Malwarebytes' rapid scan also didn't find anything that MSE hadn't disabled, but a full scan found one item in an old recovery section of the disk, and I have removed it. Here is the log entry:

..\Program Files\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\xml\xmlnamespace\cp\XmlNameSpace.exe (Adware.StatBlaster) -> Quarantined and deleted successfully.

I don't get the redirects now, although I still get the annoying ads, except in Firefox, where AdBlock Plus seems to be effective.
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 39264645
You should examine all your addons.  I suggest you remove anything you are not using.  And almost all 'toolbars' are spyware and some are used to deliver ads and popups to you.  I don't allow ANY toolbars on my computers, not Google or Bing or Yahoo or any others.
0
 

Author Comment

by:GrahamDLovell
ID: 39264658
I agree. Everyone seems to want to add a toolbar to my browsers.
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 39264673
When you go to a new page, every toolbar you have 'phones home' to tell it's master where you are so they can add to your 'advertising portfolio'.  Toolbars are better than tracking cookies for the advertisers.
0
 

Author Comment

by:GrahamDLovell
ID: 39378747
The problem with the "Google redirect" virus has re-emerged, and the program I thought that I had removed is still there. It is XmlNameSpace.exe. Now removed again, and the problem dropped back a step: it doesn't redirect.

However, IE still came up with bogus adverts.

I then tried removing all of the IE Add-Ins for which I didn't recognize the company name (using the menu option in Tools). I also disabled PlusIEEventHelper Class (purporting to be from Zeon Corporation).

This seems to help. I am not sure why. Any comments anyone
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 39378758
Then I suggest using ComboFix from Bleepingcomputer http://www.bleepingcomputer.com/download/combofix/ (Not from anywhere else!).  Run it then run MalwareBytes again.  This will take a while but I have found it to be the most effective combination of scans.  Of course, you have to be careful where you are going on the internet and what you are clicking on to avoid getting it again.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question