Over 1 million tech questions and answers.

Pop-ups And Banners On Random Sites

Q: Pop-ups And Banners On Random Sites

I am on a friend's computer, trying to corrct all the issues. Here is the logfile..Please HelpLogfile of HijackThis v1.99.1Scan saved at 2:33:27 PM, on 1/5/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\WINDOWS\system32\sstray.exeC:\WINDOWS\zHotkey.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exeC:\Program Files\Real\RealPlayer\RealPlay.exeC:\Program Files\Browser MOUSE\mouse32a.exeC:\Program Files\QuickTime\qttask.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\Program Files\Messenger\msmsgs.exeC:\PROGRA~1\WALGRE~1\WALGRE~1\data\Xtras\mssysmgr.exeC:\Program Files\Microsoft Office\Office\FINDFAST.EXEC:\Program Files\Microsoft Office\Office\OSA.EXEC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\WINDOWS\newfrn.exeC:\Program Files\Internet Explorer\iexplore.exeC:\hijackthis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blankR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htmO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: LinkTracker Class - {8B6DA27E-7F64-4694-8F8F-DC87AB8C6B22} - C:\Program Files\QL\qlink32.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dllO2 - BHO: (no name) - {C5AF2622-8C75-4dfb-9693-23AB7686A456} - C:\WINDOWS\DH.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dllO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /rO4 - HKLM\..\Run: [CHotkey] zHotkey.exeO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exeO4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYERO4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser MOUSE\mouse32a.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [0s0s0raw.dll] RUNDLL32.EXE 0s0s0raw.dll,b 4314031O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeO4 - HKLM\..\Run: [NewFrn] C:\WINDOWS\newfrn.exeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\WALGRE~1\WALGRE~1\data\Xtras\mssysmgr.exeO4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXEO4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXEO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.htmlO8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.htmlO8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.htmlO8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.htmlO8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.htmlO8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.htmlO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dllO9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exeO9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exeO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO12 - Plugin for .avi: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dllO12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dllO14 - IERESET.INF: START_PAGE_URL=http://www.emachines.comO16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.fastaccess.com/sdccommon/download/tgctlcm.cabO16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cabO18 - Filter: text/html - {3551784B-E99A-474f-B782-3EC814442918} - C:\Program Files\QL\qlink32.dllO20 - Winlogon Notify: ssldr - C:\WINDOWS\SYSTEM32\ssldr32.dllO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exeO23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

RELEVANCY SCORE 200
Preferred Solution: Pop-ups And Banners On Random Sites

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Pop-ups And Banners On Random Sites

Hello Webguy ATL and welcome to Bleeping Computer

As its been a few days can you please show us a new hijack log and we will see what we can do with it.

Read other 1 answers
RELEVANCY SCORE 60

This virus opens new tabs for specific sites like Roblox and Habbo hotel. It also provides the Infect computer ransom message with 877 number. In addition, it overlays banners on normal pages so that it appears to be integrated into the site. I have run ComboFix, RFKill, Malwarebytes, and ADWCleaner. I think I infected the computer when I clicked on a notice to update my Flash player.
 
Thank you in advance for your help!
 
Scott

A:Ransom virus, new tabs for sites like Roblox, and phishing banners on pages.

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/561653 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

Read other 10 answers
RELEVANCY SCORE 51.2

Please help me. I am having several problems that I've never had before with my computer and I am now convinced that it is hi-jacked and infected with malware.

The only protection I have used since I got the computer is avast antivirus protection and piriform ccleaner. I have had no malware, spyware or viruses on this computer in the past. I've had it for almost a year.

However my computer has since yesterday (i think) become infected. It has not slowed down much, but whenever I use Google, it redirects me to random sites. Many websites I visit regularly that have never had pop-up ads before now have pop-up ads.

When I went to check my e-mail in Hotmail, I received this message constantly:

"Please refresh your browser window. When you access your Windows Live Hotmail account from more than one computer, we ask you to sign in again to help keep your account private and secure."
At this point I decided to install Spybot, however the website was blocked. I went to download.com and downloaded it and attempted to install but I was unable to, receiving this message:

"Error sending request. The server name or address could not be resolved."

I just installed ad-aware and did a full scan and it found one malware agent and supposedly fixed it, but after rebooting all of these issues are still occuring.

So this brings me to here and now. I just downloaded Trend Micro HijackThis and here is my log:

Logfile of Trend Micro HijackThis v2.0.2
Sca... Read more

A:Google redirects to random sites, some sites blocked, can't install spybot.

Read other 6 answers
RELEVANCY SCORE 50.8

Hello there
it satrted about 7 days ago was using the net to brows ebay , sport facebook, ect . when i started to get re-directed to random sites the ip on 1 on sites was 206.161.121.82 . At the time i was using firefox so i unistalled , and have gone back to IE8 , but still get redirected to random sites . I use Spybot and McAfee and they dont pick nothing up . Plus i used Malwearbytes , and again nothing !!!!! .
Ive got a log from hijack this , and if anybody get chance could please have alook and see if you see anything . Iam a real thick when comes to pc stuff hence why im here . Fofgot to say im using windows XP sp 3

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:35:35, on 19/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA\RAID\raid_tool.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\McAfee.com\Agent\mcagen... Read more

Read other answers
RELEVANCY SCORE 50.8

I have IE(latest version) Firefox(3.07) and Google Chrome. When i go on Firefox, or IE, or GC, and go to either Yahoo or Google search engine, and search something, and CLICK the link, it redirects me to random websites, usually YellowPages. If i copy and paste the link off of Google and put it in my address bar, it takes me to the site just fine. I contacted my ISP for assistance, and they decided that it wasn't a virus. They had me Reset IE, and IE works again, with searching. Google Chrome works again. But, Mozilla doesn't They had me uninstall Mozilla, and reinstall it, and it was still the same problem. Can anyone help me? My computer HAS been going a little bit slower than usual, so i hope it isn't a virus. Any help would be appreciated, thanks.
 

A:Search Engines Redirect me to Spam Sites and Random Sites

You should take the system through the Virus and Malware Cleaning, attach the three logs and get help with the entries.

Instructions here: http://www.techspot.com/vb/topic58138.html

Redirects are usually due to malware.
 

Read other 3 answers
RELEVANCY SCORE 50.8

In addition to the browser redirects. Boot up time has become extremely long. Often when boot up is complete Macaffee and wireless network adapter are not working. Thanks much for any support you can provide.
RSL
DDS (Ver_09-07-30.01) - NTFSx86
Run by Family at 17:13:11.14 on Tue 09/22/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.133 [GMT -4:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Aventail\Connect\as32svc.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\D-Link\D-Link DWA-552 Xtreme N Desktop Adapter\acs.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\dlcxcoms.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched... Read more

A:IE Browser Hijacked... Redirects to random sites/search sites

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Pleaseinclude a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand corner o... Read more

Read other 2 answers
RELEVANCY SCORE 50.4

Quite often when I click a link in a returned search result from a website like www.whitepages.com it takes me to an unwanted and unrelated site. I have read somethings online about a Google redirect virus but I am not seeing this happen while doing a Google search. It seems to happen when doing a search or sort on a website and then the results are returned and when I go to click on one of the results I get sent to a page I do not want. I read on a forum that DDS, Gmer, and Attach.txt files can be helpful to someone who reads this. Another site this happens regularly on is www.adam4adam.com
Thank you for your help.

A:Redirected to unwanted/random sites from good sites

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Run Combofix:You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<Combofix may need to reboot your computer more than once to do its job this is normal.You can download Combofix from one of these links.Link 1Link 2Link 3 1. Close any open browsers or any other programs that are open.2. Close/disable all anti virus and anti malware programs so they do not interfere with the r... Read more

Read other 3 answers
RELEVANCY SCORE 47.6

Hello,

I'm having an issue where when I click on the result of an internet search, I am redirected to a non-related advertising type site. Also occasionally I will have the browser directed at some website and then all of the sudden a random window pops up with the same type of advertising type site as above.

It used to happen in both IE and firefox on both google and yahoo (possibly others, I only tried those 2). I have tried running Antivirus scans, malwarebytes and SAS. They found and removed a couple things, but no help. I then tried a system restore back to 2 weeks ago before I had any issues, but that also did not help. I've noticed now that it is only when I search using the integrated search area in the top right corner of IE (which is set to google). If I type in www.google.com in the address window, and then search from there, it does not redirect when I click on the results.

Thanks so much in advance!

Win XP Pro SP3, IE8

A:Random pop-ups and Search Result redirects to random sites.

Try this:http://www.bleepingcomputer.com/virus-remo...sing-tdsskiller

Read other 1 answers
RELEVANCY SCORE 45.2

Ok, so i had a virus on my computer a couple of days ago, " XP anti malware 2010 " !! i got rid of the virus. I used Malwarebytes anti' malware and SuperAnti spyware, spybot, AVG, Advanced system care and got rid of the virus !! so i used my computer regularyly now, and for some reason when im just using my internet ( Firefox ) i keep getting pop ups to random sites. some of them with viruses, and some prompting to download smthing with viruses. and also when i use google or any search enjine and i click on some link it takes me to the wrong siite, smthing really random, usually another search enjine that ive never heard of. the pop ups and the google redirects usually take me to the same site .

im about, to pull out my hair with this problem. when i scan with anything, im clean. so i really dont know whats going on. SOME ONE PLZZ HELP ME !!
I'm using a windows xp desktop,if that helps. and i also cant reinstall XP becase i dont have the CD, i dont have any cd's for my computer .

PLZZZZ HELP ME , THXXX !!

A:HELP!? I keep getting random pop-ups leading me to random sites!!

Also, just a few mins ago i got that nasty " blue screen of death " thing. it said a whole bunch of stuff but i just wrote down this :
:: _PAGE_FAULT_IN_NONPAGED_AREA
Technical Inforamtion:
:: -STOP: 0x00000050 (OXFBA8E4ED, 0X00000001, OX8O54BO4B, 0X00000000)

by the way i dont know if the zero or O's are zeros or O's srry ; )

Read other 11 answers
RELEVANCY SCORE 42.8

I'm having a very odd problem and was hoping someone could at least point me in the right direction. About a month ago, I lost the ability to log onto the Chase.com website. I can get to the homepage, but when I enter my username and password and hit submit, the page just times out. I have experienced the same issue with both IE9 and Google Chrome - both on the same PC and running under Win7 Professional 64 bit. What is interesting is that about a week ago, I lost the ability to log on with my Android Tablet.

My initial thought is that it was the router as both computers utilize the same router and cable modem, but my wife's laptop and my laptop both can still log onto the Chase.com website through the same router.

I have disabled both virus and firewall protection and still have the problem. I also noticed yesterday that another site had a similar issue when submitting a payment form. So, my thoughts went to it's an https: problem, but other secure sites work just fine.

I have VIPRE anti-virus (so does my laptop that works just fine) and I did a deep scan with no problems detected. I also ran Spy-Bot Search and Destroy with negative results.

Has anyone run across this before?

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz, Intel64 Family 6 Model 23 Stepping 7
Processor Count: 4
RAM: 8191 Mb
Graphics Card: NVIDIA GeForce GT 120,... Read more

Read other answers
RELEVANCY SCORE 42.4

Recently my laptop started opening IE itself.

Here is my HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:27:43 PM, on 8/18/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\program files\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\VB4tFPUl.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\... Read more

A:IE opening itself and going to random sites

Anyone? It's not as bad as it was but is still happening.
 

Read other 2 answers
RELEVANCY SCORE 42.4

Hi,

I've been having a problem whilst browsing. Any site I browse to or open from a link, loads a random site instead. And if I am lucky it will open the site I want, plus a random ASK.com search.

I have downloads and installed Adaware and Super Antispyware, but they come back clean. I've stopped what processes I dont recognise, clean out any startup items and emptied temp folders.

Any help will be greatly appreciated.

P.S. I also have Firefox installed and the same thing happens.

Deej
 

A:IE loads random sites

Download ComboFix here :

Link 1
Link 2
* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Here is a guide on how to disable them

Click me
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.
 

Read other 3 answers
RELEVANCY SCORE 42.4

It appears I am one of the unsophisticated users plaqued by this neferious affliction....
Thanks in advance....
DDS (Ver_09-03-16.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 9/20/2006 4:01:02 PM
System Uptime: 4/24/2009 11:45:38 AM (4 hours ago)

Motherboard: Dell Inc. | | 0M3849
Processor: Intel® Pentium® 4 CPU 3.20GHz | Microprocessor | 3192/800mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 74 GiB total, 48.661 GiB free.
D: is CDROM ()
E: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP587: 1/23/2009 7:21:14 AM - System Checkpoint
RP588: 1/25/2009 1:25:52 PM - System Checkpoint
RP589: 1/27/2009 10:31:46 AM - Installed Belkin 54Mbps Wireless Network Adapter
RP590: 1/27/2009 10:36:49 AM - Removed Belkin 54Mbps Wireless Network Adapter
RP591: 1/28/2009 10:55:06 AM - System Checkpoint
RP592: 1/29/2009 7:12:24 PM - System Checkpoint
RP593: 1/31/2009 10:42:12 AM - System Checkpoint
RP594: 2/1/2009 10:53:50 AM - System Checkpoint
RP595: 2/2/2009 6:14:21 PM - System Checkpoint
RP596: 2/3/2009 6:59:03 PM - System Checkpoint
RP597: 2/5/2009 6:42:06 AM - System Checkpoint
RP598: 2/7/2009 8:50:04 PM - System Checkpoint
RP599: 2/8/2009 9:08:41 PM - System Checkpoint
RP600: 2/9/2009 9:26:49 PM - System Checkpoint
RP601: 2/10/2009 10:19:34 PM - System Checkpoint
RP602: 2/10/2009 11:15:00 PM - S... Read more

A:Redirect to random sites

Hello komboking54,Please download Malwarebytes' Anti-Malware from one of these places:http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.htmlhttp://www.besttechie.net/mbam/mbam-setup.exeDouble Click mbam-setup.exe to install the application. * Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select "Perform Quick Scan", then click Scan. * The scan may take some time to finish,so please be patient. * When the scan is complete, click OK, then Show Results to view the results. * Make sure that everything is checked, and click Remove Selected. * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) * The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. * Copy&Paste the entire report in your next reply along with a fresh HijackThis log.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.Please do this:1. Download HijackThis? here:http://www.trendsecure.com/portal/en-US/th.../hijackthis.php2. Click 'Do a System Scan and Save log'.The HJT log will open in notepad.Thankstea,

Read other 2 answers
RELEVANCY SCORE 42.4

Hey all,
I am having a nasty issue with my Laptop. Everytime I click on a search in Google it takes me to some Random sites. I have run Malwarebytes, SuperAnti Spyware, and Avg 9.0. Noneof them seem to find anything. I even downloaded and ran Panda Rootkit Remover and it found nothing. I just ran Hijack this and wondered if someone could look at the log and tell me if they see something. I really appreciate it.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:21:40 AM, on 5/2/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\BisonC07\BisonM07.exe
C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Common Files\InstallShield\U... Read more

A:Random sites in google

Hello there Welcome to the TSG Forums.
My name is NeonFx. I'll be glad to help you with your computer problems. Logs can take some time to research, so please be patient with me.
Please note the following:

The fixes are specific to your problem and should only be used on this machine.
Please continue to review my answers until I tell you your machine appears to be clean. Absence of symptoms does not necessarily mean that the system is completely clean.
It's often worth reading through these instructions and printing them for ease of reference. I may ask you to boot into Safe Mode where you will be unable to follow my instructions online.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.

Step 1

Download OTS to your Desktop
Close ALL OTHER PROGRAMS.
Double-click on OTS.exe to start the program.
Check the box that says Scan All Users
Under Basic Scans please change the radio button under Registry from Safe List to All.
Under Additional Scans check the following:
Reg - Desktop Components
Reg - Disabled MS Config Items
Reg - NetSvcs
Reg - Shell Spawning
Reg - Uninstall List
File - Lop Check
File - Purity Scan
Evnt - EvtViewer (last 10)

Please paste the contents of the following codebox into the Custom Scans box at the bottom
Code:
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
scec... Read more

Read other 1 answers
RELEVANCY SCORE 42.4

ANY HELP APPRECIATED IN DECIPHERING WHAT MIGHT BE CAUSING BOTH MY IE AND FIREFOX BROWSERS FROM REDIRECTING TO RANDOM SITES AND SOMETIMES THE TASK ENDS WITH AN ERROR. ALSO UNABLE TO ACCESS "REGEDIT," BLEEPINGCOMPUTER.COM, MBAM UPDATES, ETC. THANKS! HIJACKTHIS LOG BELOW: -----------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:00:16 PM, on 4/12/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\System32\CTsvcCDA.exeC:\Program Files\Symantec AntiVirus\DefWatch.exeC:\WINDOWS\ehome\ehSched.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Symantec AntiVirus\SavRoam.exeC:\WINDOWS\System32\svchost.exeC: ... Read more

A:IE & FF Redirecting to Random Sites, etc.

Hi,Please download DaonolFix from the link below and save it to your DesktopDownload Mirror #1Double-click DaonolFix.exe to run it. Select 1. Find Daonol (no fix) by typing 1 and pressing Enter. You will see a lot of files being listed - don't worry, they are just being scanned.A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called DaonolFix.txt).Download ComboFix by sUBs from here or hereNote: If you already have a copy of ComboFix on your system it is essential that you delete it before downloading this copy.**Save it to your desktop**We need to disable one or more of your security programs so that they do not interfere with ComboFix.Right click on the icon in the taskbar notification area & select "Disable Symantec EndPoint Protection".Double click on ComboFix.exe & follow the prompts. If you are prompted to install the Recovery Console I recommend you go ahead and hit yes.When finished, it shall produce a log for you. Please save that log to post in your next reply along with a fresh HJT logNotes:Do not mouseclick combofix's window whilst it's running. That may cause it to stall.ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you - please let me know. ComboFix disconnects your... Read more

Read other 8 answers
RELEVANCY SCORE 42.4

When I visit random sites my IE shuts down, no error message or anything, it just closes. If I have more than one window open they all shut down. This will happen every time I try to visit the same pages. My husband needs to get to his Yahoo NFL page and is beside himself, lol.

I've run Ad-Aware and Spy sweeper and then done my Hijack This. I was wondering if I should run CW Shredder, but I wanted to wait till you took a look. Also, I was the idiot who downloaded Error Guard after coming to the computer and seeing it on the screen after an unsuccessful Scan Disk. I assumed it was an actual warning from my computer, not realizing my daughter had been on the computer and taken the Popup Stopper off. Dumb me.

I did a search here and someone mentioned installing a newer version of Java. What do you think?

Thanks for looking!
Logfile of HijackThis v1.93.0
Scan saved at 1:38:13 AM, on 12/27/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://red.clientapps.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default)=http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb... Read more

A:IE shuts down at random sites

Read other 9 answers
RELEVANCY SCORE 42.4

I've been getting redirected to random sites when doing searches especially when using GOOGLE - but the same thing happens with any search engine. Sometimes I'll actually be on a page - and suddenly a random page opens up. I'm using IE8 - Windows XP SP3 - with all the automatic updates. I've use Maleware and spyware and virus software and nothing seems to find the little bugger that is causing this. I've attached a Hijack log file to this questions.
 

A:IE redirects to random sites

Read other 9 answers
RELEVANCY SCORE 42.4

When I click on a link in Google it will open up the link, but also a new tab with some random site. Sometimes the site is sort of related to the links I'm clicking. Also new tabs will open up randomly without ever clicking a link, like a pop-up, always with a random site. I've run Malwarebytes free, IObit Advanced System Care free sometimes finding malware and removing it, but I still experience the random sites. Seems to happen less in Opera, more in Firefox and IE. I've looked at processes and can't seem to find any blatant offenders. I would totally read the forum tuts on how to remove it, but I don't know what "it" is. Thanks in advance, I really admire your guys' hard work.
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Administrator at 21:29:57.53 on Tue 05/17/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.339 [GMT -6:00]
.
.
============== Running Processes ===============
.
C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS�... Read more

A:I'm being taken to random sites, randomly

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

Read other 26 answers
RELEVANCY SCORE 42.4

i cant seem to get to some random sites, google, cnn for instance all do not connect, i've asked other people online and the sites seem to be up, i have no idea why this would start happening randomly
 

A:random sites not connecting

Please go to http://www.majorgeeks.com/HijackThis_d3155.html

Please note: When you download HijackThis put it in its own permanent folder like My Documents for example. DO NOT download to a temp folder or the desktop.

Launch program and click on the SCAN button. After scan click on Save Log . It should save to Notepad.

Click on Edit, then Select All. Then click Edit again then Copy. Then paste log back here in a reply.

DO NOT have HijackThis fix anything yet. Most of what it shows will be harmless / needed stuff. Wait for an expert to review it and advise you.
 

Read other 2 answers
RELEVANCY SCORE 42.4

I picked up a virus which totally paralysed my computer, however a local computer guy did what he does and removed it, however now i seem to have a redirect virus, and my guy is away for a while!

When i try to access a site that may contain help to get rid of it i get redirected, my email also wont open - clever really.

I have to go home download the program, then bring it back to work and so on.

I have got to the point where i now have a log file and was hoping someone can help.

I am on xp.

Logfile of HijackThis v1.99.1
Scan saved at 10:10:46, on 22/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\sistray.EXE
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Program Files\MessageStop\MessageStop.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Samsung\Digimax Viewer ... Read more

Read other answers
RELEVANCY SCORE 42.4

Hello, I have tried going on forums and other things on google and it keeps redirecting me. I've already scanned with Search and destroy, malware bytes, and they say i have NO viruses. then i used CCleaner to clean my cache and it still didn't work. I used a proxy site and im able to use Google and it doesnt redirect me. Also im able to use Google's Cached Sites. Please help. -Sauvus
 

A:Redirecting me to random sites

Bump..
 

Read other 1 answers
RELEVANCY SCORE 42.4

I was infected with Antisyware Soft. I believe Combofix got rid of that. Then I got this redirect virus and the time on my computer is now in military time. It redirects every search I make. I have to operate it in safe mode now. Could you please help?DDS (Ver_10-03-17.01) - NTFSx86 NETWORK Run by chris at 21:53:41.03 on Tue 05/18/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.478.190 [GMT -4:00]AV: avast! antivirus 4.8.1368 [VPS 100518-1] *On-access scanning enabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\system32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Internet Explorer\iexplore.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Documents and Settings\chris\Desktop\dds.scr============== Pseudo HJT Report ===============uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q105&bd=pavilion&pf=laptopuInternet Settings,ProxyOverride = <local>uInternet Settings,ProxyServer = http=127.0.0.1:5555uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0 ... Read more

A:IE redirects to random sites

Hello slowhand361, Welcome to Bleeping Computer. My name is fireman4it and I will be helping you with your Malware problem.Please take note of some guidelines for this fix: Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. If you do not understand any step(s) provided, please do not hesitate to ask before continuing. Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". Finally, please reply using the button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.1.Please Delete any previous copy of [b[Combofix[/b] from your desktop.2.Download and Run RKillPlease download RKill by Grinler from one of the 4 links below and save it to your desktop.Link 1Link 2Link 3Link 4 Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how. Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator) A black screen will appear and then disappear. Please do not worry, that is... Read more

Read other 12 answers
RELEVANCY SCORE 42.4

When I click on a link on google it takes me to a different site. I ran combofix and still have the problem.
Attached is combo fix log. I ran High Jack this but didnt see anything fishy.
Please HELP!!!!
John
 

Read other answers
RELEVANCY SCORE 42.4

Every time I search for different things on google or yahoo, and I click onto the link it sends me to another random site. The site is rated as being bad, so I know I have some form of malware/virus. The only way to get to the site that I actually am trying to go to is by copying and pasting. And also sometimes on the little tab, a random site will just pop up into that whenever I never tried going to a site.

I have used Spybot S&D, Malwarebytes, SuperAntiSpyware. I also have scanned many times with Avira. Any advice?
If you still didn't understand, let's say I searched wikipedia in the search bar. Whenever the links pop up I can choose to click on, and I click on one of the links... It instead sends me to a random website.

Note: Also whenever I would shut down the computer, it would be stuck on the screen saying "Saving your settings". The only way I could actually shut it down is by holding the actual power button.

A:redirected to random sites?

Any kind of help would be greatly appreciated.

Read other 2 answers
RELEVANCY SCORE 42.4

Hi, I would aprpeciate any help you can give. When using Firefox, I keep getting redirected to random sites every once in a while,
the one recurring most often is Skype. I've run AdAware, Spybot and yahoo anti spy, but the problem persists.
DDS (Ver_09-03-16.01) - NTFSx86
Run by Laily at 15:40:40.41 on 17/04/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_11
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.2.1033.18.2812.1074 [GMT 1:00]

AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WacomTouchService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Fi... Read more

A:I'm being redirected to random sites...

all three of those products are anti-spy/adware...do you have an actual Anti VIRUS that you could run?MBAM (http://www.malwarebytes.org/) is quick and simple and is my first pick for a diagnostic, but there's plenty of others available too. using yahoo anti-spy: http://help.yahoo.com/tutorials/yop/olp2/antispy1.htmlListing of Anti-malware products: http://www.bleepingcomputer.com/forums/t/405/antivirus-antimalware-and-antispyware-resources/someone else will have to do the actual log reviews as I am slammed right now, but this shoud get you started. Good Luck.

Read other 5 answers
RELEVANCY SCORE 42.4

A few days ago I got the windows xp 2010 mal ware. I followed some of the instructions i found on here to get rid of it. im not sure if something i did in that process was wrong, or if i ran into a completely different problem. Basically, the windows xp 2010 mal ware stuff stopped popping up. everything ran fine for like 30 minutes. then i noticed a started randomly getting those "wanring your system is infected please click here to complete scan" with a fake scanning looking pop up, it didnt look the same as the windows xp 2010 malware did either. it woudl let me exit out and it wouldnt pop up anymore so id run Malware bytes and everything would be fine. then a few time i got redirected to random sites.
Then yesterday I noticed everytime im online im constantly getting redirected. it started with clicking on links and also random new tabs would open and goto some site. (belgiumpersonals.com or yellowpages.com or weird ad sites). Now its like new browsers pop up, tabs open up, and almost every link i click on redirects in both firefox and IE.
I keep running malware bytes but the problem doesnt stop. im running an avg scan now.
what is happening and what do i do to fix it?
thanks to anyone who can help in advance

Read other answers
RELEVANCY SCORE 42.4

For awhile now, periodically I will try to go to a normal site .. i.e. paypal, or even my bank, or my own website .. basically it is very random, and sometimes I will even be in the site and click on another link in the site to take me somewhere else in the site and all of a sudden i get an SSL Error message like this:

Sometimes I can google the site I want and find a different link to the site I want and it works, but mostly I have to reboot and sometimes that fixes that particular site and sometimes it doesn't, sometimes I have to clear the cache & cookies and still reboot, and sometimes I just have to wait a day or a few hours and all of a sudden I'll try and it works. I don't ever proceed anyway, I always go back to safety or close the window and try something else. It doesn't always take me to the same place either, it's different url's that it's redirecting to, but they all have this similar message.

I've tried as I said, clearing all of my history, cache, cookies etc. Someone told me to delete some of my certificates, and I did that, but I wasn't sure which one's to do, so I just picked some random ones that I had never heard of.

I've run my antivirus, I've run Spyware Doctor, and just the other day I did something called Hitman Pro and I think something called TDSS Killer. But, I got this one when going to godaddy today and I just finally am at wits end and every time I come here for a problem, you g... Read more

A:SSL Error on random sites? can't get rid of it

Is there anyone who can help with this?????? Or should this be posted in a different forum????? It's driving me crazy. Here's my latest error that I get when trying to login to my comcast account.
 

Read other 2 answers
RELEVANCY SCORE 42.4

Hi, I'm getting redirected to random websites when I click on a link in google. Also the websites that it gets redirected to are mostly bogus search engines. I was using a P2P program and shortly after i noticed i had this redirecting problem so I'm pretty sure I got it from using that. I'd appreciate any help you can give me as I really don't know how to fix this issue.

Hijack log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:45:53 PM, on 8/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Razer\DeathAdder\razertra.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\sy... Read more

Read other answers
RELEVANCY SCORE 42.4

Hi, over the past couple of days I've noticed that whenever I click on a link from the list of a given search site that I get redirected to different websites that has anything to do what I actually clicked on. I tried using the GMER but system, sections, IAT/EAT, etc. everything below that to libraries is greyed out. The only options that are available to check/un-check are services, registry, files, C:\, ADS. I do have the DDS and Attach files just let me know what you will need me to do next.

A:Redirected to random sites

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and
Quote:




Having problems with spyware and pop-ups? First Steps




a link at the top of each page.

Please follow our pre-posting process outlined below.

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

Read other 1 answers
RELEVANCY SCORE 42

It started last week with a couple of malware/virus attacks. I ran malwarebytes and got some removed. However, now when I click on Google searches I get redirected to random sites. Also since the attack I haven't been able to access Window Updates or get Spyware Doctor restore points. I don't know if this means anything. Anyways, here is my log file, PLEASE HELP.Logfile of Trend Micro HijackThis v2.0.4Scan saved at 11:49:23 PM, on 6/1/2010Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v8.00 (8.00.6001.18904)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exeC:\Program Files\Lexmark 5600-6600 Series\lxdumon.exeC:\Program Files\Spyware Doctor\pctsTray.exeC:\Windows\WindowsMobile\wmdc.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Windows\System32\rundll32.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeC:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exeC:\Program Files\Acronis\TrueImageHome\TimounterMoni... Read more

A:Google redirects to random sites

Hello, mrkotter1.My name is aommaster and I will be helping you with your log.I apologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.If you have since resolved the original problem you were having, I would appreciate you letting us know. If not please perform the following below so I can have a look at the current condition of your machine.ThanksShould you still require assistance, please take note of the points below:Please track this topic by either adding it to your favourites or clicking the Options button at the top of this thread and then Track this topic.Please disable word-wrap before posting logs. This can be done by clicking Format and un-ticking the word-wrap feature in notepad. The logs that you post should be copied and pasted directly into the reply. Only attach them if requested or if they do not fit into the post.If you do not reply within 5 days, I will have to close your topic. Should you not be able to meet this, please notify me so that I will leave the topic open.Please do not install, update, or run any programs for the duration of the fix.If you do not understand the instructions I provide, please don't hesitate to ask. That's what I'm here for Please continue to reply to this topic until I give you the all clean. Just because there are no symptoms of infection doesn't mean that the computer is clean.If you are running Vista, please run all the fixes as an administrator. This is done by r... Read more

Read other 16 answers
RELEVANCY SCORE 42

Ive been having this problem for the last few days. Certain sites just dont open for me, although i know they should as they work elsewhere. Seems like a virus issue as it was sudden and my hijackthis results didnt look too hot either. I ran SUPERAntiSpyware today and this is the log after that. Got rid of quite alot of things but the problem still persists.

.)
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\defrag.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Downloads\AntiVirus\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - {0A00D11E-B1E7-44b5-AD88-C9190876AAC4} - (no file)
O2 - BHO: (no name) - {10AAAC1B-4610-4203-A961-53B091D5C541} - c:\windows\system32\yrlogvwt.dll
O2 - BHO: (no name) - {4110A3F4-740C-44C1-ACDF-1854DA16B1BC} - c:\windows\system32\mgcamgc.dll
O2 - BHO: (no name) - {53BF4347-8DC3-4B40-BED7-EE2880F91742} - c:\windows\system32\mgcamgc.dll
O2 - BHO: (no name) - {57B7B665-C847-495A-... Read more

Read other answers
RELEVANCY SCORE 42

Everytime i click on a site, from a search engine, it redirects me to a random site. Here is all the info that it is asked on this forum.

Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Extras.txt

OTL Extras logfile created on: 5/3/2011 11:15:55 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\HP_Administrator\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 75.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.41 Gb Total Space | 204.12 Gb Free Space | 89.37% Space Free | Partition Type: NTFS
Drive D: | 4.46 Gb Total Space | 0.40 Gb Free Space | 8.93% Space Free | Partition Type: FAT32

Computer Name: YOUR-55E5F9E3D2 | User Name: HP_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========
========== File Associations ==========

[HKEY_LOCAL_MA... Read more

A:browser re-directing to random sites

GooredFix

Log created at 23:49 on 03/05/2011 (HP_Administrator)

Firefox version 3.6.15 (en-US)

========== GooredScan ==========

(none)

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd} [07:57 12/03/2011]

C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\cb36nrb4.default\extensions\

(none)

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

(Key not found)

---------- Old Logs ----------

GooredFix[04.48.21_04-05-2011].txt
 

Read other 1 answers
RELEVANCY SCORE 42

Hi, Whenever I click on any link provided by any search engine in either Firefox or IE a new ta is opened and directed to any one of a number of random ad sites. Sometimes I can get around this by copying a web address and pasting it into the address bar, but often when I do this the site simply will not load. Spybot will no longer run, and AVG cannot connect to the update server. You will see on my DDS log that various proccesses have been "unexpectedly terminated." That's just me trying to fix my problem by blindly swinging a hammer (metaphorically).Here's the DDS log. Thank you and Good Luck. **Edit** Forgot to attach Attach.txt, here it is. **Edit**
 Attach.txt   13.04KB
  2 downloadsDDS (Version 1.1.0) - NTFSx86 Run by Drake at 15:13:13.30 on Fri 01/02/2009Internet Explorer: 7.0.6000.16643 BrowserJavaVersion: 1.6.0_03Microsoft? Windows Vista? Home Premium 6.0.6000.0.1252.1.1033.18.2047.1279 [GMT -8:00]AV: AVG 7.5.488 *On-access scanning disabled* (Outdated)============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\nvvsvc.exeC:\Windows\System32\svchost.exe -k secsvcsC:\... Read more

A:Constant Redirection to Random Ad Sites

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_ScanFollow the ... Read more

Read other 2 answers
RELEVANCY SCORE 42

DDS (Version 1.1.0) - NTFSx86
Run by Robert Henderson at 18:37:17.95 on Sun 01/04/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.520 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated)
AV: McAfee VirusScan *On-access scanning enabled* (Updated)
FW: McAfee Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1&... Read more

A:seach links take me to random sites

I solved this problem by formatting the boot drive reinstalling the OS.

Not only would it misdirect search links, but it wouldn't allow me to get to the McAfee update link or install download link. Bad juju. Drastic measures were called for.

Thanks, anyway.

Read other 2 answers
RELEVANCY SCORE 42

I got the fake antivirus popup last week, and no I did not fall for it! It would not let me close it or even open task manager or anything for that matter. Force shutdown my comp and the virus is still here. Virtumonde is the name of it. Tried to clean it with AntiMalware and Spybot Search and Destroy, 3 times each, and it remains. I tried to run gmer, but towards the end of the scan, avast and lsass.exe take up all of my CPU and I am unable to save the file or do anything for that matter. (lsass.exe, with an L) So I'm sorry I could not provide that log. Thanks for your help!PS: I am unable to attach anything to this post. I cant even copy and paste the location of Attach.txt. When I hit browse, the icons on my desktop flash and nothing happens.DDS (Ver_10-03-17.01) - NTFSx86 Run by Owner at 0:42:37.31 on Sat 07/03/2010Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_13Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.902 [GMT -4:00]AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\Program Files\Alwil Software\Avast5\AvastSvc.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exesvchost.exeC: ... Read more

A:Google redirects me to random sites

Hello and welcome to Bleeping Computer. *Please Subscribe to this Thread to get immediate notification of replies. See HERE*It is important not to make any further changes or run any other tools/updates unless instructed to. This may hinder the cleaning process of your machine.*Please be patient, all Bleeping Computer helpers are volunteers and have lives outside this forum.*You must reply within 5 days otherwise this topic will be closed.Please run another DDS scan and post the latest DDS report. Also make sure to attach the attach.txt. Thanks.

Read other 24 answers
RELEVANCY SCORE 42

Hi!
Three days ago I clicked on a bad link and got a page that looked like a MyComputer screen with a downloading box. I quickly turned off the internet but after running Avira it detected a number of trojans....mainly Dropper.Gen Trojan. It deleted those files and hasn't detected anything since but when I use google search my browser - FireFox 3.0.10 - gets redirected about 75% of the time to a random site. Malwarebytes also doesn't come up with anything

I have Windows XP with service pk 3
also, my computer will no longer boot up in safe mode

Thanks!! Anna

A:Google Redirected to Random sites

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 1 answers
RELEVANCY SCORE 42

System was hit by a Trojan and sveral virus. Most where taken care of by Symantec AV. Problem remains that IE6 opens random sites when running. Symantec scans show nothing. Ran Hijack this found some BHO's and removed them. Problem continues. Reinstalled IE6 still no changes. Help!!!!Mod Edit: Topic moved to more appropriate forum~ TMacK

A:Ie6 Winows 2k Opens Random Sites

Welcome to BC wadeoregonWhat was the name of the Trojan and other malware you found and removed? Some of this stuff drops additional malicious files on your system that often goes undetected unless you perform various scans.Please download ATF Cleaner by Atribune & save it to your desktop. DO NOT use yet. Please download and install SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here and unzip into the program's folder.)Under "General and Startup", make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.Under "Configuration and Preferences", click the Preferences button.Click the Scanning Control tab.Under Scanner Options make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program.Do not run a scan just yet.Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once ... Read more

Read other 1 answers
RELEVANCY SCORE 42

Using Firefox and after googling get redirected to random sites
Sorry, had this prob a while and my last thread on said subject was inadvertently closed.

Heres a few logs hope someone can help. Cheers and thanks in advance!

Jackdawreg

A:Firefox Redirecting to random sites

And it was closed because you never responded. Are you going to stay with this? Or are you going to abandon it again? Please do let me know before I take the time to help you with a fix.

tea

Read other 10 answers
RELEVANCY SCORE 42

whenever i go through a search engine and click a link it takes me to a random site that tried to sell me crap, web of trust stops them from loading all the way but it's still annoying as i have to click it multiple times to get the site to work and i found this topic that way (http://www.bleepingcomputer.com/forums/topic322288-15.html) and the person there seemed to have the same problem and i read through it and it said to start a new thread so i am. so please if someone can help, please do. thanks

A:firefox redirecting to random sites

Hello and welcome. Try this approach.Reboot into Safe Mode with Networking How to enter safe mode(XP)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode with Networking using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. >>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.RKill....Download and Run RKillPlease download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4

Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
If nothing happens or if the tool does not run, please let me know in your next replyDo not reboot your computer after running rkill as the malw... Read more

Read other 10 answers
RELEVANCY SCORE 42

I'm using Windows 8.1. The problems I'm having occur in Google Chrome.
 
I have no idea what happened, I didn't download or install anything, but since yesterday I get redirected to weird sites. It doesn't occur very often, but I don't trust it. I've been redirected 4 times now. In my history I see that I first get redirected to a youradexchange.com related website, and then to:
 
- ajyzz.promorewards.roadspace.biz
- 0vin60f6.com
 
When being redirected to 0vin60f6.com, AVG security popped up an alert about: "Exploit fake video player type 1750".
 
Of course I ran a full scan after this happened using AVG and MBAM, but they both found nothing. Then I ran AdwCleaner, which deleted some stuff, but this was not related to the problem I'm having now (I think). After that the redirecting occurred again, so I'm wondering what to do.
 
Thanks in advance for your time and help!

A:Redirect to random sites via youradexchange.com

I got the exact same thing yesterday, but I only ever got redirected once.

Read other 13 answers
RELEVANCY SCORE 42

I understand I have some type of malware. Google takes me to websites that aren't at all what I clicked on, sites like "savecompare.com" and other sites like that, I have ran AVG and supposedly got rid of the stuff, but its still doing it. I installed Malwarebytes, but for some reason it wont open up for me.

As my name suggests, I am pretty bad when it comes to tech stuff, but I know some, I have done the hijack this thing and have the log if you need that, but can someone help me out
 

A:Google takes me to random sites

Read other 7 answers
RELEVANCY SCORE 42

Internet explorer opens by itself and goes to different sites. I have run malwarebytes, ATF cleaner, Rkill with no results.

When trying to run GMER it gives me an error:

("C:\Docume~1\YoDKC\LOCALS~1\Temp\updapog.sys") error 0xC000010E: Cannot create a stable subkey under volatile parent key.
so when it runs everything is unchecked (blocked) except for services, registry, Files, and ADS. After it has run nothing has been found.

DDS File:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by YoDKC at 8:25:31 on 2011-11-15
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3071.2446 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe
C:\WINDOWS\System32\svchost... Read more

A:IE opens automatically to random sites

I forgot to add the Hijack this file:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:17:00 AM, on 11/15/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\isuspm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program... Read more

Read other 4 answers
RELEVANCY SCORE 42

hiya, i have got a big problem with me pc.... everytime i click on a link off google (eg. an article of wikipedia).. it forwards me to some random virus check websites which i kno it is not right... anyway here is the log

Thanks!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:32:46, on 02/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20978)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Aaron Man\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceSer... Read more

A:Spyware - Forward Me To Random Sites

anyone
 

Read other 1 answers
RELEVANCY SCORE 42

Hi there!

I am at my wits end - my computer will not connect to seemingly random sites. Not just secure sites either. Everything was working fine until a few days ago. There are a number that always work (msn.com, a number of local websites I visit often including my workplace) but the majority of everything else won't connect. Google (my homepage) works some of the time, but when I try to run a search from it I get nothing, just an error or a refresh. I have tested all my connections and it is working fine, I can still run MSN Messenger and Gmail Notifier (although I can't view my inbox). I have tested all my connection settings, flushed the DNS, ran a winsock fix, removed my firewall completely and tried to run Opera instead - NOTHING!
I am running Windows XP on a local network. Never had any problems like this in the past an no one else on the network is experiencing problems.

Any help would be GREATLY appreciated.

Thanks so much!

A:Can't Access Random Sites - Both Ie & Firefox

Please do an online scan with Kaspersky WebScanner.Hold down your "Shift" key and click on this link: Kaspersky WebScanner, to open the Kaspersky WebScanner in a new window.Click on "Kaspersky Online Scanner".You will be prompted to install an ActiveX component from Kaspersky, Click Yes.The program will launch and then begin downloading the latest definition files.Once the files have been downloaded click on "NEXT".Now click on "Scan Settings".In the scan settings make that the following are selected:Scan using the following Anti-Virus database:
Extended (if available otherwise Standard)Scan Options:
Scan Archives
Scan Mail BasesClick OK.Under select a target to scan, select "My Computer".This will program will start and scan your system.The scan will take a while so be patient and let it run.Once the scan is complete it will display if your system has been infected.Upon completion, click on the "Save as Text" button.Save the file to your desktop.Copy and paste that information in your next post.Billy3

Read other 4 answers
RELEVANCY SCORE 42

Sometime today, I noticed that my google searches started redirecting me to some weird search engines full of ads or some ad sites. I also found that my system restore had been disabled. Basically, this is what I did :1) Deleted cookies and temp internet files.2) Ran prefetch and cleared the folder.3) Ran %temp% and cleared the folder.4) Ran Malwarebytes (which found some malware) and deleted the items.5) Ran Hijackthis and analysed it on hijackthis.de - didn't show any discrepancies.6) Used gpedit and enabled system restore - started the service.7) Retried a google search - the issue still occurred.8) Ran Trendmicro housecall which (found some malware as well) and deleted the infected files.9) Retried the google search - no go. "dds.txt"DDS (Ver_09-12-01.01) - NTFSx86 Run by User at 1:36:19.64 on 27/01/2010Internet Explorer: 7.0.5730.11Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.510.64 [GMT 0:00]AV: PCguard Anti-Virus *On-access scanning disabled* (Outdated) {5B5A3BD7-8573-4672-AEA8-C9BB713B6755}FW: PCguard Firewall *disabled* {80593BF4-D969-4EC5-ADAE-A22F2DFC7A22}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\Program Files\Virgin Broadband\PCguard\Fws.exesvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Virgin Broadband Wireless\Af... Read more

A:google redirects to random ad sites in IE

I also did a OTL custom scan (after seeing it on another forum) usingnetsvcs%SYSTEMDRIVE%\*.exe/md5starteventlog.dllscecli.dllnetlogon.dllcngaudit.dllsceclt.dllntelogon.dlllogevent.dlliaStor.sysnvstor.sysatapi.sysIdeChnDr.sysviasraid.sysAGP440.sysvaxscsi.sysnvatabus.sysviamraid.sysnvata.sysnvgts.sysiastorv.sysViPrt.syseNetHook.dllahcix86.sysKR10N.sys/md5stop%systemroot%\*. /mp /s%systemroot%\system32\*.dll /lockedfilesCREATERESTOREPOINT----------------------------------------------------------------------------------------------------------------------------------------------OTL logfile created on: 27/01/2010 02:10:34 - Run 1OTL by OldTimer - Version 3.1.27.0 Folder = C:\Documents and Settings\User\DesktopWindows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 7.0.5730.11)Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 510.00 Mb Total Physical Memory | 150.00 Mb Available Physical Memory | 29.00% Memory free1.00 Gb Paging File | 1.00 Gb Available in Paging File | 53.00% Paging File freePaging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 38.28 Gb Total Space | 24.08 Gb Free Space | 62.91% Space Free | Partition Type: NTFSD: Drive not present or media not loadedE: Drive not present or media not loadedF: Drive not present or... Read more

Read other 8 answers
RELEVANCY SCORE 42

Hi
After searching on google and clicking a link from the results I often get redirected to random advert sites. Also occasionally popups appear from nowhere when not even using the computer. I have Malwarebytes Antimalware which I have done a quick scan but it doesnt pick anything up. Neither does my Norton Antivirus. Any help would be much appreciated.

A:Google redirects to random sites

Hello and welcome. let's do this...Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.Click the Start Scan button.Do not use the computer during the scanIf the scan completes with nothing found, click Close to exit.If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).Copy and paste the contents of that file in your next reply.Reboot into Safe Mode with Networking How to enter safe mode(XP/Vista)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equi... Read more

Read other 3 answers