Computer Support Forum

IE/Ntscp search links redirected, no malware found, no solution found in threads

Question: IE/Ntscp search links redirected, no malware found, no solution found in threads

I have IE 8.0 and Netscape 8.1.3 on Windows XP (media ed). Both browsers have the same problem. Google searches' links are redirected. The first link clicked works, but subsequent ones are redirected. There is no other unusual activity. The redirection does not occur with a proxy server using google.

I have tried Norton, Trend Micro PC-cillin, Malware Bytes, and Spybot S&D. None of these detect any malware and none solve the problem. The DNS is automatically obtained.

I have looked through the forum, and there appears to be a number of people with similar problems, but the solutions offerred (if not too specific) have not worked.

Thank you.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:08:18, on 7/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Creative\VoiceCenter\AndreaVC.exe
C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\DOCUME~1\king\LOCALS~1\Temp\clclean.0001
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\utils\WinZip\WZQKPICK.EXE
C:\Program Files\Picaboo\Picaboo\PicabooMain.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Netscape\Netscape Browser\netscape.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157" target="_blank" class="invilink">http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank" class="invilink">http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [OE_OEM] "C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Picaboo.lnk = C:\Program Files\Picaboo\Picaboo\PicabooMain.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\utils\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1226881932156
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe

--
End of file - 11793 bytes

Relevance 100%
Preferred Solution: IE/Ntscp search links redirected, no malware found, no solution found in threads

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: IE/Ntscp search links redirected, no malware found, no solution found in threads

11 more replies
Relevance 80.04%

Hi

When I use Google etc to search and try to double click on a link I am getting redirected to random sites. I have completed the 5 step process however could not get the Microsoft Updates. Other than the report I have no knowledge of viruses.

Thanks for any help
Richard

I have attached the Scan report and xtra.

Deckard's System Scanner v20071014.68
Run by richardm on 2008-01-26 16:04:01
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
38: 2008-01-26 03:04:07 UTC - RP38 - Deckard's System Scanner Restore Point
37: 2008-01-25 06:36:23 UTC - RP37 - System Checkpoint
36: 2008-01-23 22:18:51 UTC - RP36 - System Checkpoint
35: 2008-01-22 07:34:07 UTC - RP35 - System Checkpoint
34: 2008-01-20 06:37:35 UTC - RP34 - Removed Apple Mobile Device Support


-- First Restore Point --
1: 2007-11-13 00:20:57 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-01-26 16:05:00
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss... Read more

Answer:Getting redirected from links found on Search Engines

Bump Help!

10 more replies
Relevance 92.25%

Hi

I just joined this forum and this is my first post.

My laptop seems to have got infected by a malware when I was browsing (do not recall the site name as I realised about the problem only after rebooting).

The following are what I am able to see during use:

1. Just after booting, I get a notification "Missing Virus definitions: VPTray.exe-Ordinal not found" & below that "The ordinal 1109 could not be located in the dynamic link library WSOCK32.dll". When clicking OK, this goes off and reappears one more time. Goes off again after OK

2. Subsequently, I get a warning pop-up Symantec auto-protect is disabled.But I find symantec to be working fine.

3. While on Google, the first page of search results come out fine- but the links from this page lead to a completely unrelated sites (95p.com???) automatically.

4. Sometimes, automatically new tabs get opened to the site shiftingmedia.com with some irrevalent search terms.

5. Browsing has become extremely slow after this happened.
I am using a Dell Latitude D620 (yes- it is an old piece- but seemed to be fine until this) with Windows XP Professional 2002 SP3. Antivirus Symantec 10.1.7.7000.

I wanted to run the DDS tool also and attach the log- but I am not getting a DOS kind of scree as shown in the site and the single out txt file is completely garbled.

Tried running a couple of anti malware programs downloaded from the net; but though they found some threats and cleaned them the problem rem... Read more

Answer:Google links getting redirected; Ordinal 1109 not found

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/435127 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

2 more replies
Relevance 92.25%

I have been having issues with being redirected when clicking on links (multiple search sites: google, yahoo etc) and recently my browser (firefox) has been crashing. I had been using Pest Patrol and found a downloader and an unknown trojan. I removed them both to no avail. I just installed and ran Malwarebyte's Anti-Malware and found: Trojan.Daonol (first specified trojan). I also ran hijackthis but alas, cannot make sense of it and I would like to make sure my system is clean. So if someone could take a look at this and let me know, it would be greatly appreciated. Thank you so much!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:11:13 PM, on 5/18/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16827)Boot mode: NormalRunning processes:C:\WINDOWS.0\System32\smss.exeC:\WINDOWS.0\system32\winlogon.exeC:\WINDOWS.0\system32\services.exeC:\WINDOWS.0\system32\lsass.exeC:\WINDOWS.0\system32\Ati2evxx.exeC:\WINDOWS.0\system32\svchost.exeC:\WINDOWS.0\System32\svchost.exeC:\WINDOWS.0\system32\Ati2evxx.exeC:\WINDOWS.0\Explorer.EXEC:\WINDOWS.0\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS.0\system32\svchost.exeC:\Pro... Read more

Answer:Redirected links, browser crashes, found trojans

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 88.97%

Hi,I really needs help. Please help me asap. I'm now very very frustrated with my laptop T_T - When I try to access Google.com, it automatically redirects me to this irritating website: "SOFT.SG" .However, when I access Google.com.sg or other websites with this format "Google.com.xx", it works find. I can use Gmail and other Search Engine normally. I'm only facing problem with "GOOGLE.COM" . - When I use the google search toolbar, it shows a web page on Firefox that says: "Not FoundThe requested URL /search was not found on this server.Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at www.google.com Port 80" - I have tried Google Chrome, Firefox and IE9 and I'm facing the same problem - I have tried using Malwarebytes' Anti-Malware, Hitman Pro 3.5, CCleaner, kk.exe, Rkill, TDsskiller to find spyware and malware but they all do not work. - My host file is normal.Really really needs help.Thank you all!

Answer:GOOGLE.COM redirected to SOFT.SG and NOT FOUND when search

I couldn't help but notice in that error message it is referencing port 80, that is a classic port used by hijacker viruses. Go to download.com and download Spybot - Search and Destroy. I know you said you tried all those programs, but this is the best one. Also, go into your network connections and go into the properties of the active connection, select Internet Protocol v4 and click Properties below that.. all the fields in that box you see should be empty. Did this help?

3 more replies
Relevance 88.56%

HI Everyone,

Ok corny username.... but im so happy....I coudlnt help it. Read on.

Its 3:50 am on OCt 31 2009. About 8-9 days after the first few online forums reported this new malware on the internet.

All teh forums mentioned to download and installl a whole bunch of programs. I tried all of them but they didn twork.

The only thing that did work. THANK GOD!!! and THANK MICROSOFT (for once) was the system restore.

IF you know when you got hit with this crappy browser hijack software, then just set the system restore point to any available date before that.

All installed programs including this BS malware will be deleted. All files you download / copy onto your system will be fine.

Hope it all works for you. Please try this before you break your head and waste tiem installing 10 other softwares to fix this problem.

Good luck and may the creators of greatfeedmill perish in a lake of fire. [email protected][email protected]$!!!! I hope their car breaks down, or their bank repossesses their car, cos they really cannot possibly own a house. IF they did, hope it burns down.

Ibreatgreatfeed
 

More replies
Relevance 88.56%

Hey, Just in case anyone else is having this problem, It took me a while, but I finally figured out how they redirected auto.search.msn.com on my computer, It was fairly simple, Im not quite sure why when I did a text search on my hard drive the first time it didnt pick it up. Anyways Today I installed this program called silencer, which blocks all kinds of Ip adresses, and it brought my attention to this file in the windows directory called host
I looked in there and right at the first line it said

66.40.16.218 auto.search.msn.com

So I deleted it problem solved. Sheesh after all this time I cant believe it was so simple, Anyways if anyone ever has trouble with something redirecting your adresses and you know its not right, just check a file in your windows directory called host, edit it with notepad or word pad. It might be empty or not exist. But who knows, take a look at it, you might be suprised whats in there.
Heres something neat I noticed that the silencer program does, you can do it yourself I imagine though.

If you ever want to disable some Ip adress, such as
ads.double-click.com You can do it easily by placing this line in your host file in the windows directory

127.0.0.1 ads.double-click.com

This works for any site you want to put in there, It redirects the domain to your local IP which disables alot of ads , I dont know if it protects your ports, but I noticed a heck of alot less ads on the internet because of this. The silencer program at spychecker.com d... Read more

More replies
Relevance 88.15%

[attachment=75747:Attached_zips.zip]I have norton 360, no help with this issue. All my links are getting randomly redirected on the first click.I believe I have collected the info needed for analysis. (also see attached) Thanks in advance for the help!!DDS (Ver_10-10-10.03) - NTFSx86 Run by John at 6:59:24.14 on Fri 10/15/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.1966 [GMT -4:00]AV: Norton 360 Premier Edition *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}FW: Norton 360 Premier Edition *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}============== Running Processes ===============C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exeC:\WINDOWS\system32\Ati2evxx.exesvchost.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exeC:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\LightScrib... Read more

Answer:Malware issues, search links redirected

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The ... Read more

22 more replies
Relevance 86.92%

please help me avg picks them up but they keep trying to come into my system and my search engine keeps redirecting me here is my dds:
DDS (Ver_09-06-26.01) - NTFSx86
Run by katie at 9:23:02.11 on Fri 03/07/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_14
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.61.1033.18.1013.283 [GMT 10:00]

AV: BP Security Anti-Virus *On-access scanning enabled* (Updated) {2565CEEE-6BDB-4A6D-AD6D-F682F2695014}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k apphost
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Windows\ehome\ehRecvr.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Windows\ehome\ehsched.exe... Read more

Answer:all search engines get redirected and i found rootkit problems skynetblabla.dll

f[/QUOTE]and here is my hijack this file for some reason gmer dosnt work


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:29:32 AM, on 3/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\katie\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Users\katie\AppData\Local\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.ninemsn.com.au
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ninemsn.com.au
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwl... Read more

19 more replies
Relevance 86.1%

Syndrom :Can't open www.google.com, www.google.ch, www.google.fr, www.google.de, etc in browser (IE8 and Firefox), when other website such as youtube.com works perfectly.Message : 404 Not Found (nginx) (see this link (imageshack))This has been so for the last 2 weeks, the computer is the one of my grand-father meaning I don't know what he exactly did.What has already been checked/tried and worked (but didn't solve the problem):- ping google.com- ping google.ch- Open google.com using it's IPv4 adress (74.125.39.106) in both IE8 and Firefox- Open google.ch using it's IPv4 adress (74.125.39.105) in both IE8 and Firefox- Open google.com.ph (Philipinae) directly in both browser (Computer located in Switzerland)- Open maps.google.com, translate.google.com, images.google.com, etc. in both browserWhat has already been checked/tried and didn't worked nor solved the problem :- ipconfig /dnsflush (many)- ipconfig /renew (many)- Force DNS server on computer (DNS used : 8.8.8.8 as primary, 208.67.222.222 as secondary)- Force DNS server on rooter (DNS used : 8.8.8.8 as primary, 208.67.222.222 as secondary)- Boot in safe mode, network devices enabled, then tried to contact google.com without success- Use of a browser with clean install (Firefox)- Modem reboot- Modem reset- Rooter reboot- Rooter's firmware update, with reset- Restore computer to previous point- Scan on boot using Avast! (paid version)- Complete scan then quick scan using Malwarebytes anti-malw... Read more

Answer:Error 404 Not Found when trying to contact google, no solution funded, probably a malware.

Bump, does anyone have an idea ?

3 more replies
Relevance 83.23%

Trouble started with google redirecting to 63.209.69.107 when i clicked on any search results. Looked it up on this site,and found some procedures that seemed reasonable...used symantec removal tool, no problems but it didn't fix anything. Tried TDSSKiller from kapersky...same basic result, it found and fixed a few things but problems persisted. Ended up at this forum topic- http://www.bleepingcomputer.com/forums/topic473358.html because I got the TDSS file system found error. Followed all procedures from that topic it had me run TDSSKiller again with a different setting, then AdwCleaner, then ESET, then aswMBR. Again a few suspect items found and fixed. Google problem persisted. Found this topic- http://www.bleepingcomputer.com/forums/topic480929.html/page__pid__2941122#entry2941122 and my results pretty much matched the original poster of this topic. Ran AdwCleaner again, downloaded and ran Malwarebytes Anti Malware, and RogueKiller.

RogueKiller found the same infection as that guy had, "ZeroAccess"...which according to Gunto is "nasty" and requires "advanced help". Followed instructions, ran DDS, created logs and now I'm here. I have logs from every fix I have tried starting back with the symantec tool, I don't know if they would be helpful or not, but I have them. I am only including the DDS results as instructed in the "Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help", but ... Read more

Answer:infected with zeroaccess found with roguekiller & google redirects search result links

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your malware problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top o... Read more

49 more replies
Relevance 80.36%

hello

i ran trojan remover on safe mode before i ran into this tech forum.

it found 2 malware infections. a trojan and a hacking system file.
they both were deleted by the trojan remover program. when i ran it again. nothing was found....but my main concern right now is that i was reading the log that i was given and it said something about some files being locked or in use. and im not sure if the computer is really finally out of harms way.

i do have a boot disc if i have to reformat. but i do run a store AND reformatting is such a huge hassle. i will do it if ihave to. but i would like to know if im still in harms way.

i ran the programs you guys asked and i will be attaching them here.
ALSO i will attach the trojan remover log..just so you see what im talking abt.


the computer started acting up, an the main that it was doing, was everytime i would turn the computer back on, the receipt printer was uninstalled. EVERYTIME.

thanks in advance.

Answer:possible hacking problem/malware found/trojan found....URGENT

Hello!

I am currently reviewing your logfiles and will assist you shortly with instructions. Please be patient.

Meanwhile: Please subscribe to this thread if you have not done already and please don't do any other scans on your own and don't install or remove software. Thank you!

4 more replies
Relevance 79.95%

Dont have a dds log because it hangs at the end of running it and doesnt finish then computer is unresponsive including mouse and has to be switched off.

gmer log is attached....help

thinkpad T43 laptop with xp pro

Answer:search hijack, pop ups not found by malware virus software

Hello, fluffy04.My name is aommaster and I will be helping you with your log.I apologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.If you have since resolved the original problem you were having, I would appreciate you letting us know. If not please perform the following below so I can have a look at the current condition of your machine.ThanksShould you still require assistance, please take note of the points below:Please track this topic by either adding it to your favourites or clicking the Options button at the top of this thread and then Track this topic.Please disable word-wrap before posting logs. This can be done by clicking Format and un-ticking the word-wrap feature in notepad. The logs that you post should be copied and pasted directly into the reply. Only attach them if requested or if they do not fit into the post.If you do not reply within 5 days, I will have to close your topic. Should you not be able to meet this, please notify me so that I will leave the topic open.Please do not install, update, or run any programs for the duration of the fix.If you do not understand the instructions I provide, please don't hesitate to ask. That's what I'm here for Please continue to reply to this topic until I give you the all clean. Just because there are no symptoms of infection doesn't mean that the computer is clean.If you are running Vista, please run all the fixes as an administrator. This is done by ri... Read more

3 more replies
Relevance 79.95%

HI eyeryone, well this is kind of an interesting story. I am working on my bosses computer to speed it up a bit and every time i type in an invalid website or do not .com at the end it kicks me directly from the page not found screen to a porn search engine. I let him know about it and he wants me to try to clean it up...i have tried every anti-spyware program available and cannot get rid of this. I ran Hijackthis and here is my log. Please help!Logfile of HijackThis v1.99.1Scan saved at 4:06:46 PM, on 4/30/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16414)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Java\jre1.6.0_01\bin\jusched.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\... Read more

Answer:Page Not Found: Porn Search Engine (malware I Think)

vz9364,Welcome to the forum.Your computer has been hijacked by the lovely people in the Ukraine, you are infected with Wareout.85.255.112.0 - 85.255.127.255Inhoster hosting companyOOO Inhoster, Poltavskij Shliax 24, Kharkiv, 61000, UkraineYou may want to print out these instructions for reference, since you will have to restart your computer during the fix.Please download FixWareout from one of these sites:FixWareout SubratamFixWareout Lonny Save it to your desktop and run it. Click Next, then Install, Then make sure "Run fixit" is checked and click Finish. The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal. At the end of the fix, you may need to restart your computer again.Save the contents of the logfile C:\fixwareout\report.txt and post it into your next reply.Now lets check some settings on your system. For (2000/XP) Only)Go to Start > control panel. If you are using Windows XP's Category View, select the Network and Internet Connections category otherwise double click on Network Connections. Then right click on your default connection, usually local area connection for cable and dsl. Left click on properties. Click the Networking tab. Double-click on the Internet Protocol (TCP/IP) item and select the radio dial that says Obtain DNS servers automaticallyPress OK twice to get out of the properties screen and reboot if it asks.
Tha... Read more

6 more replies
Relevance 79.54%

Hi.

On a quick scan of Malwarebytes, it found item called trojan.downloader.

It was on C:\windows\system32\java.exe

I clicked to remove, rebooted as directed, reran scan and all clear.

Then I ran Superantisypware:

It found a malware trace in registry items:

hklm\software\microsoft\windowsnt\currentversion\winlogon#taskman

This was also quarantined and then I restarted as directed and rescanned and all was clear.

I then ran an anti virus and that was clear.

I have windowsvista.

I am concerned that there still might be a problem on the system after seeing these two that were found.

Looking forward to your help.

Thanks!

More replies
Relevance 79.54%

Hello!After long searching I deleted the "Rootkit.boot.SST.b" via Kaspersky Rescue Disk.Now I am able to run TDSSKiller and he finds 2 objects.Now I can't find an answer if I can safly delete them?These are the scan Results:Now how can I be sure that all the junk from the rootkit is deleted since previsouly following programs found nothing:Emsisoft Emergency Kit - Super antispyware - Malwarebytes - AVG - kaspersky Virus Removal Tool - Combofix didn't even start - Stinger | Spybot S&D | Hitman | AVG Virus Removal ToolKind regards,Vincent

Answer:Kaspersky TDSS 2 Possible Threads Found

Hello,And welcome to BleepingComputer.com, before we can assist you with your question of: Am I infected? You will need to perform the following tasks and post the logs of each if you can.Please download and run Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.Malwarebytes Anti-MalwareNOTEMalwarebytes is now offering a free trial of their program, if you want to accept it you will need to enter some billing information, so that at the end of the trial you would be charged the cost of the product. Please decline this offer, if you are unable to provide billing information. If you want to try it out, then provide the billing information.Please download Malwarebytes Anti-Malware and save it to your desktop.Download Link 1Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.
For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.When the installation begins, follow the prompts a... Read more

16 more replies
Relevance 76.26%

When I click on a google link or even a bing link my page gets redirected to places like spyware scanner and fake search engines. I know its a virus or some sort of malware/ Spyware. It only takes control on links.

If you type something in the address bar or sometimes just open it in a new tab your fine. This happens in both IE and Firefox. I am running windows 7 and I have had no other problems. I have scanned the computer with spybot and avg 9 both in safe mode and in normal mode still nothing. Here is my hijack This! log.

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 6:52:24 AM, on 12/23/2009
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Safe mode with network support

Running processes:
F:\Windows\Explorer.EXE
F:\Windows\system32\ctfmon.exe
F:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
F:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink... Read more

More replies
Relevance 74.62%

DDS.txt Log is below and Attach.txt is attached with this topic.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Jigi at 18:43:11 on 2012-03-22
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4030.1313 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32... Read more

Answer:I use Bing search and search links redirected to http://dailyprize-winners.com

Hello and Welcome to Bleeping Computer!!My name is Gringo and I'll be glad to help you with your computer problems. I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us1.Do not run any other tool untill instructed to do so!doing so will only at best cause you unneeded worry as it finds our backups and may even list our toolsand at worst can cause conficts with our tools and lead to unforseen things to happen2.Please Do not Attach logs or put in code boxes.besides the time it takes me to open the reports it makes it harder to find something if I need to go back to do more research and putting them in code boxes just makes them so hard to read3. After each step give me a little feedback It does not need to be long but just something so I know how things are going it can be something likeI am still getting redirected The computer is running as it shouldDon't put things like - it is the same as before or still the same this just makes me go back and look for you last feedback as to how things are4. read every post completely before doing anythingPay special attention to the Notes** I have put inThese are things I have found that happen allot and can be taken care of easily just by reading the Notes**Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.Ba... Read more

9 more replies
Relevance 74.21%

When doing google searches in Firefox or IE the links will get redirected when clicked on.
When the redirect is happening www.search-tracker.net appears in the bottom bar of firefox and the page displayed is wrong.
If I copy the link from the page (right click/copy link location) and paste it into the tile bar it always works correctly.
AVG does not show any issues.
Comcast cable network offers free install of McAfee security suite that I use to run.
When this issue showed up I found I could no longer do a virus scan with McAfee as the computer would reboot when the scan started.
All the management functions of McAfee worked fine but start a scan and the computer reboots.
I uninstalled McAfee and installed AVG.
AVG did one round of cleaning and now can't find anything.
I don't remember what AVG found other then tracking cookies. If it leaves a log behind that may still be around.
I have tried to install and run Malwarebytes' Anti-Malware.
It seems to install fine but will not run. Double click the icon and nothing.
I have uninstalled and reinstalled several times but nothing. Never tries to do the update either.
I have uninstalled and reinstalled Firefox but that did not help.
I just copied the the mbam.exe file to a new name and double clicked that and it started up. Cool.
I have attached the attach.txt file.
The Malwarebytes run finished. 1 Trogan.Agent was found. I have attached that log file also.
I will send this and then have Malwarebytes remove it. I will then ... Read more

Answer:Links in google search results get redirected / www.search-tracker.net

Hello dchoyt,Uninstall these old versions of Java, as they are malware magnets. Java™ 6 Update 2Java™ 6 Update 3Java™ 6 Update 5Java™ 6 Update 7Java™ SE Runtime Environment 6Java™ SE Runtime Environment 6 Update 1We will run ComboFix. You should NOT use Combofix unless you have been instructed to do so by a Malware Removal Expert. It is intended by its creator to be used under the guidance and supervision of an Malware Removal Expert, not for private use. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Please read Combofix's Disclaimer. Further, ComboFix logs are not permitted outside the HijackThis forums and then only when requested by a HJT Team member. You need to disable your AVG Antivirus before running ComboFix, as it will prevent it from running. To disable AVG antivirus: Please open the AVG Control Center program -> double-click on the "AVG Resident Shield" component (looks like this: ) -> deselect the "Turn on AVG Resident Shield" checkmark and save the setting.When you need to enable the AVG Resident Shield, just open the AVG Control Center program -> double-click on the "AVG Resident Shield" component -> select the "Turn on AVG Resident Shield" checkmark and save the setting.Note: If you already have a copy of ComboFix on your system it is essential that you delete it before downloading this ... Read more

15 more replies
Relevance 73.8%

When I search on google and try to click on the link it get's redirected to another search site. I did have a copy of ulead video 9 that I used a pn off the internet, but then I found my pn so I deleted the program and have not reinstalled yet.


DDS (Version 1.0) - NTFSx86
Run by Lori at 12:26:31.78 on Tue 11/18/2008
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.3006.1801 [GMT -7:00]

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\... Read more

More replies
Relevance 72.16%
Question: solution found

solution found.

More replies
Relevance 72.16%

Was a solution ever found for this problem?

PC Keeps Rebooting by SNP

It seems alot of people, including myself, have had this problem. Some speculated that it was an AGP Graphics card problem, others stated it was a Processor problem, while others also stated that the motherboard needed to be replaced...basically in this thread...every single option was exhausted but not resolution came to.

All I can think of is that there is a few factors in common here...

1. The people having this problem are using and AMD processor.

Im using the same as SNP.... 1.0ghz AMD Athlon

2. She had recently updated her drivers on her nVidia graphics card.

While the problem doesnt strictly rely on it being an Nvidia driver problem, seeing as I have an ATI Radeon 9200 and so did another member describing a similar problem, he has something to do with the updating of the driver aswell...

See, I updated my drivers the same day I started getting the "Keeps rebooting no matter what syndrome", and i forgot to uninstall my old ones...now, I cant even get past the "rebooting syndrome".

Im starving for a fix on this if anyone can help out....

I am really having a hard time thinking its a power supply or mobo problem, but more on a problem that has to do with the AGP Graphics card drivers conflicting with each other....

Can anyone shed any light?
 

Answer:Was a Solution Found?

Have you tested in safe mode or VGA mode to see if you can replicate the issue?

What happen if you uninstall the Video driver and you force the VGA driver?

What is the STOP error that you get?
Uncheck - automatically restart from system properties/advanced tab/start up and recovery.
 

2 more replies
Relevance 71.75%

Most search links are being re-directed- some virus infection for sure. I scanned using Malware Anti-virus s/w v1.41 with latest update, which found 4 rootkit(?) infections, and removed all these. SUPERAntiVirus 4.30 did no find any viruses. I would highly appreciate any help in fixing the problem. I have a Windows XP SP2.Thanks,SatyaFollowing the steps given in this link: http://www.bleepingcomputer.com/forums/t/271066/keep-getting-redirected/, I ran Gmer, RSIT and Malwar Anti-virus. Please find the logs below:Merged posts. ~ OB

Answer:search links being redirected

Anyone who could help me? Much appreciated.

3 more replies
Relevance 71.75%

Previous topic in AII here: http://www.bleepingcomputer.com/forums/t/312166/google-searches-redirected/ ~ OBHi,Yesterday, I somehow managed to get myself some nasty sort of virus. At first, I wasn't even able to run virus scans or Malwarebytes to get rid of it, so I attempted a system restore. The system restore seemed to solve most of my problems, except my AVG resident shield constantly popped up telling me there was a threat. After running both an AVG scan and Malewarebytes, that problem, too, seems to have subsided.Now, however, when I clink on links in Google, I am redirected to other websites. I have run Malwarebytes, AVG virus scan, Hitman, and SuperAntiSpyware several times each to no avail. The DDS scan results are below, however, I was unable to run GMER. The first time I attempted to run it, the scan began, but a few minutes later my computer froze. I assumed this was because I had a couple windows open, so I restarted my computer and tried again with nothing open. This time, I started the scan and went away from my computer, only to return a few minutes later and see that my computer had a blue screen of death.Edit: I noticed today that sometimes while I'm browsing the internet, a new tab will randomly open up and go to some website as well.DDS (Ver_10-03-17.01) - NTFSx86 Run by AdamC at 16:45:23.09 on Sat 04/24/2010Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_20Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2389 [GMT -4:00]AV: A... Read more

Answer:Search links redirected

Hello AdamC243 Welcome to the BC HijackThis Log and Analysis forum. I will be assisting you in cleaning up your system.I ask that you refrain from running tools other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond the your topic and facilitate the cleaning of your machine.Please keep in mind that we have a large backlog of users just like yourself waiting to be helped so try to be as timely as possible in your replies. Since we do this on a part-time voluntary basis we are limited on how many logs we can respond to and keep open due to time restraints. If you have to be away or can't answer for some other reason just let me know. Thank you for your understanding.After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.I would like for you to try GMER once again but this time uncheck everything but Sections and then give it a try.Also please run the following prior to attempting GMER again:RKill by GrinlerLink #1Link #2Link #3Link #4Download Link #1.Save it to your Desktop.Double click the ... Read more

20 more replies
Relevance 71.75%

Running Windows XP on a hp pavilion laptop. Just about every time I click on a search link, I get redirected to another site like webcry.com or findstuff.com. Really annoying!! Any help would be greatly appreciated.
 

Answer:Help! My search links keep getting redirected!!

staninbji said:


Running Windows XP on a hp pavilion laptop. Just about every time I click on a search link, I get redirected to another site like webcry.com or findstuff.com. Really annoying!! Any help would be greatly appreciated.Click to expand...

oh yeah, I forgot. Whatever it is also deleted all of my system restore points, so I can't go back beyond the date I picked it up.
 

2 more replies
Relevance 71.75%

About two weeks, I had a problem where my background changed into a bright green screen and I received several warnings about virus and malware installed. The system would not let me open the task manager and was running very slow.

I check the registry and found that a setting was changed to prevent opening the task manager. I changed this back, and found a program taking 100% of the system resources. I killed the process and run my Spyware Doctor which found and removed several infections.

This allowed me to use my system and run programs again, but, my Google Search results started redirecting me other sites. I normally have to click on a link several times to get to the correct site. I also get random tabs popping up asking me to take "surveys".

I have tried Malbytes and SUPERAntiSpyware but to no avail.
DDS (Ver_09-12-01.01) - NTFSx86
Run by Bruce at 21:30:38.68 on Fri 12/25/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.692 [GMT -7:00]

AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\... Read more

Answer:Search links are being redirected

This has been resolved.

I downloaded Kapersky Internet Security that identified rootkit.win32.TDSS.d

Kapersky was not able to remove this, but a google search pointed me to a program called TDSSkiller.exe

This identified and removed the rootkit.

2 more replies
Relevance 71.75%

Hello, Everytime i use google or any other search tool and i click on a link i am redirected to various sites. It is not the same site every time. Deckard's System Scanner v20071014.68Run by cpsdhen on 2008-04-26 10:29:36Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 5 Restore Point(s) --57: 2008-04-26 14:29:42 UTC - RP57 - Deckard's System Scanner Restore Point56: 2008-04-25 20:13:14 UTC - RP56 - System Checkpoint55: 2008-04-24 20:11:17 UTC - RP55 - System Checkpoint54: 2008-04-23 19:19:09 UTC - RP54 - Installed Conductix Quick Quote53: 2008-04-23 18:06:41 UTC - RP53 - System Checkpoint-- First Restore Point -- 1: 2008-02-01 07:07:00 UTC - RP1 - System CheckpointBacked up registry hives.Performed disk cleanup.-- HijackThis (run as cpsdhen.exe) ---------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:30:55 AM, on 4/26/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WI... Read more

Answer:Search Links Redirected

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Please download ComboFix and save it to your desktop.Prior to running Combofix.exe you should disable your antivirus program and disconnect from the internet.Double click combofix.exe and follow the prompts.When it's done running it will produce a log for you. Please post that log in your next reply.Important Note - Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

2 more replies
Relevance 71.75%

Whenever i search in google, yahoo, or live and click on the search link, i am being redirected to a different site. I ran adware, spybot, and avast scans, they picked up some malware and viruses which removed, but my links still are redirected.

Answer:search links are being redirected

help?

2 more replies
Relevance 71.75%

If I search something from a website like google, and I click the link. It will sometimes redirect me to an ad. it doesn't redirect me all the time, but if I were to open a wikipedia page about the Olympics 10 times. It will redirect me about 3 times. I have used avg, panda, kasperkey, spybot s&d, malwarebite, superantimalware, combofix, tdsskiller. Some of them only find malware, but never anything that removes this virus. The virus scanners never find anything. Also I have tried these things in safe mode also.

I tried using this forum before Search links being redirected. but they weren't really any help.

I've used panda, avast, spybot s&d, tdss, malwarebytes, trojan remover, hitmanpro, avg, superantimalware, combofix and kasperkey, they find and remove small things like cookies, but they don't find anything else and the redirecting still happens.

More replies
Relevance 71.75%

Search links are redirected by this ip address 216.133.243.28

Answer:Search links are redirected

Hello crmadison,I apologise for the delay, the forum is busy.---------------------------------------------- I will be assisting you with your malware issues.Whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.Continue to respond to this thread until I give you the All Clean! If you have any question or you're stuck in there please reply it to me. I will try my best to help you!Please bookmark or favourite this page. In case you need it as reference or etc.If you fail to reply in 5 days period from now, this thread will close, and you will have to open another topic, and wait for another helper.IMPORTANT NOTE:If you are using Windows Vista you must right click on the desktop icon and choose Run as Administrator all tools.----------------------------------------------Malwarebytes' Anti-MalwarePlease download Malwarebytes' Anti-Malware to your desktop.Double-click mbam-setup.exe and follow the prompts to install the program.At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select Perform full scan, then click Scan.When the scan is complete, click OK, then Show Results to view the results.Checked (tick) all items except items in the C:\System Volume Information folder, and click Remove Selected.When completed, a ... Read more

2 more replies
Relevance 71.75%

Search links are being redirected to various sites. If I click on the link quickly it will take me to the correct site. On occasion a Google window (I am not sure if it is authentic) will open. Thanks for any help you can provide.

Sorry, additional information. I am using Windows XP and Firefox. I have tried IE and have the same problem. I have ran Malwarebytes, which has found some issues, but it has not fixed this problem.

Answer:Search links being redirected

Try this:http://www.bleepingcomputer.com/virus-remo...sing-tdsskiller

1 more replies
Relevance 71.75%

Howdy, An unfortunate click on a pop-up window appears to have infected our Vista machine with some malware that redirects our google searches to other sites. It also occasionally starts up an IE session by itself. We've tried our McAfee Security Center scans and the HitMan Pro 3.5 software, but the problem persists. Also...when I was saving the GMER scan, my bleeping computer locked up and I got the Vista version of the BSOD. Before I could read everything, the machine rebooted. As it restarted, I got a message saying the System Event Notification Service had a problem and I should read the log. I'll try to find it after I finish this post. I'll appreciate any help you can provide!DDS (Ver_10-03-17.01) - NTFSx86 Run by GlennFam at 14:23:18.22 on Sun 06/13/2010Internet Explorer: 7.0.6001.18000Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.3325.1912 [GMT -6:00]SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\system32\Ati2evxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRe... Read more

Answer:Search links being redirected

GreetingsOne or more of the identified infections is a Backdoor Trojan.This could allow hackers to remotely control your computer, steal critical system information and download and execute files.I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC could be compromised and there is no way to be sure that your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?When Should I Format, How Should I ReinstallWe can still clean this machine but I can't guarantee that it will be 100% secure afterwards. "If you would like to continue, then follow the steps below, otherwise please let me know"I Would like you to do the following.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Run Combofix:Please visit th... Read more

11 more replies
Relevance 71.75%

All browsers are being redirected when I click a search link. I have attempted to clean the system myself by running the Security Tango. All scans show the system as being clean(Avg Free, Malwarebytes, SuperAntiSpyWare). The hosts file seems to be clean as well.
 
Thank you for any help.
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16521  BrowserJavaVersion: 10.21.2
Run by mike at 17:16:49 on 2013-05-31
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3835.2171 [GMT -4:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k Lo... Read more

Answer:search links being redirected

Hello sirdartan I would like to welcome you to the Malware Removal section of the forum.Around here they call me Gringo and I will be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same... Read more

14 more replies
Relevance 71.75%

Whenever i search in google, yahoo, or live and click on the search link, i am being redirected to a different site. I ran adware, spybot, and avast scans, they picked up some malware and viruses which removed, but my links still are redirected.

Answer:search links are being redirected

Re-direction is ALMOST ALWAYS caused by malware issues...Even though you have run a few scans with IMHO good products they may or may not pick up every sign of infection. I would open up a new topic here:http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/Let the experts there guide you in the removal of what may be causing this issue....I would also highly recommend that you limit your use of the internet until this issue is resolved as someone may be stealing valuable information from you without you even knowing about it...

1 more replies
Relevance 71.75%

Hi I have a computer which have all search results redirected, google,yahoo,bing,etc... to mx2(dot)35326(dot)get-search-results(dot)com/jump1/xxxxxxxxxxx.................................

I have ran Malware Bytes with updated definition file, but didn't capture anything.

Computer have updated Trend Micro OfficeScan as well.

Any ideas what i should be trying ?

Answer:All search links are redirected

Hello and welcome. Perhaps we can get in like this.Reboot into Safe Mode with Networking How to enter safe mode(XP)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode with Networking using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. >>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.RKill....Download and Run RKillPlease download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4

Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
If nothing happens or if the tool does not run, please let me know in your next replyDo not reboot your computer after running rki... Read more

3 more replies
Relevance 71.75%

Hello,A few days ago I started getting redirected to random ads and websites when I click on a search result in google. I've run both McAfee and AdAware scans, but they haven't found any problems. Here is my HijackThis log. I appreciate any help!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:48:24 PM, on 9/30/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\WLTRYSVC.EXEC:\WINDOWS\System32\bcmwltry.exeC:\Program Files\Lavasoft\Ad-Aware\AAWService.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\dlcxcoms.exeC:\Program Files\Juniper Networks\Common Files\dsNcService.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\PROGRA~1\McAfee\MSC\mcmscsvc.exec:\program files\common files\mcafee\mna\mcnasvc.exec:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exeC:\Program Files\Common Files\Micro... Read more

Answer:Search links being redirected

Hello sro1987Welcome to Welcome to BleepingComputer =====================Download OTL to your desktop.Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.When the window appears, underneath Output at the top change it to Minimal Output.Under the Standard Registry box change it to All.Check the boxes beside LOP Check and Purity Check.Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.===========Download This file. Note its name and save it to your root folder, such as C:\.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.Click on this link to see a list of programs that should be disabled.Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")Allow the driver to load if asked.You may be prompted to scan immediately if it detects rootkit activity.If you are prompted to scan your system click "Yes" to begin the scan.If not prompted, click the "Rootkit/Malware" tab.On the right-side, all items to be scanned should be checke... Read more

1 more replies
Relevance 71.75%

If I search something from a website like google, and I click the link. It will sometimes redirect me to an ad. it doesn't redirect me all the time, but if I were to open a wikipedia page about the Olympics 10 times. It will redirect me about 3 times. I have used avg, panda, kasperkey, spybot s&d, malwarebite, superantimalware, combofix, tdsskiller. Some of them only find malware, but never anything that removes this virus. The virus scanners never find anything.Edit: Also I have tried these things in safe mode also

Answer:Search links being redirected.

Alright, so I followed the instructions from the links you gave me and I saw no tdsserv.sys/alureon.sys in my device manager even after showing all hidden devices. I went to my host file in notepad, there was one extra ip, something like "::1" which I deleted and the problem persisted. When I went to device folder. I didn't find any files with the name TDSSserv.sys/TDSSSserv.sys/Alureon.sys/TDSSI.dll. I've deleted all my temp internet files and the problem persist. I already used malware bytes anti malware, still nothing showed up. The problem still persist.

6 more replies
Relevance 71.75%

Quickly I'll thank all those that take their time to help others here, and then try to be specific with my problem. I'm having my search links redirected by some hijack. There seems to be a lot of this going around lately. I mainly use Google, but I tried other engines, specifically Bing, and it got redirected too. This has occured with both IE & Firefox.
I've cleaned up my system with Spybot, McAfee, Windows Defender, & MBAM. Almost all now give me the all-clear; however, McAfee still finds two NTOSKRNL-HOOKs when it scans. It always deletes them, but still finds them again next scan.
I've tried Gooredfix, and it seems to do nothing. I have its log, though, if one is interested. I have MBAM logs, too, as well as HJT logs.
I'm out of other ideas and am tired of this, as it's gone on a couple days. So, I submit to those who know more than I. Let me know what else I can do to make things clearer for your understanding if needs be, and I hope I'm doing this all right.
Here's my DDS.txt with Attach.txt attached:

DDS (Ver_09-07-30.01) - NTFSx86
Run by John at 18:16:38.52 on Fri 08/14/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.639.193 [GMT -4:00]

AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Progra... Read more

Answer:Search links redirected. Tried everything else.

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 71.75%

Neither spybot, McAfee, Malware Bytes or Windows security can find the responsible ap and get rid of it. Can you help? HJT post is attached below.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:32:00 PM, on 11/22/2009Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v8.00 (8.00.6001.18828)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\DellTPad\Apoint.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\Dell\MediaDirect\PCMService.exeC:\Program Files\McAfee.com\Agent\mcagent.exeC:\Program Files\Dell V305\dldtmon.exeC:\Program Files\DigitalPersona\Bin\DpAgent.exeC:\Program Files\IDT\WDM\sttray.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Windows\ehome\ehtray.exeC:\Program Files\Dell Support Center\bin\sprtcmd.exeC:\Program Files\DNA\btdna.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\Program Files\Dell V305\dldtMsdMon.exeC:\Program Files\DellTPad\ApMsgFwd.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files\DellTPad\HidFind.exeC:\Program Files\DellTPad\Apntex.exeC:\Windows\ehome\ehmsas.exeC:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files\Mozilla Firefox 3.6 Beta 2\firefo... Read more

Answer:all search links redirected

And unfortunately you did not see the warning about not post Hijack This logs with a request from a helper. The moderator will most likely delete this post when he/she sees it so helping you would be a waste of time.

3 more replies
Relevance 71.75%

On a friends computer, when doing a search, the list comes back looking as it should but clicking on a link to visit that page will usually go to some unrelated shopping site. I have noticed that there is a lengthy delay (10-15 seconds) if the link is being redirected while there is no delay on those rare occasions when the link works properly. Although Google is the primary Search Engine, the redirection also occurs with Yahoo and Bing. It also occurs from both the Google Toolbar search and the main Google web page.I have tried repeatedly to run GMER.EXE but I am unable to get a complete run. The first three runs ended in a Blue Screen (STOP 0c000021a). After updating all of my drivers, I no longer get the Blue Screen error. However, on 3 occasions, the computer froze while scanning /Cdfs and on two other occasions, the computer froze at some other location during the scan. On one occasion, I was able to complete the scan, but as soon as I clicked on the Save button, the computer froze. All freezes are "hard" freezes. Nothing can be done except to power off the computer and power it back on again.Here is the DDS.txt file:DDS (Ver_10-03-17.01) - NTFSx86 Run by Kim Falconer at 11:30:19.15 on Mon 08/16/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2492 [GMT -4:00]AV: McAfee Anti-Virus and Anti-Spyware *On-access scanning disabled* (Updated) Close topic 0FW: McAfee Firewall *enabled* BOTTOM BUTTON... Read more

Answer:Search Links Redirected

Hi James, to Bleeping Computer My name is SpySentinel and I will be helping you fix your malware problem.Sorry for the delay, we have been very busy lately, and I apologize for your wait.Please read carefully and follow these steps. Download TDSSKiller and save it to your Desktop.Extract its contents to your desktop.Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.If an infected file is detected, the default action will be Cure, click on Continue.If a suspicious file is detected, the default action will be Skip, click on Continue.It may ask you to reboot the computer to complete the process. Click on Reboot Now.If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.Download ComboFix from one of these locations:Link 1Link 2Link 3* IMPORTANT !!! Save ComboFix.exe to your DesktopDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our toolsDouble click on ComboFix.exe & follow the prompts.As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections... Read more

15 more replies
Relevance 71.75%

Hello,

I'm running WIndows Vista on a Toshiba Laptop.

When I click on search links in Google or Yahoo they are redirected to something else altogether. I have Trend Micro and have run that and gotten no results and ran SpyBot S&D with no results either.

DDS.txt below...and other files attached as per instructions page...

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16455
Run by Kenneth at 10:32:38 on 2012-12-06
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.2038.1142 [GMT -5:00]
.
AV: Trend Micro Titanium *Disabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}
SP: Trend Micro Titanium *Disabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
C:\Program Files\Windows Media Player\wmpns... Read more

Answer:Search links are redirected

Hello and welcome to TSF.

I am currently reviewing your post. I will be back with a fix for your problem as soon as possible.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification then click Subscribe.
----------

Please download TDSSKillerDouble click TDSSKiller.exe
Press Start Scan
Do Not Attempt To Fix Anything Now. We just need to look over the report and be sure we are removing the correct
items.
Attach the log in your next replyA copy of the log will be saved automatically to the root of the drive (typically C:\)

----------

13 more replies
Relevance 71.75%

I am having trouble with my XP computer. When I do a search using IE or Firefox, then click on any of the links, I am redirected to some unrelated advertising site.

I have use Maleware Bytes, (free version) SpyNoMore (paid subscription) CCleaner, and McAfee Security Suite. I have run these until the results all come back clean. As soon as I get on the internet, I get hijacked again.

I'm hoping that bleepingcomputer.com can help me get my computer back on track. I am not very a techincal person, so I hope any help is in easy to understand and follow terms.

I am doing this initial post from work, so I do not have access to my problem computer right now.

Thanks.
vickilz

Answer:Search links being redirected

Hello let's do a couple more...Please download TFC by Old Timer and save it to your desktop. alternate download linkSave any unsaved work. TFC will close ALL open programs including your browser! Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator. Click the Start button to begin the cleaning process and let it run uninterrupted to completion. Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.Now run SASPlease download and scan with SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)In the Main Menu, click the Preferences... button.Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Wi... Read more

11 more replies
Relevance 71.75%

When i click o a link in a google search it is redirected to another site, After 3 or 4 tries this problem stops until ther are new search results. I have tried all sorts of scands and virus checks bur can nor et rid of the problem. I only have this with y desktop achine . My laptop is free of the problem. I see from other posts that you ave been able to solve the problem. Any help would be appreciated.
Hi-jack This log attached.
Logfile of HijackThis v1.99.1
Scan saved at 12:51:26, on 25/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
G:\Ashampoo Magical Defrag 2\bin\aDefragService.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
G:\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
G:\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\program files\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\M... Read more

More replies
Relevance 71.75%

My search result links (In Google or Bing) are being redirected. I would be thankful for any help.

HiJackThis results:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:01:59 PM, on 7/31/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Users\Dena_2\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\PIXELA\ImageMixer 3 SE for SD\CameraMonitor.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.ex... Read more

More replies
Relevance 71.75%

Hello,
My computer has recently started to redirect my search links to various spam websites. I am running Windows 7 and the problem occurs in Firefox.

I have run a Malwarebytes scan and a SuperAntiSpyware scan; both found problems, but once the viruses/malware were removed, the redirect problem continued to happen. Any help with this issue would be greatly appreciated.

Additional Notes: I am not running Windows 7 SP1 because the installer always comes up with an error; I believe the problem is being caused because I dual-boot Fedora.

Answer:My search links are being redirected.

Hello, let's run this next and see if it stops.Please post the MBAM log. The log is automatically saved and can be viewed by clicking the Logs tab.Copy and paste the contents of that report in your next reply.Please download MiniToolBox, save it to your desktop and run it. Checkmark the following checkboxes: Flush DNS Report IE Proxy Settings Reset IE Proxy Settings Report FF Proxy Settings Reset FF Proxy Settings List content of Hosts List IP configuration List Winsock Entries List last 10 Event Viewer log List Installed Programs List Users, Partitions and Memory size.Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.Please download TDSSKiller.zip and and extract it.Run TDSSKiller.exe. Click on Change Parameters Put a check in the box of Detect TDLFS file system Click Start scan.When it is finished the utility outputs a list of detected objects with description.
The utility automatically selects an action (Cure or Delete) for malicious objects.
The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click ContinueLet reboot if needed and tell me if the tool needed a reboot.Click on Report and post the contents of the text file that will open.

Note: By default, the utility outputs the log into system disk (it is usually the disk with installed o... Read more

12 more replies
Relevance 71.34%

Greetings Win10sters,

I'm the Mac switcher that visits now and again. The Windows noob from 2016. Nearly all is well with thanks to you and yours. But I do have a question. You see -- I believe I found an answer but since I'm still noobish I'm actually not sure I did.

PROBLEM -- My Asus VivoMini PC is a brand new little beauty. Takes up very little room yet gives me the muscle I need. The problem? The fan WHIRS on at the drop of a hat.

I can be on a webpage like this... typing text into a comment field like this... and actually hear the fan whir more when typing and then ease off when I'm not. Stupid sensitive for an i5. Terribly 'tuned' as it were.

Open a web browser and the fan ERUPTS. Loading page after page. Dies down once done but again... just sneeze its way and the fan briefly kicks on... then off. On... then off.

SOLUTION -- Somewhere on YouTube I saw a dude essentially suggest this --

The result? Fan is always on but typically quiet. If I tax the system the fan increases moderately. I can type these words and here zero increase of fan.

BUT IS IT FIXED -- Sounds like it is, right? But since I'm not sure what I'm doing I don't know if I'm creating a problem down the line.

My first obvious choice was to involved Speccy and verify that the system wasn't running warmer now. Tricky to test but I got zero indication that I'm making the system warmer by doing this.

So tell me -- did I fix it? Or am I screwed?

Thanks in advance for all HELP

More replies
Relevance 71.34%

Greetings Win10sters,

I'm the Mac switcher that visits now and again. The Windows noob from 2016. Nearly all is well with thanks to you and yours. But I do have a question. You see -- I believe I found an answer but since I'm still noobish I'm actually not sure I did.

PROBLEM -- My Asus VivoMini PC is a brand new little beauty. Takes up very little room yet gives me the muscle I need. The problem? The fan WHIRS on at the drop of a hat.

I can be on a webpage like this... typing text into a comment field like this... and actually hear the fan whir more when typing and then ease off when I'm not. Stupid sensitive for an i5. Terribly 'tuned' as it were.

Open a web browser and the fan ERUPTS. Loading page after page. Dies down once done but again... just sneeze its way and the fan briefly kicks on... then off. On... then off.

SOLUTION -- Somewhere on YouTube I saw a dude essentially suggest this --

The result? Fan is always on but typically quiet. If I tax the system the fan increases moderately. I can type these words and here zero increase of fan.

BUT IS IT FIXED -- Sounds like it is, right? But since I'm not sure what I'm doing I don't know if I'm creating a problem down the line.

My first obvious choice was to involved Speccy and verify that the system wasn't running warmer now. Tricky to test but I got zero indication that I'm making the system warmer by doing this.

So tell me -- did I fix it? Or am I screwed?

Thanks in advance for all HELP

More replies
Relevance 71.34%

after a couple of months of agony, and almost throwing a phone against the wall, i've finally managed to make the lumia 550 work properly.
let me explain what i tried doing, but didn't work:
soft and hard reboot, using the phone without the memory card, storing the apps on phone memory - nothing helped.
so i downloaded the system recovery tool (or whatever it's called), and reverted my 550 to default system version. upon the first startup, i've disabled all connections, and turned off all the automatic updates i could find. none of the store apps are being updated, and it's not downloading the phone updates either (for now, this is day2).
all the "outdated" apps are working more than good, phone is WAY faster, it's not lagging, crashing or anything.
i hope this can help to someone.
cheers

Answer:Found a solution to 550 being awful

Haven't you already posted this?
I've used a Lumia 550 without any of the issues you are experiencing.
Also you don't mention if you have used the Windows Device Recovery Tool to check for/update the firmware.
If you need additional help or have more questions or details to share, please join the site so you can reply in this thread. See this link for instructions on how to join Windows Central.

1 more replies
Relevance 71.34%

After weeks of dealing with this painful popup, I've figured out how to get rid of it, yay me! Registered just to post this.. -_-The one in particular are these mentioned:http://www.bleepingcomputer.com/forums/t/179110/mtn5goolews-and-popupadvnet-malware/http://www.bleepingcomputer.com/forums/t/178465/mtn5goolews-and-popupadvnet-malware/http://answers.yahoo.com/question/index?qi...02232323AApHUQ9http://www.wilderssecurity.com/showthread.php?p=1346489Firstly, the DNS settings on the router has been changed to be that of the "virus". So just select "restore defaults" on the router (Or input some other DNS server yourself, I use OpenDNS!), and change the username/password.Secondly, the DNS settings on the host PC have been changed, and an application is still lurking changing it back. A simple virus scan in Windows Safe-Mode gets rid of it, I use Avira-AntiVir Pro.Very simple solution, and it would be appreciated if one of the staff would put this information in the 2 BleepingComputer topics above.

Answer:Solution found to ADV.net popups.

Thanks TigerTails

1 more replies
Relevance 71.34%

I had the Win32\gen worm,that continually dropped Adware,spyware.Brouser Hijackers,etc
It alterd GMER,Hijackthis,Spybot,Avast,It also escaped Norton,
After 7 different OS Re-installations,I finally used COPYWIPE to clean the infected Hard drive, and did not format the HD using another infected Os (XP Pro x64) 2 machines,same OS
I used The Windows Installation disc to format the clean HDD,Then Installed ,on what i thought was a "New HDD",after installing XP on the "Clean HD",i then used my two external HDD's that have various programs and drivers on them
The Two external drives i use to transfer files& programs(,both were formatted with the Infected OS)
On those external drives i had various drivers and programs i use,but the External drives were formatted by the infected OS,which left them with two and (sometimes more) FOLDERS in System Volume Information.
They had "RECYCLE BIN",And "SYSTEM Volume Information"still on them,from the infected OS HDD,sometimes they had 2 "recycle bin folders,sometimes NOT.I used both external HDD's when i reformated and re-install XP ,and the other programs on the External Hard drives
When i Installed windows an a "NEW HDD",it never got rid of the existing files in System volume information
"ChangeLog" and "Mounting Point Remote Manager" and or Tracking Log

After installing XP on the "Clean HDD",i then ran Avast before even activating XP,it came up w... Read more

Answer:Found a solution to WIN32\GEN

It will help others,and thanks for posting your Fix.

1 more replies
Relevance 71.34%

Hi Guys
I'm including a thread of a post about Query My CA Information because I am having the same problem when I start up or login
and I DO NOT have a Belkin Wireless device installed nor have I ever??? FYI ...
Join Date: Sep 2006
Experience: Junior System Builder
28-Sep-2006, 04:42 PM #1
Solved: LIBEAY32.dll most likely related to a belkin wireless adapter
Hello,
I recently had a problem with my signal strenght and my Belkin wireless adapter not working properly. I have fixed them it seems, however in my zeal to remove the old wireless adapter completely I think I accidentally messed with a .dll file I wasn't supposed to. Now I recieve this message every time I start my comp:

Title:
Query My ca Information: InfoMyCa.exe - Ordinal Not Found LIBEAY32.dll.
Body:
The ordinal 968 could not be located in the dynamic link library LIBEAY32.dll.

So I tried to download LIBEAY32.dll from a website, but I have no idea where to put it, and furthermore when I attempt to save it to the Belkin file it says that LIBEAY32.dll already exsists in that folder. So I'm totally lost as to what I need to do from here. I suspect it may be some sort of virus as I've erroneously downloaded or some sort of spyware, however it is just suspicion. PLEASE HELP ME I'M CLUELESS! THANKS!
sincerely,
sam p.
Register for free to hide this ad!
Ads by Google
Computer Network Services
Design, Install, Fix, New/Existing Wired/Wireless, LAN/WAN, Firewalls
www.connectsis.com

ozrom1e

D... Read more

More replies
Relevance 71.34%

after a couple of months of agony, and almost throwing a phone against the wall, i've finally managed to make the lumia 550 work properly.
let me explain what i tried doing, but didn't work:
soft and hard reboot, using the phone without the memory card, storing the apps on phone memory - nothing helped.
so i downloaded the system recovery tool (or whatever it's called), and reverted my 550 to default system version. upon the first startup, i've disabled all connections, and turned off all the automatic updates i could find. none of the store apps are being updated, and it's not downloading the phone updates either (for now, this is day2).
all the "outdated" apps are working more than good, phone is WAY faster, it's not lagging, crashing or anything.
i hope this can help to someone.
cheers

Answer:Found a solution to 550 being awful

after months of agony, and almost throwing the 550 against the wall, i've finally managed to make it work.
browsing these forums, everyone had the same advice - soft or hard reboot; i've tried that, i've also tried taking the mem card out, and installing all apps to phone memory; nothing worked.
yesterday, i got pretty pissed and tried finding a way of installing win8.1. didn't make it, but i've downloaded the recovery tool, and reverted the phone to a default version (think i got it with this one). i didn't allow any internet connections, and i've turned off ALL automatic updates i could find. windows isn't downloading or installing updates (for now), and the apps need my permission before even downloading (mobile network and wifi were turned on after i set the update settings)
now everything works flawlessly (except for the newly downloaded apps, ie fb messenger crashes everytime i try snapping a photo through it, it was doing the same before this "fix"). the "outdated" apps are simply perfect, nothing is crashing, the phone is fast and responsive, and it's much closer to 8.1 experience.
hope more people will try this and provide feedback.
cheers!

more replies
Relevance 71.34%

Hi,Solution to fix the error 'jpeg dll' not foundI bought a PC few months back and recently i came across with an error message "Sorry, jpeg dll not found. You must reinstall this program" whenever PC is re-started. I came to know that, this error message is prompted for various reasons.First thing i did was searched for 'jpeg.dll' in my PC [C:\] and observed that this file was installed at so many folders say C:\WINDOWS\system32\, C:\Program Files\Java\jre6\bin\, C:\Perl\site\lib\auto\Tk\JPEG\ ...............To fix this error first i tried to un-install and re-install the PERL. That's it. Fixed. Now i encountered with no error message.So, if jpeg.dll issue is related to PERL, then the solutions are:SOLUTION: 1Uninstall and re-install the PERL SOLUTION: 2From your friends PC, copy jpeg.dll from path "C:\Perl\site\lib\auto\Tk\JPEG\JPEG.dll" [First, check the installation drive] and copy it at same path in your PC.Good Day

More replies
Relevance 71.34%

Had problem on my T60, DVD/CD not recognized and drive shown as problem. Have two T 60s so swapped drives, bad one worked in other T60 so I knew it wasn't hardware, had to be driver? Found this solution from MicroSoft support web site. Has self activated install and fix. Worked like a champ, got my drive back after 3 months. Glad I didn't rebuild this operating system like some other have. http://support.microsoft.com/kb/314060 

Answer:T60 DVD CD not seen or recognized - solution found

I had a similar problem.  Now its fixed. Thanks for your solution. 

1 more replies
Relevance 71.34%

I was not able to sign in to MSN or access Windows Updates and got the 0x800B004 error. Jupiter Jones [MVP] from MSN gave several suggestions at the Windows Update Newsgroups and I finally found one that worked ! ! ! I have searched for hours! ! !

He said to register the following files with these steps:
1. Click on Start, Run and type REGSVR32 SOFTPUB.DLL
Wait until you get the popup message that this process succeeded.
2. Click on Start, Run and type REGSVR32 INITPKI.DLL
Wait until you get the popup message that this process succeeded.
3. Click on Start, Run and type REGSVR32 MSSIP32.DLL
Wait until you get the popup message that this process succeeded.
4. Now try to access MSN and the Windows Update site and see if you get the same error.
You can look at Jupiter Jones' list of suggestions on the Windows Update Newsgroups. It was dated 12/2/2003 at 9:38:13 PM.
 

More replies
Relevance 71.34%

Hi, I've literally spent hours upon hours on phones, on my settings tweaking things to figure out WHY I can't host games for other people. I will post everything that might be relevant to my problem. I've googled pretty much everything I can think of.

Computer IP: 192.168.1.2
Router IP: 192.168.1.1
Router Info: Linksys WRT54G2

I've gone to portforward.com and followed the directions specific to that router, I HAVE set up a static IP address and I have forwarded the correct ports, there is no question about that and yes it is forwarded to (.2). I have also tried enabling DMZ, still no cigar. I've also helped other players port forward their routers successfully using this website, but for some reason it has not worked for me.

-I am on a Mac OS X 10.5.5, using Gameranger trying to host games on Age of Empires II

-When I click the host button, I get an error message saying "Port-restricted Cone NAT Router" I've googled it, but it never gives me an easy definition to understand, or how to get rid of it if need be. I'm not sure if this is even relevant, but since it says "Port-Restricted" does this mean that I cannot forward ports or something?

-I have a DSL connection, connects through a modem, to a router, to my computer.

-I have checked my computer for firewalls, none. I have also disabled all the firewalls on my router as well. I have called my ISP and they said they don't do any blocking in their modems.

-My ... Read more

More replies
Relevance 71.34%

Hya everyone well i just want to say thanks for all of you who spent time with me trying to solve my problem with deleting my old isp programme but what I did in the end was down load CCleaner went in to tools clicked on the programme and CCleaner removed all trace of the programme. I do not have the problems I had before. See previous posts. Thanks again this is a brill site.
 

More replies
Relevance 70.93%

This computer has been running very slow and erratically. I am 99% sure that the problem is malware.
I found a lot of junk and removed many suspicious looking toolbars and programs from Programs/Devices in the CP. I also saw "My Web Search" on the list but it could not be removed.

Also note numerous "My WEb Search" instances in the registry but I doubt if I got them all.

I have downloaded, installed and ran a thorough Windows Security Essentials which came up cleaning.
I also downloaded, installed and ran a thorough Malwarebytes scan.

Please advise.

Thanks

Answer:Malware suspected; found "My Web Search"

Hello webgal try these too the ADW download from bleeping computer.

Have you got CCleaner if not run that as well just be careful to keep cookies for passworded sites you need

CCleaner - Download < from piriform to keep cookies run the cleaner (Analyse) and the go to Options > Cookies > send any you want to the right hand list. The go go back and run the Cleaner.

http://www.superantispyware.com/

AdwCleaner Download

1 more replies
Relevance 70.93%

I've got an issue when I use the Google or Yahoo search engines(maybe others as well). If I click on the links that populate under the search, I get redirected to shoppings sites through www.wa-search.com. If I copy the url and paste it into the address bar, I can access the correct website(that's how I was able to search and find my way here).

I run Spybot, CCleaner, and Malwarebytes, but I'm still having the same issue. Below is the Hijack this log file and a Malwarebyte log file.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:53:48 AM, on 6/3/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\AMT\atchksrv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\ifxspmgt.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\ifxtcs.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\WINDOWS\system32\IfxPsdSv.exe
C:\WINDOWS\system... Read more

Answer:Help! Search Engine links being redirected

BUMP

I can now add that Google or Yahoo search functions are much slower. Also, the first page of search results contain good url's that I can copy and paste into the address bar in order to navigate to that site, but if I try and advance to the second page of search results, I get redirected to some other site by the wa-search.com.

I'm believe that this malware was delivered to me through Facebook with a fake Adobe Shockwave update.

Thanks in advance for any help.
 

2 more replies
Relevance 70.93%

There is some virus, spyware etc. that is redirecting my search engine search results. Sometimes the links will take me to the right page, but 50% of the time I will get redirected to some random site. I have mcafee virusscan enterprise 8.5. When I run it I will always get two of a virus named "ntoskrnl-hook" and I can't get rid of it. I'm assuming that is causing the problem.

I have a Dell laptop, M1710 and am running on Windows XP. Any help would be appreciated so much! Thanks.

Here is my Hi-jack log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:32:28 PM, on 4/24/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\... Read more

Answer:Redirected search engine links.

Bump
 

1 more replies
Relevance 70.93%

Hi,

Whenever I do a search on Google, Yahoo, etc... it works fine for the first link I click on then after that it will send me to random sites that aren't related to my search. I also found that my Java was not updating automatically and I think this is how my computer first became infected. I have since checked the box to update automatically and installed the most recent version. Any help on this would be appreciated.

OS: Win XP
Apps: Chrome, IE
When: Everytime I do a search on any search engine
David


Edit: Added details about what systems I'm using.

More replies
Relevance 70.93%

Hello people I recently (about 1 day ago) have been having a problem where when i click on a link on Google it sometimes redirects me to random ad's or other search engines.I have ran superantispyware and malwarebytes both turning up with nothing and i tried a system restore to an early time/ day but i still have the problem.It has been very irritating and i was wondering can anyone help me with the problem.HijackThis Log :Logfile of Trend Micro HijackThis v2.0.4Scan saved at 4:16:46 PM, on 5/13/2010Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Program Files\Messenger\msmsgs.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Prog... Read more

Answer:Search Engine Links Being Redirected

Hello. Welcome to BC.My name is Extremeboy (or EB for short), and I will be helping you with your logIf you still require assistance we would like to see the current condition of your system so please post a new set of DDS Logs as well as a GMER log and a description of any remaining problems or symptoms you may still have please.If for any reason you did not post a DDS log or GMER log please refer to this page and in step #6 and Step #7 and Step #8 for further instructions on downloading and running DDS & GMER. If you have any problems when running the tools or unable to produce a report for any reason, just let me know in your next reply.For your next reply I would like to see:-The DDS logs---DDS.txt and Attach logs-GMER log-Description of any remaining problems you may still have.Thanks.With Regards,Extremeboy

11 more replies
Relevance 70.93%

I'm trying to help my sister with her computer. Every time she does a google search, when she clicks on one of the results it redirects her to a completely different page. It doesn't seem to matter what search engine she uses or what browser. She has wasted her money taking it into office depot twice to have them look at it and it still does it. She has scanned it with AVG and found nothing. I thought it might be a TDSS infection, but can't find any of the normal evidence of TDSS. I'm accessing her computer remotely with logmein's join.me site (she lives in a different state than me). I scanned it with malwarebytes in safe mode and found nothing. There are no proxy server settings set up in internet options. The infection still seems fully functional in safe mode. Currently I'm running a trend micro housecall scan, while looking over the hijackthis log, but I'm still learning how to analyze hijackthis logs. here is what the log says.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:57:23 PM, on 10/22/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19154)
Boot mode: Safe mode with network support

Running processes:
C:\Users\James\AppData\Local\Temp\tmpF575.exe
C:\Users\James\AppData\Local\Temp\joi188E.tmp\join.me.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\James\AppData\Local\Temp\HouseCall32\housecall.bin
C:\Users\James\AppData\Local\Microsoft\Windows\Temporary Int... Read more

Answer:Redirected search result links

After posting, I noticed the C:\Users\James\AppData\Local\Temp\tmpF575.exe in the running processes. I google search revealed it to be part of a trojan called eapp32hst.dll. I killed the process and searches seem to function normally now. I'm still doing research on how to make sure it gets fully removed, any help would be appreciated.
 

1 more replies
Relevance 70.93%

Everytime i search something in google or any search engine, the links are redirected to a spam site, mainly traffic-incidents.com. I have tried several different solutions, malwarebytes, deleting the proper environmental variables, etc. i have tried it in safe mode and normal and neither has produced any sort of resolution. i have ran ad-aware, avg, windows defender, symantec, spybot and nothing has cured this problem.edited by moderator: remove un-requested log

Answer:Google Search Links Being Redirected

it is against forum rules to post a hjt log WITHOUT it being requested by a qualified member ...GOOD-BYESome HELP in posting on Computing.net plus free progs and instructions Cheers

7 more replies
Relevance 70.93%

Hello,
My Google search links are being redirected. Please help. Below is my hijack log.

Thank you!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:35:11 PM, on 7/6/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program... Read more

Answer:Google search links redirected

16 more replies
Relevance 70.93%

Hi all.

I am looking for some assistance on cleaning up a recent issue my laptop has acquired. When doing a Google search and then clicking on a link, I am being redirected to random sites. I have read through a number of posts here about the same issue and have tried following some of the posts but I am still having issues.

I am hoping someone can get me back to a clean machine.

I am currently running Windows 7 Pro with SP1, and the machine is setup to dual boot Windows XP with SP3. Also, Ubuntu is installed on the Windows XP partition so that I can boot into any of the 3 OS's at boot time with Win 7 being th default. I have run a full scan with eSet Smart Security v.4.2.71.2 with latest updates and Malewarebytes AntiMalware 1.51.1.1800 with latest updates on the Win 7 partition and the machine comes up clean.

Any and all assistance greatly appreciated.

Thanks to all.

Dan

Answer:Google search links are being redirected

Hello.Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Be sure to download TDSSKiller.exe from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.If TDSSKiller does not run, try renaming it.To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.Click the Start Scan button.Do not use the computer during the scanIf the scan completes with nothing found, click Close to exit.If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).Copy and paste the contents of that file in your next reply.~BladeIn your next reply, please include the following:TDSSKiller log

7 more replies
Relevance 70.93%

Hello and thank you for your time. A few days ago I started being redirected every time I clicked on a search link from Google. After clicking on the desired link I was then re-directed to either a search site or some other totally random site. Trend Micro scan showed nothing. Panda showed something, but wanted a fee to fix. Malwarebytes showed two trojans, but nothing happened after the prescribed cleaning action was implemented. Any suggestions? Let me know what log to post. Thank you.

Answer:Search engine links are being redirected

Please post the Malwarebytes log.

13 more replies
Relevance 70.93%

I noticed about a week ago that my Google search page looked a little different but didn't pay it any mind and still don't know if that is related to this issue. But I also noticed that when I click on a link from the results, 80% of the time I am redirected to an advertisement page (including when I tried to get here to bleepingcomputer.com. From what I have read so far on the web regarding this issue it seems many people are using HJT to provide a detail of what is running so that is what I have here. Even though it seems to say IE7 which i do have on my laptop, I use firefox as a default browser. I am on a Dell Latitude D620

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:05:13 PM, on 7/8/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17095)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Eupr\xrxacm_euprsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eupr\xrxacm_pa.exe
C:\Program Files\CA\SharedComponents\CAM\bin\cam.exe
C:\Program Files\CA\... Read more

Answer:Internet Search Links Redirected

Hello and welcome. Please follow these guidelines while we work on your PC:Malware removal is a sometimes lengthy and tedious process. Please stick with the thread until I?ve given you the ?All clear.? Absence of symptoms does not mean your machine is clean! Please do not run any scans or install/uninstall any applications without being directed to do so.Any underlined text in my posts indicates a clickable link.If you have any questions at all, please stop and ask before proceeding. Please download DDS by sUBs from one of the following links and save it to your desktop.DDS.scrDDS.comDDS.pifDisable any script blocking protection (How to Disable your Security Programs)Double click DDS icon to run the tool (may take up to 3 minutes to run)When done, DDS.txt will open.After a few moments, attach.txt will open in a second window.Save both reports to your desktop.---------------------------------------------------Post the contents of the DDS.txt report in your next replyAttach the Attach.txt report to your post by scroling down to the Attachments area and then clicking Browse. Browse to where you saved the file, and click Open and then click UPLOAD. Download GMER Rootkit Scanner from here to your desktop. Double click the exe file. If asked to allow gmer.sys driver to load, please consent . If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.

Click the image to enlarge it
In the right panel, you will see several boxes ... Read more

25 more replies
Relevance 70.93%

About a week ago my wife noticed that when we clicked on links in the three search engines we used, which are Bing, Google, and Yahoo; almost every single time they are being redirected to newserversearch.com a "server not found" page. I tried downloading AVG, that didnt work for this particular problem. I saw on one of the forums that a few people were suggesting to use "HIJACKTHIS" so I downloaded it and did the scan... here is the log file...// if anyone could tell me what i should do next i would appreciate it... FREE remedies would be great... Thanks BTW I use Firefox. I'm not sure if that helps or notLogfile of Trend Micro HijackThis v2.0.2Scan saved at 10:44:41 PM, on 12/18/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Unable to get Internet Explorer version!Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\system3... Read more

Answer:Links Being Redirected on Search Engines

Do you still desire help?

2 more replies
Relevance 70.93%

Search engine links are being redirected when I click on them the majority of the time. I am also occasionally sent to a random website without having clicked on anything. I have ran AVG Free, Spybot S&D, and MalwareBytes.
DDS (Ver_09-10-26.01) - NTFSx86
Run by Jake at 6:39:45.01 on Wed 11/18/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.73 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

{17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files�... Read more

Answer:Search Engine Links Redirected

Hello,We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up.My name is Syler and I will be helping you to solve your Malware issues. If you have since resolved your issues I would appreciate if youwould let me no so I can close this topic, if you still need help please let me no what issues you are still having, in your next reply.Download random's system information tool (RSIT) by random/random from here and save it to your desktop.Double click on RSIT.exe to run RSIT.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)Then please post back here with the following: log.txt info.txtThanks

20 more replies
Relevance 70.93%

Hi,

On an old m/c running Win98 I've had quite a few issues, most of which I've resolved using AVG, Spybot S & D and AdAware. One problem remains - there may be more but I'm not aware of them!

My problem is this:

Using IE to browse the web I can type in urls and go to the correct page. If I do a Google/Yahoo search for anything I get a genuine results page back. Clicking these links seems to be taking me to the right place but then gets redirected to other advertising/directory/comparison type sites or sites relating to Ebay. These sites refer to my desired link. This does not happen if I'm using Opera.

I include below a Hijack This log and a startup log.

Can anyone offer advice?

Thanks in advance!

Logfile of HijackThis v1.99.1
Scan saved at 21:37:33, on 11/02/06
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\EVNTSVC.EXE
C:\PROGRAM FILES\HIJACKTHIS.EXE

N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.... Read more

More replies
Relevance 70.93%

I have been getting redirected to sites like infomash and other random weird sites whenever I click on Google search results. I've tried scanning my computer with superantispyware and malwarebytes but haven't been able to find it. note: I followed the guide stickied to this forum successfully except GMER causes my system to crash repeatedly.DDS (Ver_10-03-17.01) - NTFSx86 Run by Owner at 23:06:49.62 on Tue 08/03/2010Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_20Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.958.434 [GMT -4:00]SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}SP: SUPERAntiSpyware *enabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\taskeng.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\Dwm... Read more

Answer:being redirected from google search links

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

14 more replies
Relevance 70.93%

Recently my search results on Google and Bing are all being redirected (hijacked) to a growing set of advertising sites. Oddly this does not occur on Dogpile so I am using it more frequently. Also, IE8 has demonstrated some instability that I cannot confirm is directly related to the redirecting. I really need to get this fixed, so any help would be much appreciated. Thanx.



DDS (Ver_10-03-17.01) - NTFSx86
Run by ERNIE at 19:40:08.96 on Thu 09/02/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2045.1647 [GMT -7:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Progra... Read more

Answer:Search Result Links Redirected to Ads

Hi,

Please do the following:

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


Click on Yes, to continue scanning for malware.
When finished, it sh... Read more

16 more replies
Relevance 70.93%

Hello,
For some reason, the links that are generated by search engines (Google, Bing, Yahoo) sometimes are re-directed to other unwanted sites, such as overclick.cn. This happens with both IE8 and Firefox. I have tried scanning with Windows Defender, Malwarebytes, and SuperAntiSpyware, but none of these have fixed the problem. Thanks in advance for any help you can provide!

DDS.txt --

DDS (Ver_09-06-26.01) - NTFSx86
Run by HP_Administrator at 2:27:43.00 on Mon 06/29/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1085 [GMT -5:00]

AV: VirusScan Enterprise + AntiSpyware Enterprise *On-access scanning enabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\Common Framework... Read more

Answer:Search Engine Links Redirected

Hello and to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.-----------------------------------------------------------We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, ... Read more

7 more replies
Relevance 70.93%

Dear Friends, Similar to another topic started HERE, Google search links are redirecting me to other random websites (sometimes yellow pages, sometimes bing, and other "search" pages). I was so impressed with the help the gentleman received in this post and wanted to see if it can be done for me as well. The redirection is happening on both Firefox and Internet Explorer Google Searches. The problem doesn't happen every time a link is clicked, but it happens frequently. I have tried uninstalling and reinstalling Firefox without change. It is an extremely frustrating problem - any help or advice would be GREATLY appreciated. I have Windows XP 2002. Also, GMER froze up my computer on 3 separate occasions - so there is no log from that scan to share. Thank you so much in advance for any help on this issue. ^_^Respectfully,~Amelia~Below is the DDS Log. .DDS (Ver_11-03-05.01) - NTFSx86 Run by Amelia1 at 11:41:32.43 on Thu 03/10/2011Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.272 [GMT -8:00].AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}FW: Norton 360 *Enabled* .============== Running Processes ===============.C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exeC:\WINDOWS\System32\svchost.exe -k eapsvcssvchost.exeC:\WINDOWS\System32\svchost.exe -k do... Read more

Answer:Google Search Links Being Redirected

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

12 more replies
Relevance 70.93%

DDS (Ver_10-03-17.01) - NTFSx86 My computer keeps redirecting any links from a Google or Yahoo search whether I use Internet Explorer or Firefox. I have rund several kinds of spyware and malware removal programs but they have not stopped this from happening. I think I picked up a trojan from a song lyrics website two days ago when I noticed this problem happening. If I paste the search link urls in either browser, it works fine and I can access the sites but clicking the links results in a redirect to other business sites not related to my search or the url.Below is the DDS txt and I have attached the DDS attachment and GMER logs.Thank you in advance for your assistance.Run by Ralph Rodriguez at 6:52:41.70 on Fri 03/19/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_07Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1259 [GMT -4:00]AV: Webroot AntiVirus with Spy Sweeper *On-access scanning enabled* (Updated) {77E10C7F-2CCA-4187-9394-BDBC267AD597}FW: Webroot AntiVirus with Spy Sweeper *disabled* {63671000-11A2-46DD-BADD-A084CABCDEAE}FW: Webroot Desktop Firewall *enabled* {AF0CFAAE-AAB5-450a-8C74-0DEEB429DF50}============== Running Processes ===============C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\System32\WLTRYSVC.EXEC:\WINDOWS... Read more

Answer:Hijacked Search Links Redirected

Good evening. Download HAMeb_check.exe by noahdfear from here and save it to your Desktop.Double click the tool to run it - it will take a minute or two to complete. Once complete it will open Notepad with the results and save a copy as HelpAsst.log to the root of your hard drive, usually C:\ Please post the contents in your next reply.

16 more replies
Relevance 70.93%

80% of the google search links are redirected to an ad site. I have run Spybot, Malewarebyte's Anti-Malware, Super Anti-Spyware, AVG and Kaspersky Scan and nothing has been found (minus the occasional cookies). Thank you in advance for your help.
DDS (Ver_09-03-16.01) - NTFSx86
Run by Kurt Williams at 7:37:14.89 on Sun 04/26/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1142 [GMT -7:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C... Read more

Answer:Google search links are redirected

Hi My name is Extremeboy (or EB for short), and I will be helping you with your log.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.If you do not make a reply in 5 days, we will need to close your topic.You may want to keep the link to this topic in your favourites. Alternatively, you can click the button at the top bar of this topic and Track this Topic. The topics you are tracking can be found here.Please take note of some guidelines for this fix:Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.Even if things appear to be better, it might not mean we... Read more

20 more replies
Relevance 70.93%

Using the search bar in FF and IE, results come back but when clicking on a link it gets redirected to random websites. I have run the DDS and the logs were created, however when running GMER the computer locks up and I get a blue screen saying; "A problem has been detected...If this is the first time you've seen...Check hardware vendor for any BIOS updates... Technical information: ***STOP:0x0000008E(0xc0000005,0x00000044,0xA75A6AE4,0x00000000) beginning dump of physical memory..."

This has happened twice and I haven't been able to get a GMER log. The second time it happened the two middle figures in the brackets changed to (0xc0000005,0x00000048,0xa9775AE4,0x00000000)

Any help is much appreciated!


DDS (Ver_10-12-05.01) - NTFSx86
Run by Joseph Schafer at 15:09:40.46 on Thu 12/09/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_05
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.275 [GMT -5:00]

AV: Antivirus *On-access scanning enabled* (Outdated) {28e00e3b-806e-4533-925c-f4c3d79514b9}
AV: McAfee Anti-Virus and Anti-Spyware *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYS... Read more

Answer:Internet search links being redirected

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the ... Read more

13 more replies
Relevance 70.93%

When I use any search engine, the links are redirected to various advertisements. I've scnned with Malwarebytes and it does not find any malware. Please advise.

Answer:Search Engine Links Redirected

Please post the results of your last MBAM scan for review (even if nothing was found).To retrieve the Malwarebytes Anti-Malware scan log information, launch MBAM.Click the Logs Tab at the top.The log will be named by the date of scan in the following format: mbam-log-date(time).txt
-- If you have previously used MBAM, there may be several logs showing in the list.Click on the log name to highlight it.Go to the bottom and click on Open.The log should automatically open in notepad as a text file.Go to Edit and choose Select all.Go back to Edit and choose Copy or right-click on the highlighted text and choose Copy from there.Come back to this thread, click Add Reply, then right-click and choose Paste.Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.Exit MBAM when done.Logs are saved to the following locations:-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs-- Vista, Windows 7, 2008: C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\LogsPlease follow these instructions: How to remove Google Redirects or the TDSS, TDL3, Alureon rootkit using TDSSKillerDouble-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.When the program opens, click the Start Scan button.If malicious objects are found, they will sh... Read more

7 more replies
Relevance 70.93%

I posted this topic in the "Am I infected?" forum and was directed here for my problem. I went through the steps outlined in the Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help except for the Firewall portion. I tried using the recommended settings but got this message: "Windows Firewall can't change some of your settings. Error code 0x80070424". I was able to go through all the other steps. PROBLEM:I'm currently using Firefox as my main browser. However, when I do any google searches and open new tabs in Chrome/Firefox/IE I keep getting redirected to ads that aren't the websites I clicked on. I cannot get to any website by clicking on the link or right clicking on a link opening to a new tab. The only way I've been able to get to websites is typing in the url myself. Sometimes, a new window or tab will pop up to an ad when I haven't clicked on anything. The redirect isn't limited to google searches but when I click on links from blogs or articles I read/facebook/tumblr, they redirect me as well. Thank you in advance for any help. I appreciate it. DDS.DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_32Run by Casie Jeon at 18:41:49 on 2012-07-18Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3893.1758 [GMT -4:00].SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:... Read more

Answer:Google search links keep getting redirected

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your computer problems. I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At... Read more

16 more replies
Relevance 70.93%

The problem started over the weekend and twice now I thought it had gone away only to creep back in eventually. AVG 9, Spybot, and Malwarebytes Anti-Malware all found different Trojans and supposedly got rid of them each time. Tonight I had the same problem come up after about six hours of problem-free run time, and scans from all three came back clean, which can't be right.

So at the moment, I'm getting random new tabs opening in Firefox 3 when I click on search links. In addition, clicking on the links sends me through a string of different sites instead, usually search sites listing more results for the topic I searched initially. To get to this forum, I had to copy the link and manually paste it into a new tab's blank address bar.

So of course any help you guys can give me is going to be insanely helpful here.

DDS (Ver_09-11-29.01) - NTFSx86
Run by Owner at 0:41:08.06 on Tue 12/01/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1244 [GMT -5:00]

AV: AVG Internet Security *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.e... Read more

Answer:Google search links redirected

Hi,Sorry for delayed response. Forums have been really busy. If you still need help with this do following, please.Download DDS and save it to your desktop from here or here or here.Disable any script blocker, and then double click dds.scr to run the tool. When done, DDS will open two (2) logs: DDS.txt Attach.txtSave both reports to your desktop. Post them back to your topic.Download GMER here by clicking download exe -button and then saving it your desktop:Double-click .exe that you downloadedClick rootkit-tab and then scan.Don't check
Show All
box while scanning in progress!When scanning is ready, click Copy.This copies log to clipboardPost log in your reply.

9 more replies
Relevance 70.93%

Recently all of my search result links have redirected me to random advertisement sites and search engines. I have to "copy" and "paste" the addresses into the address bar to get where I requested to go. Here is my HJT Log...Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exeC:\Program Files\BitDefender\BitDefender 2009\vsserv.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Google\Update\GoogleUpdate.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exeC:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exeC:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exeC:\Program Files\Dell Support Center\bin\sprtcmd.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\Java\jre6 ... Read more

Answer:Search engine links get redirected

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the resul... Read more

2 more replies
Relevance 70.93%

When I click on a search link from any number of search engines, I am being redirected to different sites, sometimes seemingly normal sites, sometimes pornography. It happens in both IE and Firefox. Help! Please. : )

Hijackthis log is attached.

Thank you for your time.

Answer:Browser search links being redirected.

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

3 more replies
Relevance 70.93%

OS: XP SP3
Problem: Search link redirected
Scanned by Malwarebytes: no bad entry found
Prior to this redirect problem, there were many pop windows, a few MalWareBytes scans cleared those up:
- worm.win32.netsky,
- trojan: win32/fakeinit,
- trojanDownLoader: win32/renos

Now it seems the problem left is the search link redirect and occasional unexpected IE crash. The redirect links happen in fireFox too and with either google or Bing.
Can someone help me?
thank you!!!!!!!!!!!!
It seems the affected machine won't let me submit message to this forum too. I had to do it from another machine.
-----------------
HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:13:10 PM, on 5/24/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Google\Google Talk\googletalk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hot Keyboard Pro\HotKeyb.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.ex
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsv... Read more

Answer:search links redirected XP SP3 HJT log included

I give up. Reformatted the system.
 

1 more replies
Relevance 70.93%

I am getting redirected when using google search. I click on the link I would like to see and then in the browser box it says "jumping" and I end up at some random site. Any help would be appreciated. I am at the beginner level of computer use. I do know I am using Windows XP

Thanks in advance.
 

More replies
Relevance 70.93%

Hi,Windows 7 64bitRedirected links was happening in firefox 14.0.1 with google, I started using yahoo then it spread to that and bing. As of right now google is redirecting, using the bing search in the toolbar gets me redirected as soon as the results page loads, Yahoo and Ask are working. Google links in chrome are working. I also randomly get tabs with the same redirects that pop up when doing nothing, just having a tab open. thanks for any help. Noel

Answer:Redirected search engine links

DownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) Do not change the default options on scan resultsDownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results here.If you get crashes in normal mode,run it in safemode with networkingDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

13 more replies
Relevance 70.93%

When I doi a search in Google, and click on a particular link in the rsults, I am not sent to the site indicated, but instead to a different site. I am using Internet Explorer 8. (I am not sure if this is related to the problem, but I have Norton Protection Centre on the PC and 'Phishing Protection' is getting switched off whenever I start IE).
Any help would be appreciated.
Here is the DSS.txt log file
DDS (Ver_09-10-26.01) - NTFSx86
Run by HP_Owner at 12:44:02.25 on 06/11/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.1023.78 [GMT 0:00]

AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\PROGRA~1\NETGEAR\MEDIAS~1\ImmsService.exe
C:\Program Files\Java\jre6\bin&#... Read more

Answer:Search links are redirected to ad sites

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I'll ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.Please download ComboFix from one of these locations:Link 1Link 2Link 3Important!You should NOT use Combofix unless you have been instructed to do so by a Malware Removal Expert. It is intended by its creator to be used under the guidance and supervision of an Malware Removal Expert, not for private use.Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Make sure that you save ComboFix.exe to your DesktopDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

Double click on ComboFix.exe & follow the prompts.

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

Follow ... Read more

5 more replies
Relevance 70.93%

Hi,
My computer has been infected with virus that redirect search result links to other websites. I have tried to scan the computer but all three attempts ended up with the computer reset with blue screen.
Could someone help me?
Thanks,
Xeu

Answer:Search result links get redirected - Please help!!

Before doing anything if you have not already done so, you should back up all your important documents, personal data files and photos to a CD or DVD drive as some infections may render your computer unbootable during or before the disinfection process. The safest practice is not to backup any files with the following file extensions: exe, .scr, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.How and Where to backup your files in XP or VistaHow to Backup and Restore in Windows 7How to use Ubuntu Live CD to Backup Files from your dead Windows ComputerPlease follow these instructions: How to remove Google Redirects or the TDSS, TDL3, Alureon rootkit using TDSSKillerDouble-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.When the program opens, click the Start Scan button.Any objects found, will show in the Scan results - Select action for found objects and offer three options.If an infected file is detected, the default action will be Cure...do not change it.
Click Continue > Reboot now to finish the cleaning process.<- Important!!
If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection. Leave it as such for now.A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).Copy and paste the contents of that fil... Read more

1 more replies
Relevance 70.93%

A friend from a neighbouring village asked me to install a second hard drive in his computer (Dell Dimension E520) and check out some recent malware-related problems. The rogue "antivirus suite" had been removed with MBAM. He noticed that IE would no longer connect to the internet (so he installed Firefox which worked OK), it would often take up to 5 minutes for the Desktop icons and Taskbar to appear after starting the computer and the Taskbar seemed to be a different colour (grey .... now "classic" style). He then lost all internet connection.That is when he brought the computer to me. I noticed the following also:The hard drive (there is only one) was not shown in either Disk Management or Device Manager.Google (also Yahoo and Bing) search result links are being redirected (in both IE and Firefox) on many occasions.Internet connection was lost again after I had re-established it. (I have since re-established it.)The system is prone to freeze up (I have had to power-off on several occasions to shut it down).Scans with the following did not reveal any further malware:AVG FreeMBAMSuperAntiSpywaregmerCombofix was used to install the XP Recovery Console (but CF has not otherwise been run any further).I would appreciate some assistance finding the lurking malware and cleaning this system up so that I can return it to my friend with confidence.Thanks in anticipation'Alien-----------------------DDS (Ver_10-03-17.01) - NTFSx86 Run by John at 14:05:58.64 on... Read more

Answer:Google (et al) search links redirected

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.1.Please do not run any other tool untill instructed to do so!2.Please reply to this thread, do not start another!3.Please tell me about any problems that have occurred during the fix.4.Please tell me of any other symptoms you may be having as these can help also.5.Please try as much as possible not to run anything while executing a fix.If you follow these instructions, everything should go smoothly.Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.:run combofix:Please visit this webpage for download links, and instructions for running the tool: http://www.bleepingcomputer.com/combofix/how-to-use-combofixPlease ensure you read this guide carefully and install the Recovery Console first. The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.Once installed, you should see a blue screen prompt that says:The Recovery Console was successfully installed.Please continue as follows:Close/disable ... Read more

10 more replies
Relevance 70.93%

Hello folks and thank you in advance for any assistance. My google search links are being redirected and igoogle does not display properly. I have run maleware bytes, spybot search and destroy and AVG free but they do not detect any threats. I was recommended HijackThis but I cannot do much more than run it and stare at the log. Here is what I have, you?re help is very much appreciated thank you again.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:58:35 AM, on 12/8/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program File... Read more

Answer:Search links being redirected, hijackthis log

Hello and welcome to Bleeping Computer.My name is km2357 and I will be helping you to remove any infection(s) that you may have.I will be giving you a series of instructions that need to be followed in the order in which I give them to you.If for any reason you do not understand an instruction or are just unsure then please do not guess, simply post back with your questions/concerns and we will go through it again.Please do not start another thread or topic, I will assist you at this thread until we solve your problems.Lastly the fix may take several attempts and my replies may take some time but I will stick with it if you do the same.Sorry for the delay in replying, the forum is very busy. If you still need help, please do the following:Step # 1 Download and run DDSDownload DDS and save it to your desktop from here or here or hereDisable any script blocker, and then double click dds.scr to run the tool. When done, DDS will open two (2) logs: DDS.txt Attach.txtSave both reports to your desktop. Post them back to your topic.Step # 2: Download and Run GmerPlease download gmer.zip from Gmer and save it to your desktop.***Please close any open programs ***Double-click gmer.exe. The program will begin to run.**Caution**These types of scans can produce false positives. Do NOT take any action on any "<--- ROOTKIT" entries unless advised by a trained Security AnalystIf possible rootkit activity is found, you will be asked if you would like to perform a full scan. Cli... Read more

3 more replies
Relevance 70.93%

I am running XP Pro SP2. For a few weeks now I am redirected to a useless ad laden site when I click on search results from Google, Yahoo, and anything found from the toolbar search box. I have run Adaware, Hitman, Spybot, and McAfee without success. All have found nothing. I removed Firefox and pluggins then reinstalled - that didn't help. Then I even went for Internet Explorer -same problem. I also tried system restore. It went through what looked like the process to restore the system, then a message appears stating the restore was unsuccessful. I get the same response no matter what date I try.

The only way I can get to a website is if I put in the specific url I want to go to. My machine is also running incredibly slow at times and sometimes will not shut down without holding down the power button.

Any help would be greatly appreciated.

The DDS.txt follows:

DDS (Ver_10-03-17.01) - NTFSx86
Run by Paul at 20:33:48.59 on Mon 06/07/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1023.696 [GMT -5:00]


============== Running Processes ===============

C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Comm... Read more

Answer:Search result links redirected

BUMP, please

18 more replies