Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Getting Worse! Please help!

  • Please log in to reply
No replies to this topic

#1 Capn Easy

Capn Easy

  • Members
  • 597 posts
  • Location:New Jersey
  • Local time:02:48 PM

Posted 02 December 2009 - 11:52 PM

Hi. I hate to be a nooge, but I posted a problem I had a week ago with a single search term being redirected in Google -- only that one search term was redirected. That much has stayed constant -- I've been using Google all week and only that one search term is redirected. My post has dropped down to page 12 and I think it's pretty much off the grid by now.

Tonight I tried to run Hostsman to update my Hosts file and Avast! immediately put up the Warning notice that:

12/2/2009 11:40:42 PM SYSTEM 2016 Sign of "Win32:Delf-MZG [Trj]" has been found in "C:\Program Files\HostsMan\hm.exe" file.

I quarantined the file, but now I'm very concerned. When it was just the one redirect it was interesting, but this has me a bit panicked.

I've copied last week's post here.

Can anyone help?

EDIT: Okay, it looks like Avast! may be reporting false positives right now with virus database 091203-0, the one I'm using right now, according to what I read in the various forums. I'll keep a good thought, anyway.

But my redirect problem IS still there, and I'd like to get to the bottom of it, if anyone can help. Thanks!

Hello again -- I was here with a severe problem about a year ago. It took several weeks, and a lot of help, but I got cleaned.

I also learned a few things. I have since installed the NoScript and Cookie Whitelist addons to Firefox, I installed the free version of ZoneAlarm, and I installed a Hosts file managed by Hostsman. I am running Avast! as my antivirus program and I update and run MBAM every day. I'm using Windows XP SP3, and Firefox 3.5.5, and I keep check on my software with Secunia PSI

Tonight I noticed some disturbing things. First, some options on my Google toolbar were turned on that had never been turned on before -- I didn't do it. Second, after checking in with a couple of forums and poking through Archive.org I did a Google search -- and when I clicked on the top item I was redirected. I've since tried it a few times and when I run the identical search and click on the first result I get redirected to the same site. If I click back a page to the search and click on the top result again I go to the proper site.

The Google search term is: "bob and ray" "music factory"

The first result on the Google search results page is:

Bob & Ray: The Lost Episodes: Volume 5
The Online Home of Bob and Ray. ... Story Teller (1:18); Farley Hubler, 42 Year Old
Industrialist Failure in 1968 (2:33); Music Factory Outro (1:11) ...
www.bobandray.com/albums/lost5.html - Cached

The first time I click on that result after running the search I am redirected to :


If I go back to the search page and click on the first result again I get to the correct page:


As soon as I realized what was happening (after scratching my head and trying it again) I closed Firefox, updated MBAM, and ran a Quick Scan. The results are:

Malwarebytes' Anti-Malware 1.41
Database version: 3241
Windows 5.1.2600 Service Pack 3

11/27/2009 4:15:24 AM
mbam-log-2009-11-27 (04-15-24).txt

Scan type: Quick Scan
Objects scanned: 117518
Time elapsed: 8 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

My last scan was last night.

I'd appreciate some guidance by a staff member to see if I've somehow picked up some new malware. I'd be crushed -- I've really been trying to stay safe!


Edited by Capn Easy, 03 December 2009 - 12:17 AM.

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users