Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

when searching, my web browser is redirecting


  • This topic is locked This topic is locked
74 replies to this topic

#1 winker12

winker12

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:03:11 PM

Posted 06 December 2009 - 05:31 PM

I use Windows XP and use Firefox along with Explorer and both redirect searches. This has been going on the last couple of weeks. I tried a system restore, didn't work. I have McAfee installed and it will find stuff and delete it but it comes back. Same thing with Malewares. Today I tried SuperAntiSpyware in the safemode and it found a bunch of adware and 8 trojans! I just tried the search and it's back. Any advice is appreciated as I can't get rid of this!

BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,308 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:11 PM

Posted 17 December 2009 - 04:16 PM

Hi, I think your topic got overlooked :( Can you please do the following?

GMER
-------
Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 winker12

winker12
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:03:11 PM

Posted 04 January 2010 - 02:22 PM

The browser redirect has been going on for 2 months. When you enter a subject to search, it will bring up many options usually related to the subject-this is using the Yahoo search engine. After the 3rd time, it will finally bring up the correct results. Occasionnally it will bring up the system is infected and you need to dload windows defender. I've been using malewares, spybot, and superantispyware. They will usually find something and clean it but it keeps coming back.
This morning there was a message of a "Potential Trojan.SPM/LX.It said I need to upgrade current security software. Click ok to dload official intrusian detention system (ids software).
I ran malewares and it found about 30 potential items. It needed a reboot to complete and when I did this, the computer started to reboot (Windows loading-then the screen is black. I turned off, then on to safe mode and it when I choose to start in safe mode, it starts then stops after loading the drivers and freezes.
I am running windows xp. This also happens when using internet explorer-I use Firefox. Any help is appreciated.

#4 winker12

winker12
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:03:11 PM

Posted 06 January 2010 - 07:08 AM

Thanks for the reply. Since this thread, my computer now doesn't boot up. The problem continued-redirect-and I could run malware and super anti spyware. They would find malware but would not fix the problem. About three days ago, I ran malware and it found all kinds of stuff and told me to reboot. When I did, the Dell sreen comes up, then goes blank. I tried in safe mode and it runs for a minute and stops after loading drivers-I believe. (I posted another thread 2 days ago about this).
Last night, I moved my older harddrive as the c drive and my infected hd as the e drive-I have a thread I posted last night about this. I can access the e drive from here but don't know what to do. I did run super anti spyware on the e drive last night and it found all kinds of malware again along with trojans. When it was finished I didn't reboot. Then I tried to run McAfee on the e drive and went to bed. This morning it appears the computer rebooted and I can't tell if McAfee finished or not-I asuume it did. I'm using it now but I know the e drive is still bad. Should I reconnect the e as the c drive and see what happens? Thanks

#5 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,308 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:11 PM

Posted 06 January 2010 - 03:55 PM

I merged your topics to avoid confusion and closed the one in the hardware forum.

Please connect your drives as they were and do the following:

We Need to Diagnose Your BlueScreen
  • When you boot your machine, press F8 to list the startup options, exactly as you would if you were trying to enter Safe Mode
  • Select "Disable Automatic Restart on System Failure", as shown here:
    Posted Image
  • When your system BSODs, write down the STOP error code, as well as any written out error message back here. The STOP error will always appear, but the message may not. You are looking for this:
    Posted Image
Also let me know if you have your XP CD at hand or the possibility to burn a small iso-file to a CD.

Edited by elise025, 06 January 2010 - 03:57 PM.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#6 winker12

winker12
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:03:11 PM

Posted 06 January 2010 - 04:37 PM

ok. I reconnected the infected bad drive and booted up in safe mode. I selected to disable automatic restart on system failure twice and both times my screen goes black. I do have my windows cd.

#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,308 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:11 PM

Posted 06 January 2010 - 04:40 PM

Can you please try to give me some details as to what applications you did run before the system became unbootable?

This might help me determining what is causing this and/or where to look :(

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#8 winker12

winker12
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:03:11 PM

Posted 06 January 2010 - 04:54 PM

I believe I was running Malwares. Over the past 2 months, I've used SuperAnti Spywares,Spybot, and others that were mentioned on other threads. Previously, I would clean it with malwares and it might find 2 to 6 items and you would think it got rid of them. Then I'd do a search and it wouldn't work. The last couple times, it found about 50 malware, it seems like 4 virus, a trojan. After saying I needed to reboot, was when the screen when black. I was running primarily malwares about every other day.

#9 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,308 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:11 PM

Posted 06 January 2010 - 05:05 PM

Do you mean Malwarebytes Antimalware? :(

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#10 winker12

winker12
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:03:11 PM

Posted 06 January 2010 - 05:13 PM

Sorry-that's it. It's weird, usually when it boots up, you can hear the harddrive ( I assume). But I was thinking maybe the fan was goingbad. That's why I connected the old harddrive and it came up and I was able to access the bad hard drive. If the harddrive were bad, I assume I wouldn't be able to access it, right?

#11 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,308 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:11 PM

Posted 07 January 2010 - 03:04 AM

Ultimate Boot CD for Windows

Let's try to boot your computer using an Ultimate Boot CD for Windows (UBCD4win). First we have to make one. Please follow the steps below and let me know if you were successful. If you were unable to create the UBCD4win, please tell me what error messages you got and/or what steps you got hung up on.

1. Download and Run Ultimate Boot CD for Windows Version 3.50
  • Save it to your Desktop.
  • Double-Click on the UBCD4Win.EXE that you just downloaded to your desktop.
  • Follow all of the instructions/prompts that come up.
    NOTES:
  • Do not install to a folder with spaces in it's name.
  • Your Anti-Virus may report viruses or trojans when you extract UBCD4Win, these are most probably "False-Positives." Read HERE for information regarding the files that normally trigger AV software.
2. Insert your XP CD with SP1/SP2 into a CD Rom drive
  • Double-Click on UBCD4WinBuilder.exe located in your C:\ubcd4win folder.
  • If this is the first time you have run UBCD4Win PE Builder you will see this message, please read it:

    Posted Image

  • You will then see the following message, click NO:

    Posted Image

  • Another window will open:

    Posted Image

  • Make the following selections:
    • Builder
    • Source:(path to Windows installation files)
    • Enter the path to the drive where your XP CD is located.
    • You can click on the "..." button on the right to navigate to the path as well.
  • Custom: (include files and folders from this directory)
    • No information is necessary, leave blank.
  • Output: (C:\ubcd4win\BartPE)
    • Keep the default BartPE
  • Media output
  • Place a tick next to Create ISO image:(enter filename)
  • The path and file name will be created if they do not exist.
    NOTE: The filename MUST have an .iso extension or it will not be created
  • Place a tick next to Burn to CD/DVD
  • Use this option if you have 2 CD/DVD drives. Your XP CD will be in one drive already. Just place a blank CD in the empty drive.
  • If you only have 1 CD/DVD drive, then DO NOT place a tick next to Burn to CD/DVD.
[/list][*]Now click on the Build button
  • If you have built the project previously, you will see this screen (you will want to click Yes):

    Posted Image

  • If this is the first time building, you will see the Windows EULA message. Click on I Agree:

    Posted Image

  • You will now see the Build Screen. Let it run it's course:

    Posted Image

  • When the Build is finished, you will see the following "finished" screen:

    Posted Image

  • You can now click close, then exit
  • If you chose the option Burn to CD/DVD from above, then your CD will also be ready for use.
  • If you did not choose the option Burn to CD/DVD from above, then you will now have burn your ISO file to CD
  • Please see HERE on how to burn an ISO to CD.
[/list]1. Restart Your Computer Using the UBCD4Win Disc That You Have Created
  • Insert the UBCD4Win disc in to one of your CD/DVD drives.
  • Restart your computer.
    • The computer should choose to boot from the UBCD4Win CD automatically. If it doesn't and you are asked if you want to boot from CD, then choose that option.
  • In the window that pops up select Launch The Ultimate Boot CD For Windows and press Enter.
    • It may take a little longer for the Desktop to appear than it does when you start your computer normally. Just let the process run itself until the desktop appears.
  • Once the desktop appears, you will receive a message asking: Do you want to start Network support?
    • Click on NO
  • You should now have a desktop that looks like this:

    Posted Image

Can you please check for me if the following file exists: c:\windows\system32\drivers\atapi.sys

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#12 winker12

winker12
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:03:11 PM

Posted 07 January 2010 - 09:04 AM

Got it done. Yes, c:windows\system32\drivers\atapi.sys is there. It shows it being modified on 1/2/10.
I don't know if this means anything, after putting the UBCD4 in, it still went to the black screen. I had to hit f-12 that brought up the start up menu.

#13 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,308 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:11 PM

Posted 07 January 2010 - 09:33 AM

Sorry, I am not understanding this entirely, what startup menu came up when you hit f12?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#14 winker12

winker12
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:03:11 PM

Posted 07 January 2010 - 10:19 AM

I put the UBDD4 cd that I made and restarted the computer. The Dell logo came up along with press F12 to boot. The first time I just let it to continue and it went to a black screen, like it's been doing. So I turned the computer off and when the Dell logo came up, I pressed the F12 key which brought up the boot menu-it gave me the option on booting normal, primary, disc, hard dick, drive c, ide-cd-drive which is what I did.

#15 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,308 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:11 PM

Posted 07 January 2010 - 11:07 AM

Okay, thats fine :(

Please check if the following file exists: c:\windows\system32\drivers\iastor.sys

Also, please post me the specs of your computer (manufacturer, make, model, number), so I can check what HDD controller you are using.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users