Computer Support Forum

IE/Ntscp search links redirected, no malware found, no solution found in threads

Question: IE/Ntscp search links redirected, no malware found, no solution found in threads

I have IE 8.0 and Netscape 8.1.3 on Windows XP (media ed). Both browsers have the same problem. Google searches' links are redirected. The first link clicked works, but subsequent ones are redirected. There is no other unusual activity. The redirection does not occur with a proxy server using google.

I have tried Norton, Trend Micro PC-cillin, Malware Bytes, and Spybot S&D. None of these detect any malware and none solve the problem. The DNS is automatically obtained.

I have looked through the forum, and there appears to be a number of people with similar problems, but the solutions offerred (if not too specific) have not worked.

Thank you.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:08:18, on 7/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Creative\VoiceCenter\AndreaVC.exe
C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\DOCUME~1\king\LOCALS~1\Temp\clclean.0001
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\utils\WinZip\WZQKPICK.EXE
C:\Program Files\Picaboo\Picaboo\PicabooMain.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Netscape\Netscape Browser\netscape.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157" target="_blank" class="invilink">http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank" class="invilink">http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [OE_OEM] "C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Picaboo.lnk = C:\Program Files\Picaboo\Picaboo\PicabooMain.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\utils\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1226881932156
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe

--
End of file - 11793 bytes

Relevance 100%
Preferred Solution: IE/Ntscp search links redirected, no malware found, no solution found in threads

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: IE/Ntscp search links redirected, no malware found, no solution found in threads

11 more replies
Relevance 80.04%

Hi

When I use Google etc to search and try to double click on a link I am getting redirected to random sites. I have completed the 5 step process however could not get the Microsoft Updates. Other than the report I have no knowledge of viruses.

Thanks for any help
Richard

I have attached the Scan report and xtra.

Deckard's System Scanner v20071014.68
Run by richardm on 2008-01-26 16:04:01
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
38: 2008-01-26 03:04:07 UTC - RP38 - Deckard's System Scanner Restore Point
37: 2008-01-25 06:36:23 UTC - RP37 - System Checkpoint
36: 2008-01-23 22:18:51 UTC - RP36 - System Checkpoint
35: 2008-01-22 07:34:07 UTC - RP35 - System Checkpoint
34: 2008-01-20 06:37:35 UTC - RP34 - Removed Apple Mobile Device Support


-- First Restore Point --
1: 2007-11-13 00:20:57 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-01-26 16:05:00
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss... Read more

Answer:Getting redirected from links found on Search Engines

Bump Help!

10 more replies
Relevance 92.25%

Hi

I just joined this forum and this is my first post.

My laptop seems to have got infected by a malware when I was browsing (do not recall the site name as I realised about the problem only after rebooting).

The following are what I am able to see during use:

1. Just after booting, I get a notification "Missing Virus definitions: VPTray.exe-Ordinal not found" & below that "The ordinal 1109 could not be located in the dynamic link library WSOCK32.dll". When clicking OK, this goes off and reappears one more time. Goes off again after OK

2. Subsequently, I get a warning pop-up Symantec auto-protect is disabled.But I find symantec to be working fine.

3. While on Google, the first page of search results come out fine- but the links from this page lead to a completely unrelated sites (95p.com???) automatically.

4. Sometimes, automatically new tabs get opened to the site shiftingmedia.com with some irrevalent search terms.

5. Browsing has become extremely slow after this happened.
I am using a Dell Latitude D620 (yes- it is an old piece- but seemed to be fine until this) with Windows XP Professional 2002 SP3. Antivirus Symantec 10.1.7.7000.

I wanted to run the DDS tool also and attach the log- but I am not getting a DOS kind of scree as shown in the site and the single out txt file is completely garbled.

Tried running a couple of anti malware programs downloaded from the net; but though they found some threats and cleaned them the problem rem... Read more

Answer:Google links getting redirected; Ordinal 1109 not found

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/435127 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

2 more replies
Relevance 92.25%

I have been having issues with being redirected when clicking on links (multiple search sites: google, yahoo etc) and recently my browser (firefox) has been crashing. I had been using Pest Patrol and found a downloader and an unknown trojan. I removed them both to no avail. I just installed and ran Malwarebyte's Anti-Malware and found: Trojan.Daonol (first specified trojan). I also ran hijackthis but alas, cannot make sense of it and I would like to make sure my system is clean. So if someone could take a look at this and let me know, it would be greatly appreciated. Thank you so much!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:11:13 PM, on 5/18/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16827)Boot mode: NormalRunning processes:C:\WINDOWS.0\System32\smss.exeC:\WINDOWS.0\system32\winlogon.exeC:\WINDOWS.0\system32\services.exeC:\WINDOWS.0\system32\lsass.exeC:\WINDOWS.0\system32\Ati2evxx.exeC:\WINDOWS.0\system32\svchost.exeC:\WINDOWS.0\System32\svchost.exeC:\WINDOWS.0\system32\Ati2evxx.exeC:\WINDOWS.0\Explorer.EXEC:\WINDOWS.0\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS.0\system32\svchost.exeC:\Pro... Read more

Answer:Redirected links, browser crashes, found trojans

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 88.97%

Hi,I really needs help. Please help me asap. I'm now very very frustrated with my laptop T_T - When I try to access Google.com, it automatically redirects me to this irritating website: "SOFT.SG" .However, when I access Google.com.sg or other websites with this format "Google.com.xx", it works find. I can use Gmail and other Search Engine normally. I'm only facing problem with "GOOGLE.COM" . - When I use the google search toolbar, it shows a web page on Firefox that says: "Not FoundThe requested URL /search was not found on this server.Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at www.google.com Port 80" - I have tried Google Chrome, Firefox and IE9 and I'm facing the same problem - I have tried using Malwarebytes' Anti-Malware, Hitman Pro 3.5, CCleaner, kk.exe, Rkill, TDsskiller to find spyware and malware but they all do not work. - My host file is normal.Really really needs help.Thank you all!

Answer:GOOGLE.COM redirected to SOFT.SG and NOT FOUND when search

I couldn't help but notice in that error message it is referencing port 80, that is a classic port used by hijacker viruses. Go to download.com and download Spybot - Search and Destroy. I know you said you tried all those programs, but this is the best one. Also, go into your network connections and go into the properties of the active connection, select Internet Protocol v4 and click Properties below that.. all the fields in that box you see should be empty. Did this help?

3 more replies
Relevance 88.56%

HI Everyone,

Ok corny username.... but im so happy....I coudlnt help it. Read on.

Its 3:50 am on OCt 31 2009. About 8-9 days after the first few online forums reported this new malware on the internet.

All teh forums mentioned to download and installl a whole bunch of programs. I tried all of them but they didn twork.

The only thing that did work. THANK GOD!!! and THANK MICROSOFT (for once) was the system restore.

IF you know when you got hit with this crappy browser hijack software, then just set the system restore point to any available date before that.

All installed programs including this BS malware will be deleted. All files you download / copy onto your system will be fine.

Hope it all works for you. Please try this before you break your head and waste tiem installing 10 other softwares to fix this problem.

Good luck and may the creators of greatfeedmill perish in a lake of fire. [email protected][email protected]$!!!! I hope their car breaks down, or their bank repossesses their car, cos they really cannot possibly own a house. IF they did, hope it burns down.

Ibreatgreatfeed
 

More replies
Relevance 88.56%

Hey, Just in case anyone else is having this problem, It took me a while, but I finally figured out how they redirected auto.search.msn.com on my computer, It was fairly simple, Im not quite sure why when I did a text search on my hard drive the first time it didnt pick it up. Anyways Today I installed this program called silencer, which blocks all kinds of Ip adresses, and it brought my attention to this file in the windows directory called host
I looked in there and right at the first line it said

66.40.16.218 auto.search.msn.com

So I deleted it problem solved. Sheesh after all this time I cant believe it was so simple, Anyways if anyone ever has trouble with something redirecting your adresses and you know its not right, just check a file in your windows directory called host, edit it with notepad or word pad. It might be empty or not exist. But who knows, take a look at it, you might be suprised whats in there.
Heres something neat I noticed that the silencer program does, you can do it yourself I imagine though.

If you ever want to disable some Ip adress, such as
ads.double-click.com You can do it easily by placing this line in your host file in the windows directory

127.0.0.1 ads.double-click.com

This works for any site you want to put in there, It redirects the domain to your local IP which disables alot of ads , I dont know if it protects your ports, but I noticed a heck of alot less ads on the internet because of this. The silencer program at spychecker.com d... Read more

More replies
Relevance 88.15%

[attachment=75747:Attached_zips.zip]I have norton 360, no help with this issue. All my links are getting randomly redirected on the first click.I believe I have collected the info needed for analysis. (also see attached) Thanks in advance for the help!!DDS (Ver_10-10-10.03) - NTFSx86 Run by John at 6:59:24.14 on Fri 10/15/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.1966 [GMT -4:00]AV: Norton 360 Premier Edition *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}FW: Norton 360 Premier Edition *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}============== Running Processes ===============C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exeC:\WINDOWS\system32\Ati2evxx.exesvchost.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exeC:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\LightScrib... Read more

Answer:Malware issues, search links redirected

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The ... Read more

22 more replies
Relevance 86.92%

please help me avg picks them up but they keep trying to come into my system and my search engine keeps redirecting me here is my dds:
DDS (Ver_09-06-26.01) - NTFSx86
Run by katie at 9:23:02.11 on Fri 03/07/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_14
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.61.1033.18.1013.283 [GMT 10:00]

AV: BP Security Anti-Virus *On-access scanning enabled* (Updated) {2565CEEE-6BDB-4A6D-AD6D-F682F2695014}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k apphost
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Windows\ehome\ehRecvr.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Windows\ehome\ehsched.exe... Read more

Answer:all search engines get redirected and i found rootkit problems skynetblabla.dll

f[/QUOTE]and here is my hijack this file for some reason gmer dosnt work


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:29:32 AM, on 3/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\katie\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Users\katie\AppData\Local\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.ninemsn.com.au
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ninemsn.com.au
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwl... Read more

19 more replies
Relevance 86.1%

Syndrom :Can't open www.google.com, www.google.ch, www.google.fr, www.google.de, etc in browser (IE8 and Firefox), when other website such as youtube.com works perfectly.Message : 404 Not Found (nginx) (see this link (imageshack))This has been so for the last 2 weeks, the computer is the one of my grand-father meaning I don't know what he exactly did.What has already been checked/tried and worked (but didn't solve the problem):- ping google.com- ping google.ch- Open google.com using it's IPv4 adress (74.125.39.106) in both IE8 and Firefox- Open google.ch using it's IPv4 adress (74.125.39.105) in both IE8 and Firefox- Open google.com.ph (Philipinae) directly in both browser (Computer located in Switzerland)- Open maps.google.com, translate.google.com, images.google.com, etc. in both browserWhat has already been checked/tried and didn't worked nor solved the problem :- ipconfig /dnsflush (many)- ipconfig /renew (many)- Force DNS server on computer (DNS used : 8.8.8.8 as primary, 208.67.222.222 as secondary)- Force DNS server on rooter (DNS used : 8.8.8.8 as primary, 208.67.222.222 as secondary)- Boot in safe mode, network devices enabled, then tried to contact google.com without success- Use of a browser with clean install (Firefox)- Modem reboot- Modem reset- Rooter reboot- Rooter's firmware update, with reset- Restore computer to previous point- Scan on boot using Avast! (paid version)- Complete scan then quick scan using Malwarebytes anti-malw... Read more

Answer:Error 404 Not Found when trying to contact google, no solution funded, probably a malware.

Bump, does anyone have an idea ?

3 more replies
Relevance 83.23%

Trouble started with google redirecting to 63.209.69.107 when i clicked on any search results. Looked it up on this site,and found some procedures that seemed reasonable...used symantec removal tool, no problems but it didn't fix anything. Tried TDSSKiller from kapersky...same basic result, it found and fixed a few things but problems persisted. Ended up at this forum topic- http://www.bleepingcomputer.com/forums/topic473358.html because I got the TDSS file system found error. Followed all procedures from that topic it had me run TDSSKiller again with a different setting, then AdwCleaner, then ESET, then aswMBR. Again a few suspect items found and fixed. Google problem persisted. Found this topic- http://www.bleepingcomputer.com/forums/topic480929.html/page__pid__2941122#entry2941122 and my results pretty much matched the original poster of this topic. Ran AdwCleaner again, downloaded and ran Malwarebytes Anti Malware, and RogueKiller.

RogueKiller found the same infection as that guy had, "ZeroAccess"...which according to Gunto is "nasty" and requires "advanced help". Followed instructions, ran DDS, created logs and now I'm here. I have logs from every fix I have tried starting back with the symantec tool, I don't know if they would be helpful or not, but I have them. I am only including the DDS results as instructed in the "Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help", but ... Read more

Answer:infected with zeroaccess found with roguekiller & google redirects search result links

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your malware problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top o... Read more

49 more replies
Relevance 80.36%

hello

i ran trojan remover on safe mode before i ran into this tech forum.

it found 2 malware infections. a trojan and a hacking system file.
they both were deleted by the trojan remover program. when i ran it again. nothing was found....but my main concern right now is that i was reading the log that i was given and it said something about some files being locked or in use. and im not sure if the computer is really finally out of harms way.

i do have a boot disc if i have to reformat. but i do run a store AND reformatting is such a huge hassle. i will do it if ihave to. but i would like to know if im still in harms way.

i ran the programs you guys asked and i will be attaching them here.
ALSO i will attach the trojan remover log..just so you see what im talking abt.


the computer started acting up, an the main that it was doing, was everytime i would turn the computer back on, the receipt printer was uninstalled. EVERYTIME.

thanks in advance.

Answer:possible hacking problem/malware found/trojan found....URGENT

Hello!

I am currently reviewing your logfiles and will assist you shortly with instructions. Please be patient.

Meanwhile: Please subscribe to this thread if you have not done already and please don't do any other scans on your own and don't install or remove software. Thank you!

4 more replies
Relevance 79.95%

HI eyeryone, well this is kind of an interesting story. I am working on my bosses computer to speed it up a bit and every time i type in an invalid website or do not .com at the end it kicks me directly from the page not found screen to a porn search engine. I let him know about it and he wants me to try to clean it up...i have tried every anti-spyware program available and cannot get rid of this. I ran Hijackthis and here is my log. Please help!Logfile of HijackThis v1.99.1Scan saved at 4:06:46 PM, on 4/30/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16414)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Java\jre1.6.0_01\bin\jusched.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\... Read more

Answer:Page Not Found: Porn Search Engine (malware I Think)

vz9364,Welcome to the forum.Your computer has been hijacked by the lovely people in the Ukraine, you are infected with Wareout.85.255.112.0 - 85.255.127.255Inhoster hosting companyOOO Inhoster, Poltavskij Shliax 24, Kharkiv, 61000, UkraineYou may want to print out these instructions for reference, since you will have to restart your computer during the fix.Please download FixWareout from one of these sites:FixWareout SubratamFixWareout Lonny Save it to your desktop and run it. Click Next, then Install, Then make sure "Run fixit" is checked and click Finish. The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal. At the end of the fix, you may need to restart your computer again.Save the contents of the logfile C:\fixwareout\report.txt and post it into your next reply.Now lets check some settings on your system. For (2000/XP) Only)Go to Start > control panel. If you are using Windows XP's Category View, select the Network and Internet Connections category otherwise double click on Network Connections. Then right click on your default connection, usually local area connection for cable and dsl. Left click on properties. Click the Networking tab. Double-click on the Internet Protocol (TCP/IP) item and select the radio dial that says Obtain DNS servers automaticallyPress OK twice to get out of the properties screen and reboot if it asks.
Tha... Read more

6 more replies
Relevance 79.95%

Dont have a dds log because it hangs at the end of running it and doesnt finish then computer is unresponsive including mouse and has to be switched off.

gmer log is attached....help

thinkpad T43 laptop with xp pro

Answer:search hijack, pop ups not found by malware virus software

Hello, fluffy04.My name is aommaster and I will be helping you with your log.I apologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.If you have since resolved the original problem you were having, I would appreciate you letting us know. If not please perform the following below so I can have a look at the current condition of your machine.ThanksShould you still require assistance, please take note of the points below:Please track this topic by either adding it to your favourites or clicking the Options button at the top of this thread and then Track this topic.Please disable word-wrap before posting logs. This can be done by clicking Format and un-ticking the word-wrap feature in notepad. The logs that you post should be copied and pasted directly into the reply. Only attach them if requested or if they do not fit into the post.If you do not reply within 5 days, I will have to close your topic. Should you not be able to meet this, please notify me so that I will leave the topic open.Please do not install, update, or run any programs for the duration of the fix.If you do not understand the instructions I provide, please don't hesitate to ask. That's what I'm here for Please continue to reply to this topic until I give you the all clean. Just because there are no symptoms of infection doesn't mean that the computer is clean.If you are running Vista, please run all the fixes as an administrator. This is done by ri... Read more

3 more replies
Relevance 79.54%

Hi.

On a quick scan of Malwarebytes, it found item called trojan.downloader.

It was on C:\windows\system32\java.exe

I clicked to remove, rebooted as directed, reran scan and all clear.

Then I ran Superantisypware:

It found a malware trace in registry items:

hklm\software\microsoft\windowsnt\currentversion\winlogon#taskman

This was also quarantined and then I restarted as directed and rescanned and all was clear.

I then ran an anti virus and that was clear.

I have windowsvista.

I am concerned that there still might be a problem on the system after seeing these two that were found.

Looking forward to your help.

Thanks!

More replies
Relevance 79.54%

Hello!After long searching I deleted the "Rootkit.boot.SST.b" via Kaspersky Rescue Disk.Now I am able to run TDSSKiller and he finds 2 objects.Now I can't find an answer if I can safly delete them?These are the scan Results:Now how can I be sure that all the junk from the rootkit is deleted since previsouly following programs found nothing:Emsisoft Emergency Kit - Super antispyware - Malwarebytes - AVG - kaspersky Virus Removal Tool - Combofix didn't even start - Stinger | Spybot S&D | Hitman | AVG Virus Removal ToolKind regards,Vincent

Answer:Kaspersky TDSS 2 Possible Threads Found

Hello,And welcome to BleepingComputer.com, before we can assist you with your question of: Am I infected? You will need to perform the following tasks and post the logs of each if you can.Please download and run Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.Malwarebytes Anti-MalwareNOTEMalwarebytes is now offering a free trial of their program, if you want to accept it you will need to enter some billing information, so that at the end of the trial you would be charged the cost of the product. Please decline this offer, if you are unable to provide billing information. If you want to try it out, then provide the billing information.Please download Malwarebytes Anti-Malware and save it to your desktop.Download Link 1Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.
For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.When the installation begins, follow the prompts a... Read more

16 more replies
Relevance 76.26%

When I click on a google link or even a bing link my page gets redirected to places like spyware scanner and fake search engines. I know its a virus or some sort of malware/ Spyware. It only takes control on links.

If you type something in the address bar or sometimes just open it in a new tab your fine. This happens in both IE and Firefox. I am running windows 7 and I have had no other problems. I have scanned the computer with spybot and avg 9 both in safe mode and in normal mode still nothing. Here is my hijack This! log.

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 6:52:24 AM, on 12/23/2009
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Safe mode with network support

Running processes:
F:\Windows\Explorer.EXE
F:\Windows\system32\ctfmon.exe
F:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
F:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink... Read more

More replies
Relevance 74.62%

DDS.txt Log is below and Attach.txt is attached with this topic.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Jigi at 18:43:11 on 2012-03-22
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4030.1313 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32... Read more

Answer:I use Bing search and search links redirected to http://dailyprize-winners.com

Hello and Welcome to Bleeping Computer!!My name is Gringo and I'll be glad to help you with your computer problems. I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us1.Do not run any other tool untill instructed to do so!doing so will only at best cause you unneeded worry as it finds our backups and may even list our toolsand at worst can cause conficts with our tools and lead to unforseen things to happen2.Please Do not Attach logs or put in code boxes.besides the time it takes me to open the reports it makes it harder to find something if I need to go back to do more research and putting them in code boxes just makes them so hard to read3. After each step give me a little feedback It does not need to be long but just something so I know how things are going it can be something likeI am still getting redirected The computer is running as it shouldDon't put things like - it is the same as before or still the same this just makes me go back and look for you last feedback as to how things are4. read every post completely before doing anythingPay special attention to the Notes** I have put inThese are things I have found that happen allot and can be taken care of easily just by reading the Notes**Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.Ba... Read more

9 more replies
Relevance 74.21%

When doing google searches in Firefox or IE the links will get redirected when clicked on.
When the redirect is happening www.search-tracker.net appears in the bottom bar of firefox and the page displayed is wrong.
If I copy the link from the page (right click/copy link location) and paste it into the tile bar it always works correctly.
AVG does not show any issues.
Comcast cable network offers free install of McAfee security suite that I use to run.
When this issue showed up I found I could no longer do a virus scan with McAfee as the computer would reboot when the scan started.
All the management functions of McAfee worked fine but start a scan and the computer reboots.
I uninstalled McAfee and installed AVG.
AVG did one round of cleaning and now can't find anything.
I don't remember what AVG found other then tracking cookies. If it leaves a log behind that may still be around.
I have tried to install and run Malwarebytes' Anti-Malware.
It seems to install fine but will not run. Double click the icon and nothing.
I have uninstalled and reinstalled several times but nothing. Never tries to do the update either.
I have uninstalled and reinstalled Firefox but that did not help.
I just copied the the mbam.exe file to a new name and double clicked that and it started up. Cool.
I have attached the attach.txt file.
The Malwarebytes run finished. 1 Trogan.Agent was found. I have attached that log file also.
I will send this and then have Malwarebytes remove it. I will then ... Read more

Answer:Links in google search results get redirected / www.search-tracker.net

Hello dchoyt,Uninstall these old versions of Java, as they are malware magnets. Java™ 6 Update 2Java™ 6 Update 3Java™ 6 Update 5Java™ 6 Update 7Java™ SE Runtime Environment 6Java™ SE Runtime Environment 6 Update 1We will run ComboFix. You should NOT use Combofix unless you have been instructed to do so by a Malware Removal Expert. It is intended by its creator to be used under the guidance and supervision of an Malware Removal Expert, not for private use. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Please read Combofix's Disclaimer. Further, ComboFix logs are not permitted outside the HijackThis forums and then only when requested by a HJT Team member. You need to disable your AVG Antivirus before running ComboFix, as it will prevent it from running. To disable AVG antivirus: Please open the AVG Control Center program -> double-click on the "AVG Resident Shield" component (looks like this: ) -> deselect the "Turn on AVG Resident Shield" checkmark and save the setting.When you need to enable the AVG Resident Shield, just open the AVG Control Center program -> double-click on the "AVG Resident Shield" component -> select the "Turn on AVG Resident Shield" checkmark and save the setting.Note: If you already have a copy of ComboFix on your system it is essential that you delete it before downloading this ... Read more

15 more replies
Relevance 73.8%

When I search on google and try to click on the link it get's redirected to another search site. I did have a copy of ulead video 9 that I used a pn off the internet, but then I found my pn so I deleted the program and have not reinstalled yet.


DDS (Version 1.0) - NTFSx86
Run by Lori at 12:26:31.78 on Tue 11/18/2008
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.3006.1801 [GMT -7:00]

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\... Read more

More replies
Relevance 72.16%
Question: solution found

solution found.

More replies
Relevance 72.16%

Was a solution ever found for this problem?

PC Keeps Rebooting by SNP

It seems alot of people, including myself, have had this problem. Some speculated that it was an AGP Graphics card problem, others stated it was a Processor problem, while others also stated that the motherboard needed to be replaced...basically in this thread...every single option was exhausted but not resolution came to.

All I can think of is that there is a few factors in common here...

1. The people having this problem are using and AMD processor.

Im using the same as SNP.... 1.0ghz AMD Athlon

2. She had recently updated her drivers on her nVidia graphics card.

While the problem doesnt strictly rely on it being an Nvidia driver problem, seeing as I have an ATI Radeon 9200 and so did another member describing a similar problem, he has something to do with the updating of the driver aswell...

See, I updated my drivers the same day I started getting the "Keeps rebooting no matter what syndrome", and i forgot to uninstall my old ones...now, I cant even get past the "rebooting syndrome".

Im starving for a fix on this if anyone can help out....

I am really having a hard time thinking its a power supply or mobo problem, but more on a problem that has to do with the AGP Graphics card drivers conflicting with each other....

Can anyone shed any light?
 

Answer:Was a Solution Found?

Have you tested in safe mode or VGA mode to see if you can replicate the issue?

What happen if you uninstall the Video driver and you force the VGA driver?

What is the STOP error that you get?
Uncheck - automatically restart from system properties/advanced tab/start up and recovery.
 

2 more replies
Relevance 71.75%

If I search something from a website like google, and I click the link. It will sometimes redirect me to an ad. it doesn't redirect me all the time, but if I were to open a wikipedia page about the Olympics 10 times. It will redirect me about 3 times. I have used avg, panda, kasperkey, spybot s&d, malwarebite, superantimalware, combofix, tdsskiller. Some of them only find malware, but never anything that removes this virus. The virus scanners never find anything. Also I have tried these things in safe mode also.

I tried using this forum before Search links being redirected. but they weren't really any help.

I've used panda, avast, spybot s&d, tdss, malwarebytes, trojan remover, hitmanpro, avg, superantimalware, combofix and kasperkey, they find and remove small things like cookies, but they don't find anything else and the redirecting still happens.

More replies
Relevance 71.75%

Hello,A few days ago I started getting redirected to random ads and websites when I click on a search result in google. I've run both McAfee and AdAware scans, but they haven't found any problems. Here is my HijackThis log. I appreciate any help!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:48:24 PM, on 9/30/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\WLTRYSVC.EXEC:\WINDOWS\System32\bcmwltry.exeC:\Program Files\Lavasoft\Ad-Aware\AAWService.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\dlcxcoms.exeC:\Program Files\Juniper Networks\Common Files\dsNcService.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\PROGRA~1\McAfee\MSC\mcmscsvc.exec:\program files\common files\mcafee\mna\mcnasvc.exec:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exeC:\Program Files\Common Files\Micro... Read more

Answer:Search links being redirected

Hello sro1987Welcome to Welcome to BleepingComputer =====================Download OTL to your desktop.Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.When the window appears, underneath Output at the top change it to Minimal Output.Under the Standard Registry box change it to All.Check the boxes beside LOP Check and Purity Check.Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.===========Download This file. Note its name and save it to your root folder, such as C:\.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.Click on this link to see a list of programs that should be disabled.Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")Allow the driver to load if asked.You may be prompted to scan immediately if it detects rootkit activity.If you are prompted to scan your system click "Yes" to begin the scan.If not prompted, click the "Rootkit/Malware" tab.On the right-side, all items to be scanned should be checke... Read more

1 more replies
Relevance 71.75%

Quickly I'll thank all those that take their time to help others here, and then try to be specific with my problem. I'm having my search links redirected by some hijack. There seems to be a lot of this going around lately. I mainly use Google, but I tried other engines, specifically Bing, and it got redirected too. This has occured with both IE & Firefox.
I've cleaned up my system with Spybot, McAfee, Windows Defender, & MBAM. Almost all now give me the all-clear; however, McAfee still finds two NTOSKRNL-HOOKs when it scans. It always deletes them, but still finds them again next scan.
I've tried Gooredfix, and it seems to do nothing. I have its log, though, if one is interested. I have MBAM logs, too, as well as HJT logs.
I'm out of other ideas and am tired of this, as it's gone on a couple days. So, I submit to those who know more than I. Let me know what else I can do to make things clearer for your understanding if needs be, and I hope I'm doing this all right.
Here's my DDS.txt with Attach.txt attached:

DDS (Ver_09-07-30.01) - NTFSx86
Run by John at 18:16:38.52 on Fri 08/14/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.639.193 [GMT -4:00]

AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Progra... Read more

Answer:Search links redirected. Tried everything else.

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 71.75%

Previous topic in AII here: http://www.bleepingcomputer.com/forums/t/312166/google-searches-redirected/ ~ OBHi,Yesterday, I somehow managed to get myself some nasty sort of virus. At first, I wasn't even able to run virus scans or Malwarebytes to get rid of it, so I attempted a system restore. The system restore seemed to solve most of my problems, except my AVG resident shield constantly popped up telling me there was a threat. After running both an AVG scan and Malewarebytes, that problem, too, seems to have subsided.Now, however, when I clink on links in Google, I am redirected to other websites. I have run Malwarebytes, AVG virus scan, Hitman, and SuperAntiSpyware several times each to no avail. The DDS scan results are below, however, I was unable to run GMER. The first time I attempted to run it, the scan began, but a few minutes later my computer froze. I assumed this was because I had a couple windows open, so I restarted my computer and tried again with nothing open. This time, I started the scan and went away from my computer, only to return a few minutes later and see that my computer had a blue screen of death.Edit: I noticed today that sometimes while I'm browsing the internet, a new tab will randomly open up and go to some website as well.DDS (Ver_10-03-17.01) - NTFSx86 Run by AdamC at 16:45:23.09 on Sat 04/24/2010Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_20Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2389 [GMT -4:00]AV: A... Read more

Answer:Search links redirected

Hello AdamC243 Welcome to the BC HijackThis Log and Analysis forum. I will be assisting you in cleaning up your system.I ask that you refrain from running tools other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond the your topic and facilitate the cleaning of your machine.Please keep in mind that we have a large backlog of users just like yourself waiting to be helped so try to be as timely as possible in your replies. Since we do this on a part-time voluntary basis we are limited on how many logs we can respond to and keep open due to time restraints. If you have to be away or can't answer for some other reason just let me know. Thank you for your understanding.After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.I would like for you to try GMER once again but this time uncheck everything but Sections and then give it a try.Also please run the following prior to attempting GMER again:RKill by GrinlerLink #1Link #2Link #3Link #4Download Link #1.Save it to your Desktop.Double click the ... Read more

20 more replies
Relevance 71.75%

Howdy, An unfortunate click on a pop-up window appears to have infected our Vista machine with some malware that redirects our google searches to other sites. It also occasionally starts up an IE session by itself. We've tried our McAfee Security Center scans and the HitMan Pro 3.5 software, but the problem persists. Also...when I was saving the GMER scan, my bleeping computer locked up and I got the Vista version of the BSOD. Before I could read everything, the machine rebooted. As it restarted, I got a message saying the System Event Notification Service had a problem and I should read the log. I'll try to find it after I finish this post. I'll appreciate any help you can provide!DDS (Ver_10-03-17.01) - NTFSx86 Run by GlennFam at 14:23:18.22 on Sun 06/13/2010Internet Explorer: 7.0.6001.18000Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.3325.1912 [GMT -6:00]SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\system32\Ati2evxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRe... Read more

Answer:Search links being redirected

GreetingsOne or more of the identified infections is a Backdoor Trojan.This could allow hackers to remotely control your computer, steal critical system information and download and execute files.I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC could be compromised and there is no way to be sure that your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?When Should I Format, How Should I ReinstallWe can still clean this machine but I can't guarantee that it will be 100% secure afterwards. "If you would like to continue, then follow the steps below, otherwise please let me know"I Would like you to do the following.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Run Combofix:Please visit th... Read more

11 more replies
Relevance 71.75%

Hello, Everytime i use google or any other search tool and i click on a link i am redirected to various sites. It is not the same site every time. Deckard's System Scanner v20071014.68Run by cpsdhen on 2008-04-26 10:29:36Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 5 Restore Point(s) --57: 2008-04-26 14:29:42 UTC - RP57 - Deckard's System Scanner Restore Point56: 2008-04-25 20:13:14 UTC - RP56 - System Checkpoint55: 2008-04-24 20:11:17 UTC - RP55 - System Checkpoint54: 2008-04-23 19:19:09 UTC - RP54 - Installed Conductix Quick Quote53: 2008-04-23 18:06:41 UTC - RP53 - System Checkpoint-- First Restore Point -- 1: 2008-02-01 07:07:00 UTC - RP1 - System CheckpointBacked up registry hives.Performed disk cleanup.-- HijackThis (run as cpsdhen.exe) ---------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:30:55 AM, on 4/26/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WI... Read more

Answer:Search Links Redirected

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Please download ComboFix and save it to your desktop.Prior to running Combofix.exe you should disable your antivirus program and disconnect from the internet.Double click combofix.exe and follow the prompts.When it's done running it will produce a log for you. Please post that log in your next reply.Important Note - Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

2 more replies
Relevance 71.75%

Hello,
My computer has recently started to redirect my search links to various spam websites. I am running Windows 7 and the problem occurs in Firefox.

I have run a Malwarebytes scan and a SuperAntiSpyware scan; both found problems, but once the viruses/malware were removed, the redirect problem continued to happen. Any help with this issue would be greatly appreciated.

Additional Notes: I am not running Windows 7 SP1 because the installer always comes up with an error; I believe the problem is being caused because I dual-boot Fedora.

Answer:My search links are being redirected.

Hello, let's run this next and see if it stops.Please post the MBAM log. The log is automatically saved and can be viewed by clicking the Logs tab.Copy and paste the contents of that report in your next reply.Please download MiniToolBox, save it to your desktop and run it. Checkmark the following checkboxes: Flush DNS Report IE Proxy Settings Reset IE Proxy Settings Report FF Proxy Settings Reset FF Proxy Settings List content of Hosts List IP configuration List Winsock Entries List last 10 Event Viewer log List Installed Programs List Users, Partitions and Memory size.Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.Please download TDSSKiller.zip and and extract it.Run TDSSKiller.exe. Click on Change Parameters Put a check in the box of Detect TDLFS file system Click Start scan.When it is finished the utility outputs a list of detected objects with description.
The utility automatically selects an action (Cure or Delete) for malicious objects.
The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click ContinueLet reboot if needed and tell me if the tool needed a reboot.Click on Report and post the contents of the text file that will open.

Note: By default, the utility outputs the log into system disk (it is usually the disk with installed o... Read more

12 more replies
Relevance 71.75%

All browsers are being redirected when I click a search link. I have attempted to clean the system myself by running the Security Tango. All scans show the system as being clean(Avg Free, Malwarebytes, SuperAntiSpyWare). The hosts file seems to be clean as well.
 
Thank you for any help.
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16521  BrowserJavaVersion: 10.21.2
Run by mike at 17:16:49 on 2013-05-31
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3835.2171 [GMT -4:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k Lo... Read more

Answer:search links being redirected

Hello sirdartan I would like to welcome you to the Malware Removal section of the forum.Around here they call me Gringo and I will be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same... Read more

14 more replies
Relevance 71.75%

I am having trouble with my XP computer. When I do a search using IE or Firefox, then click on any of the links, I am redirected to some unrelated advertising site.

I have use Maleware Bytes, (free version) SpyNoMore (paid subscription) CCleaner, and McAfee Security Suite. I have run these until the results all come back clean. As soon as I get on the internet, I get hijacked again.

I'm hoping that bleepingcomputer.com can help me get my computer back on track. I am not very a techincal person, so I hope any help is in easy to understand and follow terms.

I am doing this initial post from work, so I do not have access to my problem computer right now.

Thanks.
vickilz

Answer:Search links being redirected

Hello let's do a couple more...Please download TFC by Old Timer and save it to your desktop. alternate download linkSave any unsaved work. TFC will close ALL open programs including your browser! Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator. Click the Start button to begin the cleaning process and let it run uninterrupted to completion. Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.Now run SASPlease download and scan with SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)In the Main Menu, click the Preferences... button.Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Wi... Read more

11 more replies
Relevance 71.75%

Running Windows XP on a hp pavilion laptop. Just about every time I click on a search link, I get redirected to another site like webcry.com or findstuff.com. Really annoying!! Any help would be greatly appreciated.
 

Answer:Help! My search links keep getting redirected!!

staninbji said:


Running Windows XP on a hp pavilion laptop. Just about every time I click on a search link, I get redirected to another site like webcry.com or findstuff.com. Really annoying!! Any help would be greatly appreciated.Click to expand...

oh yeah, I forgot. Whatever it is also deleted all of my system restore points, so I can't go back beyond the date I picked it up.
 

2 more replies
Relevance 71.75%

My search result links (In Google or Bing) are being redirected. I would be thankful for any help.

HiJackThis results:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:01:59 PM, on 7/31/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Users\Dena_2\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\PIXELA\ImageMixer 3 SE for SD\CameraMonitor.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.ex... Read more

More replies
Relevance 71.75%

If I search something from a website like google, and I click the link. It will sometimes redirect me to an ad. it doesn't redirect me all the time, but if I were to open a wikipedia page about the Olympics 10 times. It will redirect me about 3 times. I have used avg, panda, kasperkey, spybot s&d, malwarebite, superantimalware, combofix, tdsskiller. Some of them only find malware, but never anything that removes this virus. The virus scanners never find anything.Edit: Also I have tried these things in safe mode also

Answer:Search links being redirected.

Alright, so I followed the instructions from the links you gave me and I saw no tdsserv.sys/alureon.sys in my device manager even after showing all hidden devices. I went to my host file in notepad, there was one extra ip, something like "::1" which I deleted and the problem persisted. When I went to device folder. I didn't find any files with the name TDSSserv.sys/TDSSSserv.sys/Alureon.sys/TDSSI.dll. I've deleted all my temp internet files and the problem persist. I already used malware bytes anti malware, still nothing showed up. The problem still persist.

6 more replies
Relevance 71.75%

On a friends computer, when doing a search, the list comes back looking as it should but clicking on a link to visit that page will usually go to some unrelated shopping site. I have noticed that there is a lengthy delay (10-15 seconds) if the link is being redirected while there is no delay on those rare occasions when the link works properly. Although Google is the primary Search Engine, the redirection also occurs with Yahoo and Bing. It also occurs from both the Google Toolbar search and the main Google web page.I have tried repeatedly to run GMER.EXE but I am unable to get a complete run. The first three runs ended in a Blue Screen (STOP 0c000021a). After updating all of my drivers, I no longer get the Blue Screen error. However, on 3 occasions, the computer froze while scanning /Cdfs and on two other occasions, the computer froze at some other location during the scan. On one occasion, I was able to complete the scan, but as soon as I clicked on the Save button, the computer froze. All freezes are "hard" freezes. Nothing can be done except to power off the computer and power it back on again.Here is the DDS.txt file:DDS (Ver_10-03-17.01) - NTFSx86 Run by Kim Falconer at 11:30:19.15 on Mon 08/16/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2492 [GMT -4:00]AV: McAfee Anti-Virus and Anti-Spyware *On-access scanning disabled* (Updated) Close topic 0FW: McAfee Firewall *enabled* BOTTOM BUTTON... Read more

Answer:Search Links Redirected

Hi James, to Bleeping Computer My name is SpySentinel and I will be helping you fix your malware problem.Sorry for the delay, we have been very busy lately, and I apologize for your wait.Please read carefully and follow these steps. Download TDSSKiller and save it to your Desktop.Extract its contents to your desktop.Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.If an infected file is detected, the default action will be Cure, click on Continue.If a suspicious file is detected, the default action will be Skip, click on Continue.It may ask you to reboot the computer to complete the process. Click on Reboot Now.If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.Download ComboFix from one of these locations:Link 1Link 2Link 3* IMPORTANT !!! Save ComboFix.exe to your DesktopDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our toolsDouble click on ComboFix.exe & follow the prompts.As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections... Read more

15 more replies
Relevance 71.75%

Whenever i search in google, yahoo, or live and click on the search link, i am being redirected to a different site. I ran adware, spybot, and avast scans, they picked up some malware and viruses which removed, but my links still are redirected.

Answer:search links are being redirected

help?

2 more replies
Relevance 71.75%

Hi I have a computer which have all search results redirected, google,yahoo,bing,etc... to mx2(dot)35326(dot)get-search-results(dot)com/jump1/xxxxxxxxxxx.................................

I have ran Malware Bytes with updated definition file, but didn't capture anything.

Computer have updated Trend Micro OfficeScan as well.

Any ideas what i should be trying ?

Answer:All search links are redirected

Hello and welcome. Perhaps we can get in like this.Reboot into Safe Mode with Networking How to enter safe mode(XP)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode with Networking using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. >>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.RKill....Download and Run RKillPlease download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4

Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
If nothing happens or if the tool does not run, please let me know in your next replyDo not reboot your computer after running rki... Read more

3 more replies
Relevance 71.75%

Hello,

I'm running WIndows Vista on a Toshiba Laptop.

When I click on search links in Google or Yahoo they are redirected to something else altogether. I have Trend Micro and have run that and gotten no results and ran SpyBot S&D with no results either.

DDS.txt below...and other files attached as per instructions page...

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16455
Run by Kenneth at 10:32:38 on 2012-12-06
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.2038.1142 [GMT -5:00]
.
AV: Trend Micro Titanium *Disabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}
SP: Trend Micro Titanium *Disabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
C:\Program Files\Windows Media Player\wmpns... Read more

Answer:Search links are redirected

Hello and welcome to TSF.

I am currently reviewing your post. I will be back with a fix for your problem as soon as possible.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification then click Subscribe.
----------

Please download TDSSKillerDouble click TDSSKiller.exe
Press Start Scan
Do Not Attempt To Fix Anything Now. We just need to look over the report and be sure we are removing the correct
items.
Attach the log in your next replyA copy of the log will be saved automatically to the root of the drive (typically C:\)

----------

13 more replies
Relevance 71.75%

About two weeks, I had a problem where my background changed into a bright green screen and I received several warnings about virus and malware installed. The system would not let me open the task manager and was running very slow.

I check the registry and found that a setting was changed to prevent opening the task manager. I changed this back, and found a program taking 100% of the system resources. I killed the process and run my Spyware Doctor which found and removed several infections.

This allowed me to use my system and run programs again, but, my Google Search results started redirecting me other sites. I normally have to click on a link several times to get to the correct site. I also get random tabs popping up asking me to take "surveys".

I have tried Malbytes and SUPERAntiSpyware but to no avail.
DDS (Ver_09-12-01.01) - NTFSx86
Run by Bruce at 21:30:38.68 on Fri 12/25/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.692 [GMT -7:00]

AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\... Read more

Answer:Search links are being redirected

This has been resolved.

I downloaded Kapersky Internet Security that identified rootkit.win32.TDSS.d

Kapersky was not able to remove this, but a google search pointed me to a program called TDSSkiller.exe

This identified and removed the rootkit.

2 more replies
Relevance 71.75%

Whenever i search in google, yahoo, or live and click on the search link, i am being redirected to a different site. I ran adware, spybot, and avast scans, they picked up some malware and viruses which removed, but my links still are redirected.

Answer:search links are being redirected

Re-direction is ALMOST ALWAYS caused by malware issues...Even though you have run a few scans with IMHO good products they may or may not pick up every sign of infection. I would open up a new topic here:http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/Let the experts there guide you in the removal of what may be causing this issue....I would also highly recommend that you limit your use of the internet until this issue is resolved as someone may be stealing valuable information from you without you even knowing about it...

1 more replies
Relevance 71.75%

Most search links are being re-directed- some virus infection for sure. I scanned using Malware Anti-virus s/w v1.41 with latest update, which found 4 rootkit(?) infections, and removed all these. SUPERAntiVirus 4.30 did no find any viruses. I would highly appreciate any help in fixing the problem. I have a Windows XP SP2.Thanks,SatyaFollowing the steps given in this link: http://www.bleepingcomputer.com/forums/t/271066/keep-getting-redirected/, I ran Gmer, RSIT and Malwar Anti-virus. Please find the logs below:Merged posts. ~ OB

Answer:search links being redirected

Anyone who could help me? Much appreciated.

3 more replies
Relevance 71.75%

Neither spybot, McAfee, Malware Bytes or Windows security can find the responsible ap and get rid of it. Can you help? HJT post is attached below.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:32:00 PM, on 11/22/2009Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v8.00 (8.00.6001.18828)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\DellTPad\Apoint.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\Dell\MediaDirect\PCMService.exeC:\Program Files\McAfee.com\Agent\mcagent.exeC:\Program Files\Dell V305\dldtmon.exeC:\Program Files\DigitalPersona\Bin\DpAgent.exeC:\Program Files\IDT\WDM\sttray.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Windows\ehome\ehtray.exeC:\Program Files\Dell Support Center\bin\sprtcmd.exeC:\Program Files\DNA\btdna.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\Program Files\Dell V305\dldtMsdMon.exeC:\Program Files\DellTPad\ApMsgFwd.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files\DellTPad\HidFind.exeC:\Program Files\DellTPad\Apntex.exeC:\Windows\ehome\ehmsas.exeC:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files\Mozilla Firefox 3.6 Beta 2\firefo... Read more

Answer:all search links redirected

And unfortunately you did not see the warning about not post Hijack This logs with a request from a helper. The moderator will most likely delete this post when he/she sees it so helping you would be a waste of time.

3 more replies
Relevance 71.75%

Search links are redirected by this ip address 216.133.243.28

Answer:Search links are redirected

Hello crmadison,I apologise for the delay, the forum is busy.---------------------------------------------- I will be assisting you with your malware issues.Whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.Continue to respond to this thread until I give you the All Clean! If you have any question or you're stuck in there please reply it to me. I will try my best to help you!Please bookmark or favourite this page. In case you need it as reference or etc.If you fail to reply in 5 days period from now, this thread will close, and you will have to open another topic, and wait for another helper.IMPORTANT NOTE:If you are using Windows Vista you must right click on the desktop icon and choose Run as Administrator all tools.----------------------------------------------Malwarebytes' Anti-MalwarePlease download Malwarebytes' Anti-Malware to your desktop.Double-click mbam-setup.exe and follow the prompts to install the program.At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select Perform full scan, then click Scan.When the scan is complete, click OK, then Show Results to view the results.Checked (tick) all items except items in the C:\System Volume Information folder, and click Remove Selected.When completed, a ... Read more

2 more replies
Relevance 71.75%

When i click o a link in a google search it is redirected to another site, After 3 or 4 tries this problem stops until ther are new search results. I have tried all sorts of scands and virus checks bur can nor et rid of the problem. I only have this with y desktop achine . My laptop is free of the problem. I see from other posts that you ave been able to solve the problem. Any help would be appreciated.
Hi-jack This log attached.
Logfile of HijackThis v1.99.1
Scan saved at 12:51:26, on 25/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
G:\Ashampoo Magical Defrag 2\bin\aDefragService.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
G:\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
G:\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\program files\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\M... Read more

More replies
Relevance 71.75%

Search links are being redirected to various sites. If I click on the link quickly it will take me to the correct site. On occasion a Google window (I am not sure if it is authentic) will open. Thanks for any help you can provide.

Sorry, additional information. I am using Windows XP and Firefox. I have tried IE and have the same problem. I have ran Malwarebytes, which has found some issues, but it has not fixed this problem.

Answer:Search links being redirected

Try this:http://www.bleepingcomputer.com/virus-remo...sing-tdsskiller

1 more replies
Relevance 71.34%

I was not able to sign in to MSN or access Windows Updates and got the 0x800B004 error. Jupiter Jones [MVP] from MSN gave several suggestions at the Windows Update Newsgroups and I finally found one that worked ! ! ! I have searched for hours! ! !

He said to register the following files with these steps:
1. Click on Start, Run and type REGSVR32 SOFTPUB.DLL
Wait until you get the popup message that this process succeeded.
2. Click on Start, Run and type REGSVR32 INITPKI.DLL
Wait until you get the popup message that this process succeeded.
3. Click on Start, Run and type REGSVR32 MSSIP32.DLL
Wait until you get the popup message that this process succeeded.
4. Now try to access MSN and the Windows Update site and see if you get the same error.
You can look at Jupiter Jones' list of suggestions on the Windows Update Newsgroups. It was dated 12/2/2003 at 9:38:13 PM.
 

More replies
Relevance 71.34%

After weeks of dealing with this painful popup, I've figured out how to get rid of it, yay me! Registered just to post this.. -_-The one in particular are these mentioned:http://www.bleepingcomputer.com/forums/t/179110/mtn5goolews-and-popupadvnet-malware/http://www.bleepingcomputer.com/forums/t/178465/mtn5goolews-and-popupadvnet-malware/http://answers.yahoo.com/question/index?qi...02232323AApHUQ9http://www.wilderssecurity.com/showthread.php?p=1346489Firstly, the DNS settings on the router has been changed to be that of the "virus". So just select "restore defaults" on the router (Or input some other DNS server yourself, I use OpenDNS!), and change the username/password.Secondly, the DNS settings on the host PC have been changed, and an application is still lurking changing it back. A simple virus scan in Windows Safe-Mode gets rid of it, I use Avira-AntiVir Pro.Very simple solution, and it would be appreciated if one of the staff would put this information in the 2 BleepingComputer topics above.

Answer:Solution found to ADV.net popups.

Thanks TigerTails

1 more replies
Relevance 71.34%

after a couple of months of agony, and almost throwing a phone against the wall, i've finally managed to make the lumia 550 work properly.
let me explain what i tried doing, but didn't work:
soft and hard reboot, using the phone without the memory card, storing the apps on phone memory - nothing helped.
so i downloaded the system recovery tool (or whatever it's called), and reverted my 550 to default system version. upon the first startup, i've disabled all connections, and turned off all the automatic updates i could find. none of the store apps are being updated, and it's not downloading the phone updates either (for now, this is day2).
all the "outdated" apps are working more than good, phone is WAY faster, it's not lagging, crashing or anything.
i hope this can help to someone.
cheers

Answer:Found a solution to 550 being awful

Haven't you already posted this?
I've used a Lumia 550 without any of the issues you are experiencing.
Also you don't mention if you have used the Windows Device Recovery Tool to check for/update the firmware.
If you need additional help or have more questions or details to share, please join the site so you can reply in this thread. See this link for instructions on how to join Windows Central.

1 more replies
Relevance 71.34%

Greetings Win10sters,

I'm the Mac switcher that visits now and again. The Windows noob from 2016. Nearly all is well with thanks to you and yours. But I do have a question. You see -- I believe I found an answer but since I'm still noobish I'm actually not sure I did.

PROBLEM -- My Asus VivoMini PC is a brand new little beauty. Takes up very little room yet gives me the muscle I need. The problem? The fan WHIRS on at the drop of a hat.

I can be on a webpage like this... typing text into a comment field like this... and actually hear the fan whir more when typing and then ease off when I'm not. Stupid sensitive for an i5. Terribly 'tuned' as it were.

Open a web browser and the fan ERUPTS. Loading page after page. Dies down once done but again... just sneeze its way and the fan briefly kicks on... then off. On... then off.

SOLUTION -- Somewhere on YouTube I saw a dude essentially suggest this --

The result? Fan is always on but typically quiet. If I tax the system the fan increases moderately. I can type these words and here zero increase of fan.

BUT IS IT FIXED -- Sounds like it is, right? But since I'm not sure what I'm doing I don't know if I'm creating a problem down the line.

My first obvious choice was to involved Speccy and verify that the system wasn't running warmer now. Tricky to test but I got zero indication that I'm making the system warmer by doing this.

So tell me -- did I fix it? Or am I screwed?

Thanks in advance for all HELP

More replies
Relevance 71.34%

after a couple of months of agony, and almost throwing a phone against the wall, i've finally managed to make the lumia 550 work properly.
let me explain what i tried doing, but didn't work:
soft and hard reboot, using the phone without the memory card, storing the apps on phone memory - nothing helped.
so i downloaded the system recovery tool (or whatever it's called), and reverted my 550 to default system version. upon the first startup, i've disabled all connections, and turned off all the automatic updates i could find. none of the store apps are being updated, and it's not downloading the phone updates either (for now, this is day2).
all the "outdated" apps are working more than good, phone is WAY faster, it's not lagging, crashing or anything.
i hope this can help to someone.
cheers

Answer:Found a solution to 550 being awful

after months of agony, and almost throwing the 550 against the wall, i've finally managed to make it work.
browsing these forums, everyone had the same advice - soft or hard reboot; i've tried that, i've also tried taking the mem card out, and installing all apps to phone memory; nothing worked.
yesterday, i got pretty pissed and tried finding a way of installing win8.1. didn't make it, but i've downloaded the recovery tool, and reverted the phone to a default version (think i got it with this one). i didn't allow any internet connections, and i've turned off ALL automatic updates i could find. windows isn't downloading or installing updates (for now), and the apps need my permission before even downloading (mobile network and wifi were turned on after i set the update settings)
now everything works flawlessly (except for the newly downloaded apps, ie fb messenger crashes everytime i try snapping a photo through it, it was doing the same before this "fix"). the "outdated" apps are simply perfect, nothing is crashing, the phone is fast and responsive, and it's much closer to 8.1 experience.
hope more people will try this and provide feedback.
cheers!

more replies
Relevance 71.34%

Hi, I've literally spent hours upon hours on phones, on my settings tweaking things to figure out WHY I can't host games for other people. I will post everything that might be relevant to my problem. I've googled pretty much everything I can think of.

Computer IP: 192.168.1.2
Router IP: 192.168.1.1
Router Info: Linksys WRT54G2

I've gone to portforward.com and followed the directions specific to that router, I HAVE set up a static IP address and I have forwarded the correct ports, there is no question about that and yes it is forwarded to (.2). I have also tried enabling DMZ, still no cigar. I've also helped other players port forward their routers successfully using this website, but for some reason it has not worked for me.

-I am on a Mac OS X 10.5.5, using Gameranger trying to host games on Age of Empires II

-When I click the host button, I get an error message saying "Port-restricted Cone NAT Router" I've googled it, but it never gives me an easy definition to understand, or how to get rid of it if need be. I'm not sure if this is even relevant, but since it says "Port-Restricted" does this mean that I cannot forward ports or something?

-I have a DSL connection, connects through a modem, to a router, to my computer.

-I have checked my computer for firewalls, none. I have also disabled all the firewalls on my router as well. I have called my ISP and they said they don't do any blocking in their modems.

-My ... Read more

More replies
Relevance 71.34%

Hi Guys
I'm including a thread of a post about Query My CA Information because I am having the same problem when I start up or login
and I DO NOT have a Belkin Wireless device installed nor have I ever??? FYI ...
Join Date: Sep 2006
Experience: Junior System Builder
28-Sep-2006, 04:42 PM #1
Solved: LIBEAY32.dll most likely related to a belkin wireless adapter
Hello,
I recently had a problem with my signal strenght and my Belkin wireless adapter not working properly. I have fixed them it seems, however in my zeal to remove the old wireless adapter completely I think I accidentally messed with a .dll file I wasn't supposed to. Now I recieve this message every time I start my comp:

Title:
Query My ca Information: InfoMyCa.exe - Ordinal Not Found LIBEAY32.dll.
Body:
The ordinal 968 could not be located in the dynamic link library LIBEAY32.dll.

So I tried to download LIBEAY32.dll from a website, but I have no idea where to put it, and furthermore when I attempt to save it to the Belkin file it says that LIBEAY32.dll already exsists in that folder. So I'm totally lost as to what I need to do from here. I suspect it may be some sort of virus as I've erroneously downloaded or some sort of spyware, however it is just suspicion. PLEASE HELP ME I'M CLUELESS! THANKS!
sincerely,
sam p.
Register for free to hide this ad!
Ads by Google
Computer Network Services
Design, Install, Fix, New/Existing Wired/Wireless, LAN/WAN, Firewalls
www.connectsis.com

ozrom1e

D... Read more

More replies
Relevance 71.34%

I had the Win32\gen worm,that continually dropped Adware,spyware.Brouser Hijackers,etc
It alterd GMER,Hijackthis,Spybot,Avast,It also escaped Norton,
After 7 different OS Re-installations,I finally used COPYWIPE to clean the infected Hard drive, and did not format the HD using another infected Os (XP Pro x64) 2 machines,same OS
I used The Windows Installation disc to format the clean HDD,Then Installed ,on what i thought was a "New HDD",after installing XP on the "Clean HD",i then used my two external HDD's that have various programs and drivers on them
The Two external drives i use to transfer files& programs(,both were formatted with the Infected OS)
On those external drives i had various drivers and programs i use,but the External drives were formatted by the infected OS,which left them with two and (sometimes more) FOLDERS in System Volume Information.
They had "RECYCLE BIN",And "SYSTEM Volume Information"still on them,from the infected OS HDD,sometimes they had 2 "recycle bin folders,sometimes NOT.I used both external HDD's when i reformated and re-install XP ,and the other programs on the External Hard drives
When i Installed windows an a "NEW HDD",it never got rid of the existing files in System volume information
"ChangeLog" and "Mounting Point Remote Manager" and or Tracking Log

After installing XP on the "Clean HDD",i then ran Avast before even activating XP,it came up w... Read more

Answer:Found a solution to WIN32\GEN

It will help others,and thanks for posting your Fix.

1 more replies
Relevance 71.34%

Hi,Solution to fix the error 'jpeg dll' not foundI bought a PC few months back and recently i came across with an error message "Sorry, jpeg dll not found. You must reinstall this program" whenever PC is re-started. I came to know that, this error message is prompted for various reasons.First thing i did was searched for 'jpeg.dll' in my PC [C:\] and observed that this file was installed at so many folders say C:\WINDOWS\system32\, C:\Program Files\Java\jre6\bin\, C:\Perl\site\lib\auto\Tk\JPEG\ ...............To fix this error first i tried to un-install and re-install the PERL. That's it. Fixed. Now i encountered with no error message.So, if jpeg.dll issue is related to PERL, then the solutions are:SOLUTION: 1Uninstall and re-install the PERL SOLUTION: 2From your friends PC, copy jpeg.dll from path "C:\Perl\site\lib\auto\Tk\JPEG\JPEG.dll" [First, check the installation drive] and copy it at same path in your PC.Good Day

More replies
Relevance 71.34%

Had problem on my T60, DVD/CD not recognized and drive shown as problem. Have two T 60s so swapped drives, bad one worked in other T60 so I knew it wasn't hardware, had to be driver? Found this solution from MicroSoft support web site. Has self activated install and fix. Worked like a champ, got my drive back after 3 months. Glad I didn't rebuild this operating system like some other have. http://support.microsoft.com/kb/314060 

Answer:T60 DVD CD not seen or recognized - solution found

I had a similar problem.  Now its fixed. Thanks for your solution. 

1 more replies
Relevance 71.34%

Greetings Win10sters,

I'm the Mac switcher that visits now and again. The Windows noob from 2016. Nearly all is well with thanks to you and yours. But I do have a question. You see -- I believe I found an answer but since I'm still noobish I'm actually not sure I did.

PROBLEM -- My Asus VivoMini PC is a brand new little beauty. Takes up very little room yet gives me the muscle I need. The problem? The fan WHIRS on at the drop of a hat.

I can be on a webpage like this... typing text into a comment field like this... and actually hear the fan whir more when typing and then ease off when I'm not. Stupid sensitive for an i5. Terribly 'tuned' as it were.

Open a web browser and the fan ERUPTS. Loading page after page. Dies down once done but again... just sneeze its way and the fan briefly kicks on... then off. On... then off.

SOLUTION -- Somewhere on YouTube I saw a dude essentially suggest this --

The result? Fan is always on but typically quiet. If I tax the system the fan increases moderately. I can type these words and here zero increase of fan.

BUT IS IT FIXED -- Sounds like it is, right? But since I'm not sure what I'm doing I don't know if I'm creating a problem down the line.

My first obvious choice was to involved Speccy and verify that the system wasn't running warmer now. Tricky to test but I got zero indication that I'm making the system warmer by doing this.

So tell me -- did I fix it? Or am I screwed?

Thanks in advance for all HELP

More replies
Relevance 71.34%

Hya everyone well i just want to say thanks for all of you who spent time with me trying to solve my problem with deleting my old isp programme but what I did in the end was down load CCleaner went in to tools clicked on the programme and CCleaner removed all trace of the programme. I do not have the problems I had before. See previous posts. Thanks again this is a brill site.
 

More replies
Relevance 70.93%

This computer has been running very slow and erratically. I am 99% sure that the problem is malware.
I found a lot of junk and removed many suspicious looking toolbars and programs from Programs/Devices in the CP. I also saw "My Web Search" on the list but it could not be removed.

Also note numerous "My WEb Search" instances in the registry but I doubt if I got them all.

I have downloaded, installed and ran a thorough Windows Security Essentials which came up cleaning.
I also downloaded, installed and ran a thorough Malwarebytes scan.

Please advise.

Thanks

Answer:Malware suspected; found "My Web Search"

Hello webgal try these too the ADW download from bleeping computer.

Have you got CCleaner if not run that as well just be careful to keep cookies for passworded sites you need

CCleaner - Download < from piriform to keep cookies run the cleaner (Analyse) and the go to Options > Cookies > send any you want to the right hand list. The go go back and run the Cleaner.

http://www.superantispyware.com/

AdwCleaner Download

1 more replies
Relevance 70.93%

HI, this is my first attempt on this site to resolve my problem. I have an older HP system running windows 7 32 bit OS. A couple weeks back I noticed that the links in any of my searches were all being redirected to random and misc. ads for companies of varying types. Just before I noticed this I had one of those fake antivirus trojans taking over my pc which I removed using rkill and malwarebytes. I have ran malwarebytes multiple times since coming across the problem all of which showed no signs of malware or trojans. I have read many blogs and questions on this trying to come up with a solution to my problem following directions. I am completely stumped and quite a bit irritated with it in general. I have ran the 3 programs you said and will include all of the logs that they came back with. Thanks in advance for your time and support and I hope to hear back as soon as possible.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:03:21 PM, on 11/11/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\P... Read more

More replies
Relevance 70.93%

When clicking on a link after a Google search result it redirects to an undesired web page, also trying to use imagevenue image hosting service results in redirect. This sounds similar to problems others have been experiencing. I tried DDS but it didn't create the two log files. the result from GMER (too big to attach) and also too big to fully copy into this post)

Answer:Google search links get redirected

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.We need to create an OTL report,Please download OT... Read more

2 more replies
Relevance 70.93%

I'm having a problem where my internet searches are almost all getting redirected to other websites (some advertising, but sometimes it gets redirected to even google). It's happening on both IE and Firefox. Here's a list of the anti-virus programs and such that I already run on a daily basis:
AVG Anti-Virus Free Edition 2011
Malwarebytes Anti-Malware
Ad Aware
They haven't been able to fix the problem.
I just ran Hitman Pro 3.5 and it's saying my explorer.exe and winlogon.exe files are trojans (located in C:/windows and C:/windows/system32 respectively). Although I understand these files are vital to my operating system running smoothly. Any help in this matter would be greatly appreciated, thank you.

Answer:Internet search links are getting redirected

Please follow the instructions in ==>This Guide<==.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Once you have created the new topic, please reply back here with a link to the new topic.

1 more replies
Relevance 70.93%

Hello,

Regardless of browser or search engine, my search engine links are being redirected to random sites. It doesn't happen every time and if I click the link enough times, it will eventually go to the correct site. Also, from time to time, a new tab will open up in Firefox for a random site.

I have scanned with AVG, Spybot, Malwarebytes, SUPERAntiSpyware, and others, all to no avail.

My OS is Windows XP.

Any help would be greatly appreciated!

Here is my HijackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:01:33, on 5/8/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\Program Files\Mindjet\MindManager 7\MMReminderService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\ShirusuPad\ShirusuPad.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe
C:\Program Files\Netropa\Multimedia Keyboard... Read more

Answer:Search Engine Links Being Redirected

16 more replies
Relevance 70.93%

Where to begin? This is the last stubborn symptom of a rash of problems I have had. Have run updated Malwarebytes and Super AntiSpy in safe mode. The combination has been affective in eliminating almost all of the problems except the redirect issue. It is intermittent and if I go back to the google page and click the link again it goes to the correct link. Also I have AVG free running and have run several scans with it. I think I am to the point where I need to post a highjack log but am not sure. HELP!! Thanks in advance.

Drew

edit: Forgot to add that I am running Windows XP sp2 and using updated Firefox for my browser.

Answer:Google search links being redirected.

http://www.bleepingcomputer.com/forums/t/131299/how-to-use-sdfix/Please print out and follow these instructions: "How to use SDFix". When using this tool, you must use the Administrator's account or an account with "Administrative rights"Disconnect from the Internet and temporarily disable your anti-virus, script blocking and any real time protection programs before performing a scan.Please be patient as the scan may take up to 20 minutes to complete.When the process is complete, the SDFix report log will open in Notepad and automatically be saved in the SDFix folder as Report.txt.If SDFix is unable to run after rebooting from Safe Mode, run SDFix in either Mode, and type F, then press Enter for it to finish the final stage and produce the report.The SDFix report log (Report.txt) will open in Notepad and automatically be saved in the SDFix folder.Please copy and paste the contents of Report.txt in your next reply.Be sure to re-enable you anti-virus and and other security programs before connecting to the Internet.

5 more replies
Relevance 70.93%

Using the search bar in FF and IE, results come back but when clicking on a link it gets redirected to random websites. I have run the DDS and the logs were created, however when running GMER the computer locks up and I get a blue screen saying; "A problem has been detected...If this is the first time you've seen...Check hardware vendor for any BIOS updates... Technical information: ***STOP:0x0000008E(0xc0000005,0x00000044,0xA75A6AE4,0x00000000) beginning dump of physical memory..."

This has happened twice and I haven't been able to get a GMER log. The second time it happened the two middle figures in the brackets changed to (0xc0000005,0x00000048,0xa9775AE4,0x00000000)

Any help is much appreciated!


DDS (Ver_10-12-05.01) - NTFSx86
Run by Joseph Schafer at 15:09:40.46 on Thu 12/09/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_05
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.275 [GMT -5:00]

AV: Antivirus *On-access scanning enabled* (Outdated) {28e00e3b-806e-4533-925c-f4c3d79514b9}
AV: McAfee Anti-Virus and Anti-Spyware *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYS... Read more

Answer:Internet search links being redirected

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the ... Read more

13 more replies
Relevance 70.93%

Hi,

On an old m/c running Win98 I've had quite a few issues, most of which I've resolved using AVG, Spybot S & D and AdAware. One problem remains - there may be more but I'm not aware of them!

My problem is this:

Using IE to browse the web I can type in urls and go to the correct page. If I do a Google/Yahoo search for anything I get a genuine results page back. Clicking these links seems to be taking me to the right place but then gets redirected to other advertising/directory/comparison type sites or sites relating to Ebay. These sites refer to my desired link. This does not happen if I'm using Opera.

I include below a Hijack This log and a startup log.

Can anyone offer advice?

Thanks in advance!

Logfile of HijackThis v1.99.1
Scan saved at 21:37:33, on 11/02/06
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\EVNTSVC.EXE
C:\PROGRAM FILES\HIJACKTHIS.EXE

N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.... Read more

More replies
Relevance 70.93%

OS: XP SP3
Problem: Search link redirected
Scanned by Malwarebytes: no bad entry found
Prior to this redirect problem, there were many pop windows, a few MalWareBytes scans cleared those up:
- worm.win32.netsky,
- trojan: win32/fakeinit,
- trojanDownLoader: win32/renos

Now it seems the problem left is the search link redirect and occasional unexpected IE crash. The redirect links happen in fireFox too and with either google or Bing.
Can someone help me?
thank you!!!!!!!!!!!!
It seems the affected machine won't let me submit message to this forum too. I had to do it from another machine.
-----------------
HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:13:10 PM, on 5/24/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Google\Google Talk\googletalk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hot Keyboard Pro\HotKeyb.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.ex
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsv... Read more

Answer:search links redirected XP SP3 HJT log included

I give up. Reformatted the system.
 

1 more replies
Relevance 70.93%

i see lots of people are having the same problem and each incident has a different fix. so here are my logs
DDS (Ver_09-02-01.01) - NTFSx86
Run by Owner at 21:28:44.75 on Sun 02/08/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1526.1045 [GMT -5:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated)
FW: McAfee Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Lexmark 1300 Series\lxdcamon.exe
C:\Program Files\Nova Development\Photo Explosion 3.0 SE\calcheck.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Common Files\Apple\Mobile De... Read more

Answer:Search engine links are getting redirected

Hello, dempseyjosh to BleepingComputer.comMy name is Billy O'Neal and I will be helping you. (Billy or Bill is fine, if you like.)Please give me some time to look over your computer's log(s).Please take note of the following:In the meantime, please refrain from making any changes to your computer.Also, even if things appear to be running better, there is no guarantee that everything is finished. Please continue to check this forum post in order to ensure we get your system completely clean. We do not want to clean you part-way up, only to have the system re-infect itself. If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.Finally, please reply using the button in the lower left hand corner of your screen.We need to scan for Rootkits with GMERPlease download GMER from one of the following mirrors:This is the Primary mirrorThis is a Secondary mirrorThis is a Secondary mirrorClose any and all open programs, as this process may crash your computer.Unzip the downloaded file to your desktop.Double click on your desktop.Allow the gmer.sys driver to load if asked.You may see this window. If you do, click No.
Click on and wait for the scan to finish.If you see a rootkit warning window, click OK.Push and save the logfile to your desktop.Copy and Paste the contents of that file in your next post.In your next reply, please include the ... Read more

64 more replies
Relevance 70.93%

Hey guys. I'm having what seems to be a common problem around here. My Google search links are being redirected to ad sites. I do not have access to a boot disc. Thanks in advance for the help.


.

DDS (Ver_2011-06-23.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by hcrumley at 9:49:52 on 2011-08-17

Microsoft Windows XP Professional* 5.1.2600.3.1252.1.1033.18.3327.1881 [GMT -4:00]

.

AV: AVG Anti-Virus Business Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

============== Running Processes ===============

.

C:\PROGRA~1\AVG\AVG10\avgchsvx.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe

C:\Program Files\AVG\AVG10\avgwdsvc.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\AVG\AVG10\avgam.exe

C:\Program Files\AVG\AVG10\avgnsx.exe

C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\Program Files\AVG\AVG10\avgcsrvx.exe

C:\Program Files\AVG\AVG10\avgcsrvx.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

... Read more

Answer:Google search links being redirected

Here's the zipped file attachment.

19 more replies
Relevance 70.93%

Issues with my web broswer (I use firefox and IE) in which new tabs automatically open with spam web pages. In addition, google search results links will be redirected to these same type of spam pages. It usually kicks in within a few minutes of a new broswer session. I've tried Spyware Doctor and Malaware Malwarebytes Anti-malware.I'm unabe to run the GMER program because my computer crashes each time i try. Therefore, I'm unable to attach the Ark.txt log.DDS (Ver_10-03-17.01) - NTFSx86 Run by Brian at 12:12:05.29 on Sun 09/12/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2014.395 [GMT -4:00]AV: Spyware Doctor with AntiVirus *On-access scanning enabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}============== Running Processes ===============C:\WINDOWS\system32\ibmpmsvc.exeC:\WINDOWS\system32\svchost -k DcomLaunchC:\WINDOWS\system32\svchost -k rpcssC:\WINDOWS\System32\svchost.exe -k netsvcsC:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exeC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\svchost.exe -k NetworkServiceC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32&... Read more

Answer:Search Results links Redirected

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The ap... Read more

12 more replies
Relevance 70.93%

Hello,
My Google search links are being redirected. Please help. Below is my hijack log.

Thank you!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:35:11 PM, on 7/6/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program... Read more

Answer:Google search links redirected

16 more replies
Relevance 70.93%

I have been getting redirected to sites like infomash and other random weird sites whenever I click on Google search results. I've tried scanning my computer with superantispyware and malwarebytes but haven't been able to find it. note: I followed the guide stickied to this forum successfully except GMER causes my system to crash repeatedly.DDS (Ver_10-03-17.01) - NTFSx86 Run by Owner at 23:06:49.62 on Tue 08/03/2010Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_20Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.958.434 [GMT -4:00]SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}SP: SUPERAntiSpyware *enabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\taskeng.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\Dwm... Read more

Answer:being redirected from google search links

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

14 more replies
Relevance 70.93%

Whenever I do a google search (and even yahoo searches), when I click on the links it takes me to some other site / ad site. I see this is a common problem and have tried malwarebytes but I am still having the issue.

Please help!

Answer:google search links being redirected

Hello,what is your Operating System?Please read and follow all these instructions.Please download GooredFix and save it to your Desktop.Double-click GooredFix.exe to run it.A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called Goored.txt).

17 more replies
Relevance 70.93%

80% of the google search links are redirected to an ad site. I have run Spybot, Malewarebyte's Anti-Malware, Super Anti-Spyware, AVG and Kaspersky Scan and nothing has been found (minus the occasional cookies). Thank you in advance for your help.
DDS (Ver_09-03-16.01) - NTFSx86
Run by Kurt Williams at 7:37:14.89 on Sun 04/26/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1142 [GMT -7:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C... Read more

Answer:Google search links are redirected

Hi My name is Extremeboy (or EB for short), and I will be helping you with your log.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.If you do not make a reply in 5 days, we will need to close your topic.You may want to keep the link to this topic in your favourites. Alternatively, you can click the button at the top bar of this topic and Track this Topic. The topics you are tracking can be found here.Please take note of some guidelines for this fix:Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.Even if things appear to be better, it might not mean we... Read more

20 more replies
Relevance 70.93%

Hello, Every time I open internet explorer it opens up my home page www.yahoo.com - but it the opens another window with redirect something or the other. I close that window. In another window I do a google search and anytime I click on one of the search links - the URL gets redirected to yellow pages or another search site. I tried opening the link in another tab and it is the samething. The only time I can get to a link is to the copy and paste in the URL part of IE.

Any ideas?

I ran spybot - Got a green check all ok.
I ran SuperAntiSpyware - Got green light on that too - all ok.
I ran MalwareBytes -- All ok.
I downloaded and ran combofix after following the instruction from bleepingcomputer and eveytime I run it - NortonVirus picks up a Malicious script detected - CSCRIPT.cfxxe. I stopped at point and need help...

Please advise and thank you in advance for your help...

Steve

Answer:Links being redirected - Google Search

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.

1 more replies
Relevance 70.93%

I have tried to solve the issue following the support and tips from this post:

http://forums.techguy.org/virus-other-malware-removal/959687-i-keep-getting-redirected-other.html

I ran a full scan at ESET and found:
C:\System Volume Information\_restore{DF1DF396-9436-4F09-B494-578A429D8E05}\RP72\A0016079.exe a variant of Win32/Injector.GBP trojan

C:\WINDOWS\Installer\20723.msi probably a variant of Win32/Agent.MQQMAYH trojan

I have dealt in the past with a false antivirus warning type problems and McAfee VirusScan Enterprise has managed to delete it..

This issue with the links being redirected , either with IE or Mozilla is the first time I encountered it.

I followed every step that the post indicated, confronting the same issues the person had, and I managed to move forward until getting to the last step of using ESET, after which I ran MalewareBytes which only detected 1 of the trojans. See attachment.

Apparently the other remaining trojan is causing the redirection of the urls? Or, there is another threat(S) that have yet to be established?

No other issue appears affecting the computer.

THANK YOU FOR YOUR KIND ASSISTANCE!
 

Answer:Links in Search Results Redirected

More attachments
 

1 more replies
Relevance 70.93%

Recently all of my search result links have redirected me to random advertisement sites and search engines. I have to "copy" and "paste" the addresses into the address bar to get where I requested to go. Here is my HJT Log...Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exeC:\Program Files\BitDefender\BitDefender 2009\vsserv.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Google\Update\GoogleUpdate.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exeC:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exeC:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exeC:\Program Files\Dell Support Center\bin\sprtcmd.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\Java\jre6 ... Read more

Answer:Search engine links get redirected

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the resul... Read more

2 more replies
Relevance 70.93%

Hello people I recently (about 1 day ago) have been having a problem where when i click on a link on Google it sometimes redirects me to random ad's or other search engines.I have ran superantispyware and malwarebytes both turning up with nothing and i tried a system restore to an early time/ day but i still have the problem.It has been very irritating and i was wondering can anyone help me with the problem.HijackThis Log :Logfile of Trend Micro HijackThis v2.0.4Scan saved at 4:16:46 PM, on 5/13/2010Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Program Files\Messenger\msmsgs.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Prog... Read more

Answer:Search Engine Links Being Redirected

Hello. Welcome to BC.My name is Extremeboy (or EB for short), and I will be helping you with your logIf you still require assistance we would like to see the current condition of your system so please post a new set of DDS Logs as well as a GMER log and a description of any remaining problems or symptoms you may still have please.If for any reason you did not post a DDS log or GMER log please refer to this page and in step #6 and Step #7 and Step #8 for further instructions on downloading and running DDS & GMER. If you have any problems when running the tools or unable to produce a report for any reason, just let me know in your next reply.For your next reply I would like to see:-The DDS logs---DDS.txt and Attach logs-GMER log-Description of any remaining problems you may still have.Thanks.With Regards,Extremeboy

11 more replies
Relevance 70.93%

A friend from a neighbouring village asked me to install a second hard drive in his computer (Dell Dimension E520) and check out some recent malware-related problems. The rogue "antivirus suite" had been removed with MBAM. He noticed that IE would no longer connect to the internet (so he installed Firefox which worked OK), it would often take up to 5 minutes for the Desktop icons and Taskbar to appear after starting the computer and the Taskbar seemed to be a different colour (grey .... now "classic" style). He then lost all internet connection.That is when he brought the computer to me. I noticed the following also:The hard drive (there is only one) was not shown in either Disk Management or Device Manager.Google (also Yahoo and Bing) search result links are being redirected (in both IE and Firefox) on many occasions.Internet connection was lost again after I had re-established it. (I have since re-established it.)The system is prone to freeze up (I have had to power-off on several occasions to shut it down).Scans with the following did not reveal any further malware:AVG FreeMBAMSuperAntiSpywaregmerCombofix was used to install the XP Recovery Console (but CF has not otherwise been run any further).I would appreciate some assistance finding the lurking malware and cleaning this system up so that I can return it to my friend with confidence.Thanks in anticipation'Alien-----------------------DDS (Ver_10-03-17.01) - NTFSx86 Run by John at 14:05:58.64 on... Read more

Answer:Google (et al) search links redirected

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.1.Please do not run any other tool untill instructed to do so!2.Please reply to this thread, do not start another!3.Please tell me about any problems that have occurred during the fix.4.Please tell me of any other symptoms you may be having as these can help also.5.Please try as much as possible not to run anything while executing a fix.If you follow these instructions, everything should go smoothly.Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.:run combofix:Please visit this webpage for download links, and instructions for running the tool: http://www.bleepingcomputer.com/combofix/how-to-use-combofixPlease ensure you read this guide carefully and install the Recovery Console first. The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.Once installed, you should see a blue screen prompt that says:The Recovery Console was successfully installed.Please continue as follows:Close/disable ... Read more

10 more replies
Relevance 70.93%

Hi,Windows 7 64bitRedirected links was happening in firefox 14.0.1 with google, I started using yahoo then it spread to that and bing. As of right now google is redirecting, using the bing search in the toolbar gets me redirected as soon as the results page loads, Yahoo and Ask are working. Google links in chrome are working. I also randomly get tabs with the same redirects that pop up when doing nothing, just having a tab open. thanks for any help. Noel

Answer:Redirected search engine links

DownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) Do not change the default options on scan resultsDownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results here.If you get crashes in normal mode,run it in safemode with networkingDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

13 more replies
Relevance 70.93%

Hi,
My computer has been infected with virus that redirect search result links to other websites. I have tried to scan the computer but all three attempts ended up with the computer reset with blue screen.
Could someone help me?
Thanks,
Xeu

Answer:Search result links get redirected - Please help!!

Before doing anything if you have not already done so, you should back up all your important documents, personal data files and photos to a CD or DVD drive as some infections may render your computer unbootable during or before the disinfection process. The safest practice is not to backup any files with the following file extensions: exe, .scr, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.How and Where to backup your files in XP or VistaHow to Backup and Restore in Windows 7How to use Ubuntu Live CD to Backup Files from your dead Windows ComputerPlease follow these instructions: How to remove Google Redirects or the TDSS, TDL3, Alureon rootkit using TDSSKillerDouble-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.When the program opens, click the Start Scan button.Any objects found, will show in the Scan results - Select action for found objects and offer three options.If an infected file is detected, the default action will be Cure...do not change it.
Click Continue > Reboot now to finish the cleaning process.<- Important!!
If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection. Leave it as such for now.A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).Copy and paste the contents of that fil... Read more

1 more replies
Relevance 70.93%

Hello- I am having an issue with getting redirected to advertising web sites when I use any search engine and when I click on a link from a page like drudgereport. I have run malwarebytes, spybot, mcafee without success. i did run adaware as well, but deleted that after i downloaded malwarebytes. under regedit, i still found a trojan in the search assistant sub folder, win32/BHO.CQ.dll even after the multiple scans (in both regular and safe mode). I deleted that trojan. Not sure what do look at next. Still have problem Here is the HijackThis log:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 11:46:00 AM, on 7/22/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\WINDOWS\system32\igfxtray.exeC:\WINDOWS\system32\hkcmd.exeC:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exeC:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exeC:\Program Files\McAfee.com\... Read more

Answer:Getting redirected on all search engines and links

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The ap... Read more

3 more replies
Relevance 70.93%

Hello. For a few days now I've been trying to use any possible anti-spyware tools such as Spyware S&D, and Malwarebytes. They have found spyware on my computer, but every time the tools delete the spyware on my computer, new ones would just show up afterwords. I came to this forums in search of a solution and help. I thank you for taking the time to help me solve my problem.

Here is the log that HiJackthis! made after scanning my computer:



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:10:32 PM, on 6/26/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\system32\ctfmon.exe
M:\My Documents\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Documents and Settings\Vivian\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files... Read more

Answer:Internet search links being redirected, need help!

Hello and Welcome to TSF.

We no longer use HijackThis as our initial analysis tool.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new thread, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

------------------------------------------------------

1 more replies
Relevance 70.93%

Hi all.

I am looking for some assistance on cleaning up a recent issue my laptop has acquired. When doing a Google search and then clicking on a link, I am being redirected to random sites. I have read through a number of posts here about the same issue and have tried following some of the posts but I am still having issues.

I am hoping someone can get me back to a clean machine.

I am currently running Windows 7 Pro with SP1, and the machine is setup to dual boot Windows XP with SP3. Also, Ubuntu is installed on the Windows XP partition so that I can boot into any of the 3 OS's at boot time with Win 7 being th default. I have run a full scan with eSet Smart Security v.4.2.71.2 with latest updates and Malewarebytes AntiMalware 1.51.1.1800 with latest updates on the Win 7 partition and the machine comes up clean.

Any and all assistance greatly appreciated.

Thanks to all.

Dan

Answer:Google search links are being redirected

Hello.Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Be sure to download TDSSKiller.exe from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.If TDSSKiller does not run, try renaming it.To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.Click the Start Scan button.Do not use the computer during the scanIf the scan completes with nothing found, click Close to exit.If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).Copy and paste the contents of that file in your next reply.~BladeIn your next reply, please include the following:TDSSKiller log

7 more replies
Relevance 70.93%

Hello,My Browser in Laptop (Windows 7 Home Premium)recently started to redirect Google search links to some unknown ad sites.i had Firefox and IE9. i always use ad-block plus in Firefox i tried many things to remove the Malware but was unsuccessful.ONLY when I disable the JAVASCRIPT; the redirects would stop ( and so would many options in other sites)I reinstalled Firefox,Java. but problem not resolvedPLEASE HELP.I am pasting DDS and GMER logs for reference.Note: In GMER, I could only select services / registry and file, i could not select others ( like system/section/modules ....)Tried in safe mode too , still could not select other optionsDDS.log.DDS (Ver_2011-06-23.01) - NTFSAMD64Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26Run by Owner at 18:02:04 on 2011-07-31Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3758.2397 [GMT -4:00].AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exeC:\Windows\System32&... Read more

Answer:Google Search Links Redirected

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

28 more replies
Relevance 70.93%

In the last several days, when I click on a link from a search engine, google, bing, etc., the browser is redirected to another "search" site - not the intended link. I have followed a variety of directions, run spybot, malwarebytes and adaware, I run avg as anti-virus and have also run Vundofix. The problem has persisted. I am fairly experienced and have used AVG for many years and never had this happen before. I am hopeful that someone here can help. I have run hijack this and am pasting the log below. Thank you in advance for your time.

Jim

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:43:56 PM, on 6/28/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.e... Read more

Answer:Toshiba M45 search links redirected

8 more replies
Relevance 70.93%

I am running XP Pro SP2. For a few weeks now I am redirected to a useless ad laden site when I click on search results from Google, Yahoo, and anything found from the toolbar search box. I have run Adaware, Hitman, Spybot, and McAfee without success. All have found nothing. I removed Firefox and pluggins then reinstalled - that didn't help. Then I even went for Internet Explorer -same problem. I also tried system restore. It went through what looked like the process to restore the system, then a message appears stating the restore was unsuccessful. I get the same response no matter what date I try.

The only way I can get to a website is if I put in the specific url I want to go to. My machine is also running incredibly slow at times and sometimes will not shut down without holding down the power button.

Any help would be greatly appreciated.

The DDS.txt follows:

DDS (Ver_10-03-17.01) - NTFSx86
Run by Paul at 20:33:48.59 on Mon 06/07/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1023.696 [GMT -5:00]


============== Running Processes ===============

C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Comm... Read more

Answer:Search result links redirected

BUMP, please

18 more replies
Relevance 70.93%

Hello and thank you for your time. A few days ago I started being redirected every time I clicked on a search link from Google. After clicking on the desired link I was then re-directed to either a search site or some other totally random site. Trend Micro scan showed nothing. Panda showed something, but wanted a fee to fix. Malwarebytes showed two trojans, but nothing happened after the prescribed cleaning action was implemented. Any suggestions? Let me know what log to post. Thank you.

Answer:Search engine links are being redirected

Please post the Malwarebytes log.

13 more replies
Relevance 70.93%

When I click on a search link from any number of search engines, I am being redirected to different sites, sometimes seemingly normal sites, sometimes pornography. It happens in both IE and Firefox. Help! Please. : )

Hijackthis log is attached.

Thank you for your time.

Answer:Browser search links being redirected.

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

3 more replies
Relevance 70.93%

DDS (Ver_10-03-17.01) - NTFSx86 My computer keeps redirecting any links from a Google or Yahoo search whether I use Internet Explorer or Firefox. I have rund several kinds of spyware and malware removal programs but they have not stopped this from happening. I think I picked up a trojan from a song lyrics website two days ago when I noticed this problem happening. If I paste the search link urls in either browser, it works fine and I can access the sites but clicking the links results in a redirect to other business sites not related to my search or the url.Below is the DDS txt and I have attached the DDS attachment and GMER logs.Thank you in advance for your assistance.Run by Ralph Rodriguez at 6:52:41.70 on Fri 03/19/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_07Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1259 [GMT -4:00]AV: Webroot AntiVirus with Spy Sweeper *On-access scanning enabled* (Updated) {77E10C7F-2CCA-4187-9394-BDBC267AD597}FW: Webroot AntiVirus with Spy Sweeper *disabled* {63671000-11A2-46DD-BADD-A084CABCDEAE}FW: Webroot Desktop Firewall *enabled* {AF0CFAAE-AAB5-450a-8C74-0DEEB429DF50}============== Running Processes ===============C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\System32\WLTRYSVC.EXEC:\WINDOWS... Read more

Answer:Hijacked Search Links Redirected

Good evening. Download HAMeb_check.exe by noahdfear from here and save it to your Desktop.Double click the tool to run it - it will take a minute or two to complete. Once complete it will open Notepad with the results and save a copy as HelpAsst.log to the root of your hard drive, usually C:\ Please post the contents in your next reply.

16 more replies
Relevance 70.93%

When I use any search engine, the links are redirected to various advertisements. I've scnned with Malwarebytes and it does not find any malware. Please advise.

Answer:Search Engine Links Redirected

Please post the results of your last MBAM scan for review (even if nothing was found).To retrieve the Malwarebytes Anti-Malware scan log information, launch MBAM.Click the Logs Tab at the top.The log will be named by the date of scan in the following format: mbam-log-date(time).txt
-- If you have previously used MBAM, there may be several logs showing in the list.Click on the log name to highlight it.Go to the bottom and click on Open.The log should automatically open in notepad as a text file.Go to Edit and choose Select all.Go back to Edit and choose Copy or right-click on the highlighted text and choose Copy from there.Come back to this thread, click Add Reply, then right-click and choose Paste.Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.Exit MBAM when done.Logs are saved to the following locations:-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs-- Vista, Windows 7, 2008: C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\LogsPlease follow these instructions: How to remove Google Redirects or the TDSS, TDL3, Alureon rootkit using TDSSKillerDouble-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.When the program opens, click the Start Scan button.If malicious objects are found, they will sh... Read more

7 more replies
Relevance 70.93%

Problem:
On Thursday when clicking on search result links from Google, I was
redirect to advertisment sites, not the same site, different ones everytime.


Hardware/Software:
Dell Dimension 8300, 1.00 GB Ram
McAfee
Security Center 9.15
Virus San 13.15
Firewall 10.15



Steps I have taken:

1). Ran a full virus scan found 2 Artemis!F538BDCA82F5 Trojans
2). Created a windows restore point.
3). Downloaded dds.scr
4). Turned off McAfee Script Scanning Protection.
5). Ran dds.scr from desktop by double clicking,
The dds app opens a dos window, runs for a little bit then the window closes but no logs get created.
6). Unplugged network cable.
7). Turned off All McAfee apps through the McAfee console
8). Re-ran dds.scr, no dice, same results as the first attempt.
9). Gave up on running the dds.scr app.

10). Attempted to run gmer.exe, the inital scan ran fine.
11). I unchecked the boxes requested.. then clicked scan
Immediately my cpu utilization went to the max.
12). Looked in task manager, Mcshield.exe was taking up 99% of the cpu, so I killed it.
13). Looked in task manager again, now windows explorer was taking up 99% of the CPU, I killed that.
14). Looked in task manager again, lsass.exe was consuming 99% of the cpu, but I didn't kill that..
15). I let the scan run for 27 hours, tried to save the output.. but the machine would not respond, so I reboted.

Here is the initial scan that comes up after I open the gmer.exe


GMER 1... Read more

Answer:Search links are redirected, unable to run dds.scr

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

See if RSIT will run: Download RSIT by random/random and Save it to your Desktop.
Double-click RSIT.exe to run the tool.
Click Continue at the disclaimer screen.
When the scan completes it will open a log named log.txt maximized, and a log named info.txt minimized.
Please copy/paste the contents of log.txt in your next reply.
Please attach info.txt to your reply.
To attach a file to a reply, simplyClick the Manage Attachments button under Additional Options > Attach Files on the post composition page, and
Copy and Paste the following into the Upload File from your Computer box:C:\rsit\info.txt
Click Upload
------------------------------------------------------

15 more replies