Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Search redirect and audio ads

  • Please log in to reply
1 reply to this topic

#1 ct1985


  • Members
  • 1 posts
  • Local time:11:03 PM

Posted 08 November 2011 - 11:49 PM

I was searching Google news a couple days ago and clicked on a link that seems to have been for a smaller news site and suddenly all instances of Internet Explorer that I had opened closed and multiple error messages popped up. Unfortunately I did not take a screen shot, nor did I document the errors, but I searched the event logs for them and believe that this is what was displayed:

Faulting application name: iexplore.exe, version: 8.0.7600.16839, time stamp: 0x4e0015ef
Faulting module name: ntdll.dll, version: 6.1.7600.16695, time stamp: 0x4cc7ab44
Exception code: 0xc0000005
Fault offset: 0x00052016
Faulting process id: 0xf38
Faulting application start time: 0x01cc9cebb83c5648
Faulting application path: C:\Program Files\Internet Explorer\iexplore.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 5ab5a3a9-08df-11e1-8574-9aca6c57f45a

Since this event, my computer started to behave slow, so I immediately went to task manager and searched for the culprit. I did not have Internet Explorer running any more, but I saw an instance of iexplore.exe running still at high CPU. I immediately thought I had been infected and began to look for other symptoms before closing the instance. I unmuted my sound and turned it up, and sure enough, there was a advertisment playing for Sony music. It was an ad for a Leonard Cohen CD or something. I killed the instance, downloaded Combofix, stopped my antivirus and let it run. Nothing. I then searched this site for other methods of cleaning up issues that sound like mine, but I haven't been able to remedy it.

I am also getting search redirects now, so when I search google for something and click a link, it brings me to I can copy the link and paste it into the address bar and it goes to the page with no issues, but clicking the link causes the redirect.

Any assistance would be appreciated.

Edited by ct1985, 08 November 2011 - 11:52 PM.

BC AdBot (Login to Remove)


#2 jntkwx


  • Malware Response Team
  • 4,339 posts
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:12:03 AM

Posted 09 November 2011 - 06:03 PM

Hi ct1985,

Since you have already run Combofix, please follow the instructions in ==>Malware Removal and Log Section Preparation Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

Most importantly please be patient till you get a reply to your topic.


Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users