Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Being Redirected, Help

  • This topic is locked This topic is locked
2 replies to this topic

#1 btcomm


  • Members
  • 24 posts
  • Local time:10:35 PM

Posted 31 May 2008 - 02:23 PM

Computer was infested with malware.

Removed the majority of it.

When I scan with superantispyware, I don't come up with anything in memory or registry.

When I use internet explorer and search for something on google like superantispyware I click on the link and I get redirected to

If I copy the links before I click on them they are


When I click on it, the page will not load, just can't be displayed and this is the address that shows up.


When I search for something on yahoo, it won't even bring up results and shows this as the address.


On the page is shows this.

Internet Explorer cannot display the webpage

Most likely causes:
You are not connected to the Internet.
The website is encountering problems.
There might be a typing error in the address.

This is my hijackthis log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:23:14 PM, on 5/31/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jose\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

End of file - 1909 bytes

I have tried running internet explorer with no add ons and the same thing happens.

Now when I use firefox this does not happen so I don't think it's hosts file or DNS.

I have seen this issue once before and I wasn't able to find out what was causing it.

Anyone see this before or know what would cause this?

I would figure some BHO in IE but there really isn't much in there.

Edited by Orange Blossom, 31 May 2008 - 08:16 PM.
Deactivate links. ~ OB

BC AdBot (Login to Remove)



#2 Baabiouz


    Finnish Malware Fighter

  • Members
  • 3,355 posts
  • Gender:Male
  • Location:Finland
  • Local time:09:35 AM

Posted 28 June 2008 - 12:16 PM

Hello Btcomm.

If you still need help, please post a fresh HijackThis log back here :thumbsup:
Posted Image

#3 Baabiouz


    Finnish Malware Fighter

  • Members
  • 3,355 posts
  • Gender:Male
  • Location:Finland
  • Local time:09:35 AM

Posted 05 July 2008 - 03:16 AM

This thread will now be closed.
If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you.
Include the address of this thread in your request.
If you should have a new issue, please start a new topic.
This applies only to the original topic starter.
Everyone else please begin a New Topic.
Posted Image

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users