Over 1 million tech questions and answers.

Pop-ups And Banners On Random Sites

Q: Pop-ups And Banners On Random Sites

I am on a friend's computer, trying to corrct all the issues. Here is the logfile..Please HelpLogfile of HijackThis v1.99.1Scan saved at 2:33:27 PM, on 1/5/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\WINDOWS\system32\sstray.exeC:\WINDOWS\zHotkey.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exeC:\Program Files\Real\RealPlayer\RealPlay.exeC:\Program Files\Browser MOUSE\mouse32a.exeC:\Program Files\QuickTime\qttask.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\Program Files\Messenger\msmsgs.exeC:\PROGRA~1\WALGRE~1\WALGRE~1\data\Xtras\mssysmgr.exeC:\Program Files\Microsoft Office\Office\FINDFAST.EXEC:\Program Files\Microsoft Office\Office\OSA.EXEC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\WINDOWS\newfrn.exeC:\Program Files\Internet Explorer\iexplore.exeC:\hijackthis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blankR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htmO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: LinkTracker Class - {8B6DA27E-7F64-4694-8F8F-DC87AB8C6B22} - C:\Program Files\QL\qlink32.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dllO2 - BHO: (no name) - {C5AF2622-8C75-4dfb-9693-23AB7686A456} - C:\WINDOWS\DH.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dllO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /rO4 - HKLM\..\Run: [CHotkey] zHotkey.exeO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exeO4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYERO4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser MOUSE\mouse32a.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [0s0s0raw.dll] RUNDLL32.EXE 0s0s0raw.dll,b 4314031O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeO4 - HKLM\..\Run: [NewFrn] C:\WINDOWS\newfrn.exeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\WALGRE~1\WALGRE~1\data\Xtras\mssysmgr.exeO4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXEO4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXEO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.htmlO8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.htmlO8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.htmlO8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.htmlO8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.htmlO8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.htmlO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dllO9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exeO9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exeO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO12 - Plugin for .avi: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dllO12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dllO14 - IERESET.INF: START_PAGE_URL=http://www.emachines.comO16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.fastaccess.com/sdccommon/download/tgctlcm.cabO16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cabO18 - Filter: text/html - {3551784B-E99A-474f-B782-3EC814442918} - C:\Program Files\QL\qlink32.dllO20 - Winlogon Notify: ssldr - C:\WINDOWS\SYSTEM32\ssldr32.dllO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exeO23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

RELEVANCY SCORE 200
Preferred Solution: Pop-ups And Banners On Random Sites

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Pop-ups And Banners On Random Sites

Hello Webguy ATL and welcome to Bleeping Computer

As its been a few days can you please show us a new hijack log and we will see what we can do with it.

Read other 1 answers
RELEVANCY SCORE 60

This virus opens new tabs for specific sites like Roblox and Habbo hotel. It also provides the Infect computer ransom message with 877 number. In addition, it overlays banners on normal pages so that it appears to be integrated into the site. I have run ComboFix, RFKill, Malwarebytes, and ADWCleaner. I think I infected the computer when I clicked on a notice to update my Flash player.
 
Thank you in advance for your help!
 
Scott

A:Ransom virus, new tabs for sites like Roblox, and phishing banners on pages.

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/561653 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

Read other 10 answers
RELEVANCY SCORE 51.2

Please help me. I am having several problems that I've never had before with my computer and I am now convinced that it is hi-jacked and infected with malware.

The only protection I have used since I got the computer is avast antivirus protection and piriform ccleaner. I have had no malware, spyware or viruses on this computer in the past. I've had it for almost a year.

However my computer has since yesterday (i think) become infected. It has not slowed down much, but whenever I use Google, it redirects me to random sites. Many websites I visit regularly that have never had pop-up ads before now have pop-up ads.

When I went to check my e-mail in Hotmail, I received this message constantly:

"Please refresh your browser window. When you access your Windows Live Hotmail account from more than one computer, we ask you to sign in again to help keep your account private and secure."
At this point I decided to install Spybot, however the website was blocked. I went to download.com and downloaded it and attempted to install but I was unable to, receiving this message:

"Error sending request. The server name or address could not be resolved."

I just installed ad-aware and did a full scan and it found one malware agent and supposedly fixed it, but after rebooting all of these issues are still occuring.

So this brings me to here and now. I just downloaded Trend Micro HijackThis and here is my log:

Logfile of Trend Micro HijackThis v2.0.2
Sca... Read more

A:Google redirects to random sites, some sites blocked, can't install spybot.

Read other 6 answers
RELEVANCY SCORE 50.8

Hello there
it satrted about 7 days ago was using the net to brows ebay , sport facebook, ect . when i started to get re-directed to random sites the ip on 1 on sites was 206.161.121.82 . At the time i was using firefox so i unistalled , and have gone back to IE8 , but still get redirected to random sites . I use Spybot and McAfee and they dont pick nothing up . Plus i used Malwearbytes , and again nothing !!!!! .
Ive got a log from hijack this , and if anybody get chance could please have alook and see if you see anything . Iam a real thick when comes to pc stuff hence why im here . Fofgot to say im using windows XP sp 3

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:35:35, on 19/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA\RAID\raid_tool.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\McAfee.com\Agent\mcagen... Read more

Read other answers
RELEVANCY SCORE 50.8

In addition to the browser redirects. Boot up time has become extremely long. Often when boot up is complete Macaffee and wireless network adapter are not working. Thanks much for any support you can provide.
RSL
DDS (Ver_09-07-30.01) - NTFSx86
Run by Family at 17:13:11.14 on Tue 09/22/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.133 [GMT -4:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Aventail\Connect\as32svc.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\D-Link\D-Link DWA-552 Xtreme N Desktop Adapter\acs.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\dlcxcoms.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched... Read more

A:IE Browser Hijacked... Redirects to random sites/search sites

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Pleaseinclude a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand corner o... Read more

Read other 2 answers
RELEVANCY SCORE 50.8

I have IE(latest version) Firefox(3.07) and Google Chrome. When i go on Firefox, or IE, or GC, and go to either Yahoo or Google search engine, and search something, and CLICK the link, it redirects me to random websites, usually YellowPages. If i copy and paste the link off of Google and put it in my address bar, it takes me to the site just fine. I contacted my ISP for assistance, and they decided that it wasn't a virus. They had me Reset IE, and IE works again, with searching. Google Chrome works again. But, Mozilla doesn't They had me uninstall Mozilla, and reinstall it, and it was still the same problem. Can anyone help me? My computer HAS been going a little bit slower than usual, so i hope it isn't a virus. Any help would be appreciated, thanks.
 

A:Search Engines Redirect me to Spam Sites and Random Sites

You should take the system through the Virus and Malware Cleaning, attach the three logs and get help with the entries.

Instructions here: http://www.techspot.com/vb/topic58138.html

Redirects are usually due to malware.
 

Read other 3 answers
RELEVANCY SCORE 50.4

Quite often when I click a link in a returned search result from a website like www.whitepages.com it takes me to an unwanted and unrelated site. I have read somethings online about a Google redirect virus but I am not seeing this happen while doing a Google search. It seems to happen when doing a search or sort on a website and then the results are returned and when I go to click on one of the results I get sent to a page I do not want. I read on a forum that DDS, Gmer, and Attach.txt files can be helpful to someone who reads this. Another site this happens regularly on is www.adam4adam.com
Thank you for your help.

A:Redirected to unwanted/random sites from good sites

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Run Combofix:You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<Combofix may need to reboot your computer more than once to do its job this is normal.You can download Combofix from one of these links.Link 1Link 2Link 3 1. Close any open browsers or any other programs that are open.2. Close/disable all anti virus and anti malware programs so they do not interfere with the r... Read more

Read other 3 answers
RELEVANCY SCORE 48

Hello,

I'm having an issue where when I click on the result of an internet search, I am redirected to a non-related advertising type site. Also occasionally I will have the browser directed at some website and then all of the sudden a random window pops up with the same type of advertising type site as above.

It used to happen in both IE and firefox on both google and yahoo (possibly others, I only tried those 2). I have tried running Antivirus scans, malwarebytes and SAS. They found and removed a couple things, but no help. I then tried a system restore back to 2 weeks ago before I had any issues, but that also did not help. I've noticed now that it is only when I search using the integrated search area in the top right corner of IE (which is set to google). If I type in www.google.com in the address window, and then search from there, it does not redirect when I click on the results.

Thanks so much in advance!

Win XP Pro SP3, IE8

A:Random pop-ups and Search Result redirects to random sites.

Try this:http://www.bleepingcomputer.com/virus-remo...sing-tdsskiller

Read other 1 answers
RELEVANCY SCORE 45.2

Ok, so i had a virus on my computer a couple of days ago, " XP anti malware 2010 " !! i got rid of the virus. I used Malwarebytes anti' malware and SuperAnti spyware, spybot, AVG, Advanced system care and got rid of the virus !! so i used my computer regularyly now, and for some reason when im just using my internet ( Firefox ) i keep getting pop ups to random sites. some of them with viruses, and some prompting to download smthing with viruses. and also when i use google or any search enjine and i click on some link it takes me to the wrong siite, smthing really random, usually another search enjine that ive never heard of. the pop ups and the google redirects usually take me to the same site .

im about, to pull out my hair with this problem. when i scan with anything, im clean. so i really dont know whats going on. SOME ONE PLZZ HELP ME !!
I'm using a windows xp desktop,if that helps. and i also cant reinstall XP becase i dont have the CD, i dont have any cd's for my computer .

PLZZZZ HELP ME , THXXX !!

A:HELP!? I keep getting random pop-ups leading me to random sites!!

Also, just a few mins ago i got that nasty " blue screen of death " thing. it said a whole bunch of stuff but i just wrote down this :
:: _PAGE_FAULT_IN_NONPAGED_AREA
Technical Inforamtion:
:: -STOP: 0x00000050 (OXFBA8E4ED, 0X00000001, OX8O54BO4B, 0X00000000)

by the way i dont know if the zero or O's are zeros or O's srry ; )

Read other 11 answers
RELEVANCY SCORE 42.8

I'm having a very odd problem and was hoping someone could at least point me in the right direction. About a month ago, I lost the ability to log onto the Chase.com website. I can get to the homepage, but when I enter my username and password and hit submit, the page just times out. I have experienced the same issue with both IE9 and Google Chrome - both on the same PC and running under Win7 Professional 64 bit. What is interesting is that about a week ago, I lost the ability to log on with my Android Tablet.

My initial thought is that it was the router as both computers utilize the same router and cable modem, but my wife's laptop and my laptop both can still log onto the Chase.com website through the same router.

I have disabled both virus and firewall protection and still have the problem. I also noticed yesterday that another site had a similar issue when submitting a payment form. So, my thoughts went to it's an https: problem, but other secure sites work just fine.

I have VIPRE anti-virus (so does my laptop that works just fine) and I did a deep scan with no problems detected. I also ran Spy-Bot Search and Destroy with negative results.

Has anyone run across this before?

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz, Intel64 Family 6 Model 23 Stepping 7
Processor Count: 4
RAM: 8191 Mb
Graphics Card: NVIDIA GeForce GT 120,... Read more

Read other answers
RELEVANCY SCORE 42.4

I picked up a virus which totally paralysed my computer, however a local computer guy did what he does and removed it, however now i seem to have a redirect virus, and my guy is away for a while!

When i try to access a site that may contain help to get rid of it i get redirected, my email also wont open - clever really.

I have to go home download the program, then bring it back to work and so on.

I have got to the point where i now have a log file and was hoping someone can help.

I am on xp.

Logfile of HijackThis v1.99.1
Scan saved at 10:10:46, on 22/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\sistray.EXE
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Program Files\MessageStop\MessageStop.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Samsung\Digimax Viewer ... Read more

Read other answers
RELEVANCY SCORE 42.4

Hi, over the past couple of days I've noticed that whenever I click on a link from the list of a given search site that I get redirected to different websites that has anything to do what I actually clicked on. I tried using the GMER but system, sections, IAT/EAT, etc. everything below that to libraries is greyed out. The only options that are available to check/un-check are services, registry, files, C:\, ADS. I do have the DDS and Attach files just let me know what you will need me to do next.

A:Redirected to random sites

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and
Quote:




Having problems with spyware and pop-ups? First Steps




a link at the top of each page.

Please follow our pre-posting process outlined below.

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

Read other 1 answers
RELEVANCY SCORE 42.4

A few days ago I got the windows xp 2010 mal ware. I followed some of the instructions i found on here to get rid of it. im not sure if something i did in that process was wrong, or if i ran into a completely different problem. Basically, the windows xp 2010 mal ware stuff stopped popping up. everything ran fine for like 30 minutes. then i noticed a started randomly getting those "wanring your system is infected please click here to complete scan" with a fake scanning looking pop up, it didnt look the same as the windows xp 2010 malware did either. it woudl let me exit out and it wouldnt pop up anymore so id run Malware bytes and everything would be fine. then a few time i got redirected to random sites.
Then yesterday I noticed everytime im online im constantly getting redirected. it started with clicking on links and also random new tabs would open and goto some site. (belgiumpersonals.com or yellowpages.com or weird ad sites). Now its like new browsers pop up, tabs open up, and almost every link i click on redirects in both firefox and IE.
I keep running malware bytes but the problem doesnt stop. im running an avg scan now.
what is happening and what do i do to fix it?
thanks to anyone who can help in advance

Read other answers
RELEVANCY SCORE 42.4

Hey all,
I am having a nasty issue with my Laptop. Everytime I click on a search in Google it takes me to some Random sites. I have run Malwarebytes, SuperAnti Spyware, and Avg 9.0. Noneof them seem to find anything. I even downloaded and ran Panda Rootkit Remover and it found nothing. I just ran Hijack this and wondered if someone could look at the log and tell me if they see something. I really appreciate it.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:21:40 AM, on 5/2/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\BisonC07\BisonM07.exe
C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Common Files\InstallShield\U... Read more

A:Random sites in google

Hello there Welcome to the TSG Forums.
My name is NeonFx. I'll be glad to help you with your computer problems. Logs can take some time to research, so please be patient with me.
Please note the following:

The fixes are specific to your problem and should only be used on this machine.
Please continue to review my answers until I tell you your machine appears to be clean. Absence of symptoms does not necessarily mean that the system is completely clean.
It's often worth reading through these instructions and printing them for ease of reference. I may ask you to boot into Safe Mode where you will be unable to follow my instructions online.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.

Step 1

Download OTS to your Desktop
Close ALL OTHER PROGRAMS.
Double-click on OTS.exe to start the program.
Check the box that says Scan All Users
Under Basic Scans please change the radio button under Registry from Safe List to All.
Under Additional Scans check the following:
Reg - Desktop Components
Reg - Disabled MS Config Items
Reg - NetSvcs
Reg - Shell Spawning
Reg - Uninstall List
File - Lop Check
File - Purity Scan
Evnt - EvtViewer (last 10)

Please paste the contents of the following codebox into the Custom Scans box at the bottom
Code:
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
scec... Read more

Read other 1 answers
RELEVANCY SCORE 42.4

Hi, I'm getting redirected to random websites when I click on a link in google. Also the websites that it gets redirected to are mostly bogus search engines. I was using a P2P program and shortly after i noticed i had this redirecting problem so I'm pretty sure I got it from using that. I'd appreciate any help you can give me as I really don't know how to fix this issue.

Hijack log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:45:53 PM, on 8/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Razer\DeathAdder\razertra.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\sy... Read more

Read other answers
RELEVANCY SCORE 42.4

Hi, I would aprpeciate any help you can give. When using Firefox, I keep getting redirected to random sites every once in a while,
the one recurring most often is Skype. I've run AdAware, Spybot and yahoo anti spy, but the problem persists.
DDS (Ver_09-03-16.01) - NTFSx86
Run by Laily at 15:40:40.41 on 17/04/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_11
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.2.1033.18.2812.1074 [GMT 1:00]

AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WacomTouchService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Fi... Read more

A:I'm being redirected to random sites...

all three of those products are anti-spy/adware...do you have an actual Anti VIRUS that you could run?MBAM (http://www.malwarebytes.org/) is quick and simple and is my first pick for a diagnostic, but there's plenty of others available too. using yahoo anti-spy: http://help.yahoo.com/tutorials/yop/olp2/antispy1.htmlListing of Anti-malware products: http://www.bleepingcomputer.com/forums/t/405/antivirus-antimalware-and-antispyware-resources/someone else will have to do the actual log reviews as I am slammed right now, but this shoud get you started. Good Luck.

Read other 5 answers
RELEVANCY SCORE 42.4

Recently my laptop started opening IE itself.

Here is my HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:27:43 PM, on 8/18/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\program files\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\VB4tFPUl.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\... Read more

A:IE opening itself and going to random sites

Anyone? It's not as bad as it was but is still happening.
 

Read other 2 answers
RELEVANCY SCORE 42.4

When I click on a link in Google it will open up the link, but also a new tab with some random site. Sometimes the site is sort of related to the links I'm clicking. Also new tabs will open up randomly without ever clicking a link, like a pop-up, always with a random site. I've run Malwarebytes free, IObit Advanced System Care free sometimes finding malware and removing it, but I still experience the random sites. Seems to happen less in Opera, more in Firefox and IE. I've looked at processes and can't seem to find any blatant offenders. I would totally read the forum tuts on how to remove it, but I don't know what "it" is. Thanks in advance, I really admire your guys' hard work.
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Administrator at 21:29:57.53 on Tue 05/17/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.339 [GMT -6:00]
.
.
============== Running Processes ===============
.
C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS�... Read more

A:I'm being taken to random sites, randomly

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

Read other 26 answers
RELEVANCY SCORE 42.4

When I visit random sites my IE shuts down, no error message or anything, it just closes. If I have more than one window open they all shut down. This will happen every time I try to visit the same pages. My husband needs to get to his Yahoo NFL page and is beside himself, lol.

I've run Ad-Aware and Spy sweeper and then done my Hijack This. I was wondering if I should run CW Shredder, but I wanted to wait till you took a look. Also, I was the idiot who downloaded Error Guard after coming to the computer and seeing it on the screen after an unsuccessful Scan Disk. I assumed it was an actual warning from my computer, not realizing my daughter had been on the computer and taken the Popup Stopper off. Dumb me.

I did a search here and someone mentioned installing a newer version of Java. What do you think?

Thanks for looking!
Logfile of HijackThis v1.93.0
Scan saved at 1:38:13 AM, on 12/27/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://red.clientapps.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default)=http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb... Read more

A:IE shuts down at random sites

Read other 9 answers
RELEVANCY SCORE 42.4

ANY HELP APPRECIATED IN DECIPHERING WHAT MIGHT BE CAUSING BOTH MY IE AND FIREFOX BROWSERS FROM REDIRECTING TO RANDOM SITES AND SOMETIMES THE TASK ENDS WITH AN ERROR. ALSO UNABLE TO ACCESS "REGEDIT," BLEEPINGCOMPUTER.COM, MBAM UPDATES, ETC. THANKS! HIJACKTHIS LOG BELOW: -----------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:00:16 PM, on 4/12/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\System32\CTsvcCDA.exeC:\Program Files\Symantec AntiVirus\DefWatch.exeC:\WINDOWS\ehome\ehSched.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Symantec AntiVirus\SavRoam.exeC:\WINDOWS\System32\svchost.exeC: ... Read more

A:IE & FF Redirecting to Random Sites, etc.

Hi,Please download DaonolFix from the link below and save it to your DesktopDownload Mirror #1Double-click DaonolFix.exe to run it. Select 1. Find Daonol (no fix) by typing 1 and pressing Enter. You will see a lot of files being listed - don't worry, they are just being scanned.A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called DaonolFix.txt).Download ComboFix by sUBs from here or hereNote: If you already have a copy of ComboFix on your system it is essential that you delete it before downloading this copy.**Save it to your desktop**We need to disable one or more of your security programs so that they do not interfere with ComboFix.Right click on the icon in the taskbar notification area & select "Disable Symantec EndPoint Protection".Double click on ComboFix.exe & follow the prompts. If you are prompted to install the Recovery Console I recommend you go ahead and hit yes.When finished, it shall produce a log for you. Please save that log to post in your next reply along with a fresh HJT logNotes:Do not mouseclick combofix's window whilst it's running. That may cause it to stall.ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you - please let me know. ComboFix disconnects your... Read more

Read other 8 answers
RELEVANCY SCORE 42.4

Every time I search for different things on google or yahoo, and I click onto the link it sends me to another random site. The site is rated as being bad, so I know I have some form of malware/virus. The only way to get to the site that I actually am trying to go to is by copying and pasting. And also sometimes on the little tab, a random site will just pop up into that whenever I never tried going to a site.

I have used Spybot S&D, Malwarebytes, SuperAntiSpyware. I also have scanned many times with Avira. Any advice?
If you still didn't understand, let's say I searched wikipedia in the search bar. Whenever the links pop up I can choose to click on, and I click on one of the links... It instead sends me to a random website.

Note: Also whenever I would shut down the computer, it would be stuck on the screen saying "Saving your settings". The only way I could actually shut it down is by holding the actual power button.

A:redirected to random sites?

Any kind of help would be greatly appreciated.

Read other 2 answers
RELEVANCY SCORE 42.4

It appears I am one of the unsophisticated users plaqued by this neferious affliction....
Thanks in advance....
DDS (Ver_09-03-16.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 9/20/2006 4:01:02 PM
System Uptime: 4/24/2009 11:45:38 AM (4 hours ago)

Motherboard: Dell Inc. | | 0M3849
Processor: Intel® Pentium® 4 CPU 3.20GHz | Microprocessor | 3192/800mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 74 GiB total, 48.661 GiB free.
D: is CDROM ()
E: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP587: 1/23/2009 7:21:14 AM - System Checkpoint
RP588: 1/25/2009 1:25:52 PM - System Checkpoint
RP589: 1/27/2009 10:31:46 AM - Installed Belkin 54Mbps Wireless Network Adapter
RP590: 1/27/2009 10:36:49 AM - Removed Belkin 54Mbps Wireless Network Adapter
RP591: 1/28/2009 10:55:06 AM - System Checkpoint
RP592: 1/29/2009 7:12:24 PM - System Checkpoint
RP593: 1/31/2009 10:42:12 AM - System Checkpoint
RP594: 2/1/2009 10:53:50 AM - System Checkpoint
RP595: 2/2/2009 6:14:21 PM - System Checkpoint
RP596: 2/3/2009 6:59:03 PM - System Checkpoint
RP597: 2/5/2009 6:42:06 AM - System Checkpoint
RP598: 2/7/2009 8:50:04 PM - System Checkpoint
RP599: 2/8/2009 9:08:41 PM - System Checkpoint
RP600: 2/9/2009 9:26:49 PM - System Checkpoint
RP601: 2/10/2009 10:19:34 PM - System Checkpoint
RP602: 2/10/2009 11:15:00 PM - S... Read more

A:Redirect to random sites

Hello komboking54,Please download Malwarebytes' Anti-Malware from one of these places:http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.htmlhttp://www.besttechie.net/mbam/mbam-setup.exeDouble Click mbam-setup.exe to install the application. * Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select "Perform Quick Scan", then click Scan. * The scan may take some time to finish,so please be patient. * When the scan is complete, click OK, then Show Results to view the results. * Make sure that everything is checked, and click Remove Selected. * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) * The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. * Copy&Paste the entire report in your next reply along with a fresh HijackThis log.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.Please do this:1. Download HijackThis? here:http://www.trendsecure.com/portal/en-US/th.../hijackthis.php2. Click 'Do a System Scan and Save log'.The HJT log will open in notepad.Thankstea,

Read other 2 answers
RELEVANCY SCORE 42.4

Hello, I have tried going on forums and other things on google and it keeps redirecting me. I've already scanned with Search and destroy, malware bytes, and they say i have NO viruses. then i used CCleaner to clean my cache and it still didn't work. I used a proxy site and im able to use Google and it doesnt redirect me. Also im able to use Google's Cached Sites. Please help. -Sauvus
 

A:Redirecting me to random sites

Bump..
 

Read other 1 answers
RELEVANCY SCORE 42.4

For awhile now, periodically I will try to go to a normal site .. i.e. paypal, or even my bank, or my own website .. basically it is very random, and sometimes I will even be in the site and click on another link in the site to take me somewhere else in the site and all of a sudden i get an SSL Error message like this:

Sometimes I can google the site I want and find a different link to the site I want and it works, but mostly I have to reboot and sometimes that fixes that particular site and sometimes it doesn't, sometimes I have to clear the cache & cookies and still reboot, and sometimes I just have to wait a day or a few hours and all of a sudden I'll try and it works. I don't ever proceed anyway, I always go back to safety or close the window and try something else. It doesn't always take me to the same place either, it's different url's that it's redirecting to, but they all have this similar message.

I've tried as I said, clearing all of my history, cache, cookies etc. Someone told me to delete some of my certificates, and I did that, but I wasn't sure which one's to do, so I just picked some random ones that I had never heard of.

I've run my antivirus, I've run Spyware Doctor, and just the other day I did something called Hitman Pro and I think something called TDSS Killer. But, I got this one when going to godaddy today and I just finally am at wits end and every time I come here for a problem, you g... Read more

A:SSL Error on random sites? can't get rid of it

Is there anyone who can help with this?????? Or should this be posted in a different forum????? It's driving me crazy. Here's my latest error that I get when trying to login to my comcast account.
 

Read other 2 answers
RELEVANCY SCORE 42.4

i cant seem to get to some random sites, google, cnn for instance all do not connect, i've asked other people online and the sites seem to be up, i have no idea why this would start happening randomly
 

A:random sites not connecting

Please go to http://www.majorgeeks.com/HijackThis_d3155.html

Please note: When you download HijackThis put it in its own permanent folder like My Documents for example. DO NOT download to a temp folder or the desktop.

Launch program and click on the SCAN button. After scan click on Save Log . It should save to Notepad.

Click on Edit, then Select All. Then click Edit again then Copy. Then paste log back here in a reply.

DO NOT have HijackThis fix anything yet. Most of what it shows will be harmless / needed stuff. Wait for an expert to review it and advise you.
 

Read other 2 answers
RELEVANCY SCORE 42.4

Hi,

I've been having a problem whilst browsing. Any site I browse to or open from a link, loads a random site instead. And if I am lucky it will open the site I want, plus a random ASK.com search.

I have downloads and installed Adaware and Super Antispyware, but they come back clean. I've stopped what processes I dont recognise, clean out any startup items and emptied temp folders.

Any help will be greatly appreciated.

P.S. I also have Firefox installed and the same thing happens.

Deej
 

A:IE loads random sites

Download ComboFix here :

Link 1
Link 2
* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Here is a guide on how to disable them

Click me
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.
 

Read other 3 answers
RELEVANCY SCORE 42.4

When I click on a link on google it takes me to a different site. I ran combofix and still have the problem.
Attached is combo fix log. I ran High Jack this but didnt see anything fishy.
Please HELP!!!!
John
 

Read other answers
RELEVANCY SCORE 42.4

I was infected with Antisyware Soft. I believe Combofix got rid of that. Then I got this redirect virus and the time on my computer is now in military time. It redirects every search I make. I have to operate it in safe mode now. Could you please help?DDS (Ver_10-03-17.01) - NTFSx86 NETWORK Run by chris at 21:53:41.03 on Tue 05/18/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.478.190 [GMT -4:00]AV: avast! antivirus 4.8.1368 [VPS 100518-1] *On-access scanning enabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\system32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Internet Explorer\iexplore.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Documents and Settings\chris\Desktop\dds.scr============== Pseudo HJT Report ===============uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q105&bd=pavilion&pf=laptopuInternet Settings,ProxyOverride = <local>uInternet Settings,ProxyServer = http=127.0.0.1:5555uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0 ... Read more

A:IE redirects to random sites

Hello slowhand361, Welcome to Bleeping Computer. My name is fireman4it and I will be helping you with your Malware problem.Please take note of some guidelines for this fix: Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. If you do not understand any step(s) provided, please do not hesitate to ask before continuing. Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". Finally, please reply using the button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.1.Please Delete any previous copy of [b[Combofix[/b] from your desktop.2.Download and Run RKillPlease download RKill by Grinler from one of the 4 links below and save it to your desktop.Link 1Link 2Link 3Link 4 Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how. Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator) A black screen will appear and then disappear. Please do not worry, that is... Read more

Read other 12 answers
RELEVANCY SCORE 42.4

I've been getting redirected to random sites when doing searches especially when using GOOGLE - but the same thing happens with any search engine. Sometimes I'll actually be on a page - and suddenly a random page opens up. I'm using IE8 - Windows XP SP3 - with all the automatic updates. I've use Maleware and spyware and virus software and nothing seems to find the little bugger that is causing this. I've attached a Hijack log file to this questions.
 

A:IE redirects to random sites

Read other 9 answers
RELEVANCY SCORE 42

Hello,
here's my problem, When doing google searches sometimes I will click on a link and get redirected to a totally different page. system is slow and sometimes freezes. My avg antivirus scan does not find anything. I followed the instructions prior to posting and I've attached the dds and gmer scans. I also have an error popping up at startup saying "rundll C:\windows\ujeledunmulo.dll cannot find the specified module" but this was happening before I was getting the google issue. Thank you very much for any help.

Daniel

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Daniele at 10.05.06,64 on 03/05/2011
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.1014.382 [GMT -7:00]
.
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Programmi\AVG\AVG9\avgchsvx.exe
C:\Programmi\AVG\AVG9\avgrsx.exe
C:\Programmi\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Google\Update\1.3.21.53\GoogleCrashHandler.exe
C:\Programmi\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Programmi\... Read more

A:Google redirecting to random sites

Hi and welcome to TSF.

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem as soon as possible.

You may wish to subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Please be patient with me during this time.

Read other 19 answers
RELEVANCY SCORE 42

I'm using Windows 8.1. The problems I'm having occur in Google Chrome.
 
I have no idea what happened, I didn't download or install anything, but since yesterday I get redirected to weird sites. It doesn't occur very often, but I don't trust it. I've been redirected 4 times now. In my history I see that I first get redirected to a youradexchange.com related website, and then to:
 
- ajyzz.promorewards.roadspace.biz
- 0vin60f6.com
 
When being redirected to 0vin60f6.com, AVG security popped up an alert about: "Exploit fake video player type 1750".
 
Of course I ran a full scan after this happened using AVG and MBAM, but they both found nothing. Then I ran AdwCleaner, which deleted some stuff, but this was not related to the problem I'm having now (I think). After that the redirecting occurred again, so I'm wondering what to do.
 
Thanks in advance for your time and help!

A:Redirect to random sites via youradexchange.com

I got the exact same thing yesterday, but I only ever got redirected once.

Read other 13 answers
RELEVANCY SCORE 42

Hi,

Ever since last night, any searches I did on IE/Firefox using google keeps me re directing to random sites or search results most of it in ask.

I scanned the computer with spybot, a squared, Mcafee and they are finding nothing. Even tried uninstalling firefox, but problem persists.

I found that you have helped resolve similar issues on the forum using combofix etc, and would be grateful if someone can guide me through the process as I am aware that each user's issue might be different and not to run combofix unless asked to do so by a qualified helper.

I am using XP sp3 and ie7 and firefox 3.6

Thanking you
Podian

A:Firefox/IE redirecting to random sites

Hello,Please download Malwarebytes Anti-Malware (v1.46) and save it to your desktop.Download Link 1Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.
For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take so... Read more

Read other 1 answers
RELEVANCY SCORE 42

System was hit by a Trojan and sveral virus. Most where taken care of by Symantec AV. Problem remains that IE6 opens random sites when running. Symantec scans show nothing. Ran Hijack this found some BHO's and removed them. Problem continues. Reinstalled IE6 still no changes. Help!!!!Mod Edit: Topic moved to more appropriate forum~ TMacK

A:Ie6 Winows 2k Opens Random Sites

Welcome to BC wadeoregonWhat was the name of the Trojan and other malware you found and removed? Some of this stuff drops additional malicious files on your system that often goes undetected unless you perform various scans.Please download ATF Cleaner by Atribune & save it to your desktop. DO NOT use yet. Please download and install SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here and unzip into the program's folder.)Under "General and Startup", make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.Under "Configuration and Preferences", click the Preferences button.Click the Scanning Control tab.Under Scanner Options make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program.Do not run a scan just yet.Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once ... Read more

Read other 1 answers
RELEVANCY SCORE 42

Ive been having this problem for the last few days. Certain sites just dont open for me, although i know they should as they work elsewhere. Seems like a virus issue as it was sudden and my hijackthis results didnt look too hot either. I ran SUPERAntiSpyware today and this is the log after that. Got rid of quite alot of things but the problem still persists.

.)
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\defrag.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Downloads\AntiVirus\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - {0A00D11E-B1E7-44b5-AD88-C9190876AAC4} - (no file)
O2 - BHO: (no name) - {10AAAC1B-4610-4203-A961-53B091D5C541} - c:\windows\system32\yrlogvwt.dll
O2 - BHO: (no name) - {4110A3F4-740C-44C1-ACDF-1854DA16B1BC} - c:\windows\system32\mgcamgc.dll
O2 - BHO: (no name) - {53BF4347-8DC3-4B40-BED7-EE2880F91742} - c:\windows\system32\mgcamgc.dll
O2 - BHO: (no name) - {57B7B665-C847-495A-... Read more

Read other answers
RELEVANCY SCORE 42

Have Dell laptop INSPIRON 1300 running WINDOWS XP.
GOOGLE is home page for Internet explorer.
IF I do a google search for a topic I get a list but when I click on a link I get diverted to random unexpected sites. (Not necessarily malevolent looking). The address bar seems to start with FINDONEFOR.com.
Anyone any ideas?
Thanks.
 

A:IE Explorer diverted to random sites

bump
 

Read other 3 answers
RELEVANCY SCORE 42

Sometime today, I noticed that my google searches started redirecting me to some weird search engines full of ads or some ad sites. I also found that my system restore had been disabled. Basically, this is what I did :1) Deleted cookies and temp internet files.2) Ran prefetch and cleared the folder.3) Ran %temp% and cleared the folder.4) Ran Malwarebytes (which found some malware) and deleted the items.5) Ran Hijackthis and analysed it on hijackthis.de - didn't show any discrepancies.6) Used gpedit and enabled system restore - started the service.7) Retried a google search - the issue still occurred.8) Ran Trendmicro housecall which (found some malware as well) and deleted the infected files.9) Retried the google search - no go. "dds.txt"DDS (Ver_09-12-01.01) - NTFSx86 Run by User at 1:36:19.64 on 27/01/2010Internet Explorer: 7.0.5730.11Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.510.64 [GMT 0:00]AV: PCguard Anti-Virus *On-access scanning disabled* (Outdated) {5B5A3BD7-8573-4672-AEA8-C9BB713B6755}FW: PCguard Firewall *disabled* {80593BF4-D969-4EC5-ADAE-A22F2DFC7A22}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\Program Files\Virgin Broadband\PCguard\Fws.exesvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Virgin Broadband Wireless\Af... Read more

A:google redirects to random ad sites in IE

I also did a OTL custom scan (after seeing it on another forum) usingnetsvcs%SYSTEMDRIVE%\*.exe/md5starteventlog.dllscecli.dllnetlogon.dllcngaudit.dllsceclt.dllntelogon.dlllogevent.dlliaStor.sysnvstor.sysatapi.sysIdeChnDr.sysviasraid.sysAGP440.sysvaxscsi.sysnvatabus.sysviamraid.sysnvata.sysnvgts.sysiastorv.sysViPrt.syseNetHook.dllahcix86.sysKR10N.sys/md5stop%systemroot%\*. /mp /s%systemroot%\system32\*.dll /lockedfilesCREATERESTOREPOINT----------------------------------------------------------------------------------------------------------------------------------------------OTL logfile created on: 27/01/2010 02:10:34 - Run 1OTL by OldTimer - Version 3.1.27.0 Folder = C:\Documents and Settings\User\DesktopWindows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 7.0.5730.11)Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 510.00 Mb Total Physical Memory | 150.00 Mb Available Physical Memory | 29.00% Memory free1.00 Gb Paging File | 1.00 Gb Available in Paging File | 53.00% Paging File freePaging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 38.28 Gb Total Space | 24.08 Gb Free Space | 62.91% Space Free | Partition Type: NTFSD: Drive not present or media not loadedE: Drive not present or media not loadedF: Drive not present or... Read more

Read other 8 answers
RELEVANCY SCORE 42

Windows XP SP3
Avira Antivir Personal - Anti-Virus

Searches in Google, Bing, and Yahoo are redirected to random sites using IE8 and Firefox. Typically running the same search again will allow some of the links to work, but not always.
Anti-spyware will not run unless .exe file is changed. I ran Malwarebytes (after changing to .bat) and it found some infections. Rebooted as instructed, but redirects remain. I see this is not an uncommon problem and I have already downloaded several of the suggested tools, but I do not want to run them without guidance.

A:Searches redirected to random sites

Seems like this is fairly common and I read thru several of the posts for thsi issue. I then ran the "TDSSKiller.exe" program and it appear to have worked. Not getting in redirect currently, but will give it a few days before I feel comfortable.

The funny this is, MBAM, SpybotSD, and SuperAS would not run without changing the name but still could not find any problems. TDSSKiller.exe ran as is and did fix the problem or at least found something.

Read other 1 answers
RELEVANCY SCORE 42

It started last week with a couple of malware/virus attacks. I ran malwarebytes and got some removed. However, now when I click on Google searches I get redirected to random sites. Also since the attack I haven't been able to access Window Updates or get Spyware Doctor restore points. I don't know if this means anything. Anyways, here is my log file, PLEASE HELP.Logfile of Trend Micro HijackThis v2.0.4Scan saved at 11:49:23 PM, on 6/1/2010Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v8.00 (8.00.6001.18904)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exeC:\Program Files\Lexmark 5600-6600 Series\lxdumon.exeC:\Program Files\Spyware Doctor\pctsTray.exeC:\Windows\WindowsMobile\wmdc.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Windows\System32\rundll32.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeC:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exeC:\Program Files\Acronis\TrueImageHome\TimounterMoni... Read more

A:Google redirects to random sites

Hello, mrkotter1.My name is aommaster and I will be helping you with your log.I apologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.If you have since resolved the original problem you were having, I would appreciate you letting us know. If not please perform the following below so I can have a look at the current condition of your machine.ThanksShould you still require assistance, please take note of the points below:Please track this topic by either adding it to your favourites or clicking the Options button at the top of this thread and then Track this topic.Please disable word-wrap before posting logs. This can be done by clicking Format and un-ticking the word-wrap feature in notepad. The logs that you post should be copied and pasted directly into the reply. Only attach them if requested or if they do not fit into the post.If you do not reply within 5 days, I will have to close your topic. Should you not be able to meet this, please notify me so that I will leave the topic open.Please do not install, update, or run any programs for the duration of the fix.If you do not understand the instructions I provide, please don't hesitate to ask. That's what I'm here for Please continue to reply to this topic until I give you the all clean. Just because there are no symptoms of infection doesn't mean that the computer is clean.If you are running Vista, please run all the fixes as an administrator. This is done by r... Read more

Read other 16 answers
RELEVANCY SCORE 42

whenever i go through a search engine and click a link it takes me to a random site that tried to sell me crap, web of trust stops them from loading all the way but it's still annoying as i have to click it multiple times to get the site to work and i found this topic that way (http://www.bleepingcomputer.com/forums/topic322288-15.html) and the person there seemed to have the same problem and i read through it and it said to start a new thread so i am. so please if someone can help, please do. thanks

A:firefox redirecting to random sites

Hello and welcome. Try this approach.Reboot into Safe Mode with Networking How to enter safe mode(XP)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode with Networking using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. >>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.RKill....Download and Run RKillPlease download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4

Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
If nothing happens or if the tool does not run, please let me know in your next replyDo not reboot your computer after running rkill as the malw... Read more

Read other 10 answers
RELEVANCY SCORE 42

Hi I have internet explorer8 on windows 7 home premium and just recently when I type a search into google I get redirected to random websites such as www.tru01dms.3... or kelkoo search sites, ask jeeves etc. and even pages telling me im not human!! i have posted my hijack this log below

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:30:27, on 18/06/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Windows\System32\nvraidservice.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
c:\Program Files\Microsoft Silverlight\4.0.50524.0\Silverlight.Configuration.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroBroker.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Progr... Read more

A:Google redirection to random sites

Read other 10 answers
RELEVANCY SCORE 42

I have a virus that keeps sending me to random sites. I ran hijack this and came up with this list. Any help would be muchappreciated, Thanks.Logfile of Trend Micro HijackThis v2.0.4Scan saved at 3:14:54 PM, on 5/3/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\bgsvcgen.exeC:\Program Files\Symantec AntiVirus\DefWatch.exeC:\Program Files\FolderSize\FolderSizeSvc.exeC:\WINDOWS\system32\inetsrv\inetinfo.exeC:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exeC:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeC:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program F... Read more

A:Virus sending me to random sites

Hello, TheDarnold.My name is aommaster and I will be helping you with your log.I apologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.If you have since resolved the original problem you were having, I would appreciate you letting us know. If not please perform the following below so I can have a look at the current condition of your machine.ThanksShould you still require assistance, please take note of the points below:Please track this topic by either adding it to your favourites or clicking the Options button at the top of this thread and then Track this topic.Please disable word-wrap before posting logs. This can be done by clicking Format and un-ticking the word-wrap feature in notepad. The logs that you post should be copied and pasted directly into the reply. Only attach them if requested or if they do not fit into the post.If you do not reply within 5 days, I will have to close your topic. Should you not be able to meet this, please notify me so that I will leave the topic open.Please do not install, update, or run any programs for the duration of the fix.If you do not understand the instructions I provide, please don't hesitate to ask. That's what I'm here for Please continue to reply to this topic until I give you the all clean. Just because there are no symptoms of infection doesn't mean that the computer is clean.If you are running Vista, please run all the fixes as an administrator. This is done by ... Read more

Read other 3 answers
RELEVANCY SCORE 42

Hello. I am having a problem with google going to random sites and also a lot of Vidmax advertisements have taken over my computer. I have a pop up blocker so it is only the advertisements on websites (however I fixed that problem by getting Firefox and downloading the no script add on and not using Internet Explorer anymore). For awhile this worked. Firefox would go to the sites I said using google so everything was fun. About 10 minutes it started going to random sites again (search engines, adult dating websites, etc). I followed the instructions and downloaded the GMER and DDS programs. I am using AVG 8.0 as my virus protection. Any help on how to get rid of this problem would be greatly appreciated. Thanks for your time.

Robert



DDS (Ver_09-02-01.01) - NTFSx86
Run by Sharon at 12:34:43.22 on 12/02/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.256.39 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceS... Read more

A:Google going to random sites, viruses, etc

Hello and Welcome. Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

---------------------------------------------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper at this forum.

---------------------------------------------------------------------------------------------

Please visit this webpage for download links, and instructions for running combofix:

http://www.bleepingcomputer.com/comb...o-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

... Read more

Read other 15 answers
RELEVANCY SCORE 42

Hi!
Three days ago I clicked on a bad link and got a page that looked like a MyComputer screen with a downloading box. I quickly turned off the internet but after running Avira it detected a number of trojans....mainly Dropper.Gen Trojan. It deleted those files and hasn't detected anything since but when I use google search my browser - FireFox 3.0.10 - gets redirected about 75% of the time to a random site. Malwarebytes also doesn't come up with anything

I have Windows XP with service pk 3
also, my computer will no longer boot up in safe mode

Thanks!! Anna

A:Google Redirected to Random sites

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 1 answers
RELEVANCY SCORE 42

Using Firefox and after googling get redirected to random sites
Sorry, had this prob a while and my last thread on said subject was inadvertently closed.

Heres a few logs hope someone can help. Cheers and thanks in advance!

Jackdawreg

A:Firefox Redirecting to random sites

And it was closed because you never responded. Are you going to stay with this? Or are you going to abandon it again? Please do let me know before I take the time to help you with a fix.

tea

Read other 10 answers
RELEVANCY SCORE 42

Hi
After searching on google and clicking a link from the results I often get redirected to random advert sites. Also occasionally popups appear from nowhere when not even using the computer. I have Malwarebytes Antimalware which I have done a quick scan but it doesnt pick anything up. Neither does my Norton Antivirus. Any help would be much appreciated.

A:Google redirects to random sites

Hello and welcome. let's do this...Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.Click the Start Scan button.Do not use the computer during the scanIf the scan completes with nothing found, click Close to exit.If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).Copy and paste the contents of that file in your next reply.Reboot into Safe Mode with Networking How to enter safe mode(XP/Vista)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equi... Read more

Read other 3 answers
RELEVANCY SCORE 42

Hello - When I search on google using either Firefox or IE, the results redirect me to seemingly random sites. I've tried disabling any add-ons that I think are running, scanned my computer a bunch with MSSE, but none of that helped. My friends have tried their magic (malwarebytes scans, avast scans, even combofix I guess) - but they don't seem to have the fu you guys do. Thanks!

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by amlive at 3:09:57 on 2012-04-06
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3935.2371 [GMT -5:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe ... Read more

A:Google redirects to random sites

Hello and Welcome to Bleeping Computer!!My name is Gringo and I'll be glad to help you with your computer problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At t... Read more

Read other 21 answers