Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I still get redirected


  • Please log in to reply
6 replies to this topic

#1 danamoonbeam

danamoonbeam

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:35 AM

Posted 22 February 2008 - 09:06 AM

This is not my original post but I used it to clean my computer (Win98SE) because I was experiencing the same redirect problem. It is hard to find software that still works on Win 98SE. Your instructions were wonderful. However when using Yahoo I still get redirected to a http://results.yahoo.com address before it redirects me to another site which I did not click on. Any other ideas??????????????

Thanks!!!!!!!

Here are the Scan Log Results you requested.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 02/21/2008 at 11:18 PM

Application Version : 3.9.1008

Core Rules Database Version : 3407
Trace Rules Database Version: 1399

Scan type : Complete Scan
Total Scan Time : 02:57:40

Memory items scanned : 56
Memory threats detected : 0
Registry items scanned : 2970
Registry threats detected : 14
File items scanned : 47863
File threats detected : 2

Browser Hijacker.Internet Explorer Zone Hijack
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net\ny
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net\ny#https

Unclassified.Unknown Origin
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad#OLE Module

Trojan.Media-Codec/V4
HKU\.DEFAULT\Software\Online Add-on
HKCR\videoPl.chl
HKCR\videoPl.chl\CLSID
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#ProductionEnvironment
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayIcon
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayVersion
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#Publisher
C:\PROGRAM FILES\VIDEO ADD-ON\UNINST.EXE

Dialer.Coulomb
C:\DIALLER.EXE

Edited by danamoonbeam, 22 February 2008 - 09:14 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:35 AM

Posted 22 February 2008 - 03:20 PM

HELLO danamoonbeam. I have split your post into it's own topic here. It is a;ways better to start your own topic. See how confusing it would be to try to respnd to two different problems on 2 different Operating Systems in the same thread. Some on is bound to do something wrong.
Did you run the scan from safe mode?
How to start Windows in Safe Mode
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 danamoonbeam

danamoonbeam
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:35 AM

Posted 24 February 2008 - 06:37 PM

I ran the ATF scan in safe mode which is what I believe the instructions said to do. I then restarted and rant he SAS scan.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:35 AM

Posted 24 February 2008 - 08:24 PM

How is it running now? Would you please post the scanlog report from the desktop PC.
To retrieve the removal information after reboot, launch SUPERAntispyware again.
Click Preferences, then click the Statistics/Logs tab.
Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
If there are several logs, click the current dated log and press View log.
A text file will open in your default text editor.
Please copy and paste the Scan Log results in your next reply.
Click Close to exit the program.

Edited by boopme, 24 February 2008 - 08:25 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 danamoonbeam

danamoonbeam
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:35 AM

Posted 24 February 2008 - 10:19 PM

These are the results I posted above. I think it is the same log.
When I use google I do not get redirected only when I use yahoo. The address bar reads www.results.yahoo.com then I get redirected to a site I did not click on. If I hit the back button twice I return to my original search page, if I then click on the same link I was just directed away from, it will go to that link.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 02/21/2008 at 11:18 PM

Application Version : 3.9.1008

Core Rules Database Version : 3407
Trace Rules Database Version: 1399

Scan type : Complete Scan
Total Scan Time : 02:57:40

Memory items scanned : 56
Memory threats detected : 0
Registry items scanned : 2970
Registry threats detected : 14
File items scanned : 47863
File threats detected : 2

Browser Hijacker.Internet Explorer Zone Hijack
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net\ny
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net\ny#https

Unclassified.Unknown Origin
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad#OLE Module

Trojan.Media-Codec/V4
HKU\.DEFAULT\Software\Online Add-on
HKCR\videoPl.chl
HKCR\videoPl.chl\CLSID
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#ProductionEnvironment
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayIcon
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayVersion
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#Publisher
C:\PROGRAM FILES\VIDEO ADD-ON\UNINST.EXE

Dialer.Coulomb
C:\DIALLER.EXE

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:35 AM

Posted 25 February 2008 - 11:18 PM

Let me just confirm that you ran the SAS from safe mode. Also run it again and post the log. It may have to go over something again. Thanks...post the new scan log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 danamoonbeam

danamoonbeam
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:35 AM

Posted 06 July 2008 - 06:27 PM

Long time for me to respond but here is the log. I updated sas before I began and ran everything in safe mode.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/06/2008 at 05:59 PM

Application Version : 4.15.1000

Core Rules Database Version : 3497
Trace Rules Database Version: 1488

Scan type : Complete Scan
Total Scan Time : 02:09:06

Memory items scanned : 59
Memory threats detected : 0
Registry items scanned : 2991
Registry threats detected : 0
File items scanned : 50047
File threats detected : 8

Adware.Tracking Cookie
c:\windows\cookies\ptaylor@ads.monster[2].txt
c:\windows\cookies\ptaylor@adopt.euroclick[3].txt
c:\windows\cookies\ptaylor@ad.yieldmanager[3].txt
c:\windows\cookies\ptaylor@burstnet[1].txt
c:\windows\cookies\ptaylor@apmebf[2].txt
.doubleclick.net [ c:\WINDOWS\Application Data\Mozilla\Profiles\default\6vgr0d3c.slt\cookies.txt ]
.serving-sys.com [ c:\WINDOWS\Application Data\Mozilla\Profiles\default\6vgr0d3c.slt\cookies.txt ]
.serving-sys.com [ c:\WINDOWS\Application Data\Mozilla\Profiles\default\6vgr0d3c.slt\cookies.txt ]
.serving-sys.com [ c:\WINDOWS\Application Data\Mozilla\Profiles\default\6vgr0d3c.slt\cookies.txt ]
.serving-sys.com [ c:\WINDOWS\Application Data\Mozilla\Profiles\default\6vgr0d3c.slt\cookies.txt ]
.atdmt.com [ c:\WINDOWS\Application Data\Mozilla\Profiles\default\6vgr0d3c.slt\cookies.txt ]
c:\WINDOWS\Cookies\ptaylor@adopt.euroclick[1].txt
c:\WINDOWS\Cookies\ptaylor@ad.yieldmanager[1].txt
c:\WINDOWS\Cookies\ptaylor@apmebf[1].txt




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users