Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

redirected results and IE browser errors


  • Please log in to reply
3 replies to this topic

#1 310Cool

310Cool

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:59 PM

Posted 22 June 2010 - 09:11 PM

This just started ..I think
Searched for my regular poker/game site games.com clicked on the link and was redirected to some "store"
most all other searches in yahoo get redirected especially if opened in new tabs to harmless looking sites
gathiasklots etc

My IE browser won't open correctly all the time
I'll be missing the address bar and File/Edit bar
Sometimes it will open correctly and the redirects won't occur ..you'd think nothing is wrong

I'm sure other stuff is going wrong but i've just noticed it within the hour
haven't ran any programs yet

seems very common issue but I've never experienced this sort of thing
thanks for the help

BC AdBot (Login to Remove)

 


#2 chromebuster

chromebuster

  • Members
  • 899 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:the crazy city of Boston, In the North East reaches of New England
  • Local time:04:59 PM

Posted 22 June 2010 - 09:39 PM

I'd recommend running Malwarebytes Antimalware first and seeing if that picks up anything. little toolbars love to get in your way and redirect your search results to different sites that you didn't intend on going to. See what MBAM is able to pick up, and then post back the log.

Chromebuster

The AccessCop Network is just me and my crew. 

Some call me The Queen of Cambridge


#3 310Cool

310Cool
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:59 PM

Posted 23 June 2010 - 09:01 AM

I run adaware and spybot as well as malwarebytes maybe once a month or so but they hardly ever find anything worth the trouble ..I'm sure most people run these weekly
Avast and AVG never find anything at all

Malwarebytes always gives me a list of items unable to be scanned or something so maybe the bad stuff is in there

Anyway
Here is the log

Malwarebytes' Anti-Malware 1.34
Database version: 1768
Windows 5.1.2600 Service Pack 3

6/23/2010 6:06:36 AM
mbam-log-2010-06-23 (06-06-36).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 133567
Time elapsed: 25 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#4 310Cool

310Cool
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:59 PM

Posted 24 June 2010 - 10:23 AM

I ran super antispyware I saw linked to somewhere within this site

trojan and rootkit issues
I'll reboot now and see what the scan/cleaning process accomplished, if anything

groan

after reboot I don't seem to be experiencing redirects from yahoo search
IE seems to be opening up properly

Please tell me what to do next to make sure I get it by the root and not leave it to regenerate
Surely I can't be cured that easily


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/24/2010 at 11:09 AM

Application Version : 4.33.1000

Core Rules Database Version : 5113
Trace Rules Database Version: 0

Scan type : Complete Scan
Total Scan Time : 00:32:20

Memory items scanned : 478
Memory threats detected : 1
Registry items scanned : 5217
Registry threats detected : 16
File items scanned : 21127
File threats detected : 8

Trojan.Agent/Gen-FakeAlert[ClientNotify]
C:\WINDOWS\SYSTEM32\LABETVGA.DLL
C:\WINDOWS\SYSTEM32\LABETVGA.DLL

Adware.Tracking Cookie
C:\Documents and Settings\Owner\Cookies\owner@ad.wsod[2].txt
C:\Documents and Settings\Owner\Cookies\owner@kontera[1].txt
C:\Documents and Settings\Owner\Cookies\owner@at.atwola[1].txt
C:\Documents and Settings\Owner\Cookies\owner@ads.bleepingcomputer[1].txt
C:\Documents and Settings\Owner\Cookies\owner@advertise[1].txt

Adware.MyWebSearch/FunWebProducts
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#DeviceDesc

Trojan.DNS-Changer (Hi-Jacked DNS)
HKLM\SYSTEM\CONTROLSET001\SERVICES\TCPIP\PARAMETERS\INTERFACES\{F5EC781C-3AFC-4B2B-B1CC-1ABF931D84D6}#NAMESERVER
HKLM\SYSTEM\CONTROLSET003\SERVICES\TCPIP\PARAMETERS\INTERFACES\{F5EC781C-3AFC-4B2B-B1CC-1ABF931D84D6}#NAMESERVER
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{F5EC781C-3AFC-4B2B-B1CC-1ABF931D84D6}#NAMESERVER
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS#NAMESERVER
HKLM\SYSTEM\CONTROLSET001\SERVICES\TCPIP\PARAMETERS#NAMESERVER
HKLM\SYSTEM\CONTROLSET003\SERVICES\TCPIP\PARAMETERS#NAMESERVER

Disabled.SecurityCenterOption
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#UPDATESDISABLENOTIFY

Rootkit.TDSS
C:\WINDOWS\SYSTEM32\ERNEL32.DLL

Trojan.Agent/Gen
C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\CE834A45.EXE

Edited by 310Cool, 24 June 2010 - 10:46 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users