Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirected to strange search engines


  • This topic is locked This topic is locked
33 replies to this topic

#1 shaz31

shaz31

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:London
  • Local time:02:51 PM

Posted 14 November 2009 - 04:00 PM

Hi, I hope someone can help!!! I have noticed that any time I request a site from google, I get redirected to another search engine which has nothing to do with the subject I am requesting. Also it seems to cut off my wireless connection ??????????? Can anybody help????
I am also now getting a windows message saying HOST SERVICES HAVE STOPPED WORKING AND HAS HAD TO CLOSE. WINDOWS IS SEEKING TO SOLVE THE PROBLEM. Is it going to get any worse????

Attached Files


Edited by shaz31, 14 November 2009 - 08:40 PM.


BC AdBot (Login to Remove)

 


#2 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:05:51 PM

Posted 20 November 2009 - 11:50 AM

Hi there,

Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds.scr to run the tool.
  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop. Post them back to your topic.
Download GMER here by clicking download exe -button and then saving it your desktop:
  • Double-click .exe that you downloaded
  • Click rootkit-tab and then scan.
  • Don't check
    Show All
    box while scanning in progress!
  • When scanning is ready, click Copy.
  • This copies log to clipboard
  • Post log in your reply.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#3 shaz31

shaz31
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:London
  • Local time:02:51 PM

Posted 20 November 2009 - 08:22 PM

Hi, Thank you for getting back to me, I can see that you are really busy. Please see attached files, I hope I've done them correctly?

Attached Files



#4 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:05:51 PM

Posted 21 November 2009 - 05:09 AM

Hi again,

Please visit this webpage for download links, and instructions for running ComboFix tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please ensure you read this guide carefully first.


Please continue as follows:
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link
    Remember to re-enable them afterwards.

  • Click Yes to allow ComboFix to continue scanning for malware.
When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New dds log.


A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#5 shaz31

shaz31
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:London
  • Local time:02:51 PM

Posted 22 November 2009 - 01:08 PM

Hi, Sorry for taking so long to get back to you. I ran the combofix, then the computer restarted & I cant find the results. I didnot get a chance to save it, what should I do now???????????????

#6 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:05:51 PM

Posted 22 November 2009 - 01:11 PM

Hi,

See if you're able to find c:\combofix.txt or c:\combofix\combofix.txt file. Please post its contents if either file exists. In other case, run ComboFix again and let it update itself. Post back the resultant log & fresh dds log.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#7 shaz31

shaz31
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:London
  • Local time:02:51 PM

Posted 22 November 2009 - 02:37 PM

Hi, I didnt find the combo, downloaded again. disabled firewall & anti=spyware, but getting warning message real time scanners are active. should I continue?

#8 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:05:51 PM

Posted 22 November 2009 - 02:44 PM

disabled firewall & anti=spyware

Hi,

Did you disable antivirus component too? If you did, then ignore the warning and let ComboFix run.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#9 shaz31

shaz31
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:London
  • Local time:02:51 PM

Posted 22 November 2009 - 02:57 PM

Hi, I disabled the Bullgard on acsess protection

#10 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:05:51 PM

Posted 22 November 2009 - 03:22 PM

Ok. Let ComboFix run and post back its log & fresh dds log when ready :(

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#11 shaz31

shaz31
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:London
  • Local time:02:51 PM

Posted 22 November 2009 - 09:14 PM

Hi I ran combo it finished successfuly, but I am unable to open anything else not even the control panel. Message c program files illegal operation attempted on a registry key that has been marked for deletion. What have I done wrong? I had to get a crash course on my sons blackberry to send this message, was a nightmare. I have left computer on. Frantic waiting!! Shaz

#12 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:05:51 PM

Posted 23 November 2009 - 12:28 AM

Please reboot and see if the issue still persists.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#13 shaz31

shaz31
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:London
  • Local time:02:51 PM

Posted 23 November 2009 - 05:25 AM

Hi I should have known by your non panic reply that it would work. Yes everything seems to be back to normal. :( :( .
This may seem like baby talk to you, but how do I zip/compress the attach folder? Dont laugh!!!

#14 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:05:51 PM

Posted 23 November 2009 - 09:56 AM

Hi,

Instructions for archiving can be found here. Post back the logs when ready :(

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#15 shaz31

shaz31
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:London
  • Local time:02:51 PM

Posted 23 November 2009 - 06:10 PM

Hi here are the attached files you asked for. The computer is a bit slugish, & my bullgard firewall cant communicate with server. I turned on the windows firewall just in case. Thank you for assisting me so far. :(

Attached Files






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users