Tech Problem Aggregator

after windows resore now have Google Redirect, Bogus Radio Station > noob

Q: after windows resore now have Google Redirect, Bogus Radio Station > noob

HI there,
I had the windows restore issue a few weeks ago and managed to get rid of it be searching on your site. I'm a noob and a bit computor illiterate...so please bear with me...
I seem to have the google redirect is affecting both IE and Firefox, and fake radio stations for IE..

Please help and thanks in adavance for your patience

A: after windows resore now have Google Redirect, Bogus Radio Station > noob

Hello,Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.Orange Blossom

28 more replies
Answer Match 96.3%

Problems= google redirect and bogus radio station with no desktop screen playing

1. Safeboot with or without networking does not work
2. mbam, trendhouscall, hitmanpro3.5 all clean
3. Combofix locks up within several minutes of autoscan starting

===

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:08:10 PM, on 11/15/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Nuance\dgnsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATT-SST\McciTrayApp.exe
C:\Program Files\Common Files\Jav... Read more

A:Google Redirect, Bogus Radio Station & Combofix locks up

1. I finally was able to load and run tdsskiller via the zip download. It found a win32 fault and cured it.
2. I ran Combofix by letting it run even though the time clock on my desktop screen stopped working after copmbofix started scanning. A long time later a log file for combofix was created indicating problems were corrected for. I let combofix run while I webnt to sleep just in case it needed lots of time to scan. When I awaoke the log file in notepad was on screen.
3. I still have problems with my icons not using the correct icon graphic but the default icon next to the name of the program. What ever I had turnded off my icons and my start up menu program names. Most folders under programs are empty even though the namer of the program was relisted at some point. I had used unhide.exe by your founder to make my icons reaapear. I did this several days ago trying to undo the harm of provacy protection fake security program wiping out my interface.
4. Safe mode now boots thanks to combofix.

Attached is the comvbofix log file.

ComboFix 11-11-16.02 - User 11/17/2011 3:23.4.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2551 [GMT -5:00]
Running from: c:\documents and settings\User\Desktop\ComboFix.exe
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Al... Read more

25 more replies
Answer Match 81.48%

For a few weeks now I have been infected with the Google Redirect virus or malware whichever it is. In addition, I have also received the Blue Screen of Death on more than one occasion. Most times it says that it was an unidentified error but today it said it had something to do with my audio software. Other areas that have been infected include my CD/DVD drive, Network settings, Windows Firewall and ability to run anti-malware software. I recently bought a router and my laptop couldn't play the set-up dvd. Also, yesterday I tried to burn a cd which I've had no problem doing for years through Windows Media Player and it said that I "Had to connect a cd burner and then close Windows Media Player and try again." When I double-click on Network Setting in the control panel the folder is blank. When I try to run the Windows Firewall from the Control Panel it states that "Windows cannot start the Windows Firewall/ICS service." To try to solve the problem I have installed and ran MBAM and SuperAntiSpyware. When I can get them to run they do recognize infections but the same infections are there in subsequent scans whether or not I quarantine or delete. Currently, these systems only run in safe mode, alternate start for SAS or changing the .exe file to a .com or something similar for MBAM. Following are my system specs. This is an older laptop that I got handed down so I'm just curious if it can be saved or if I should bite the bullet and get a new one, also steps... Read more

A:Google Redirect/system32uacinit.dll/bogus Windows antivirus pop up

Hello sonnyssk32,Sorry about the delay. If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.Please do this:1. Download HijackThis? here:http://www.trendsecure.com/portal/en-US/th.../hijackthis.php2. Click 'Do a System Scan and Save log'.The HJT log will open in notepad.Thanks,tea

6 more replies
Answer Match 73.08%

When I search with any search engine and attempt to selecte one of the hits, I am redirected to another site, often another search engine. Often times I instead get a bogus virus warning I cannot get out of without killing the internet connection via Task Manager.

Here are the logs I was reguested to run.

DDS (Ver_09-12-01.01) - NTFSx86
Run by Brad marcum at 22:35:05.65 on Mon 12/14/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.165 [GMT -6:00]
============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ActivCard\ActivCard Gold\acevtsrv.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\... Read more

A:Google Redirect and Bogus Virus Notification

Hi, Download OTL to your desktop.Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.When the window appears, underneath Output at the top change it to Minimal Output. Check the boxes beside LOP Check and Purity Check.Under the Custom Scan box paste this in

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
c:\$recycle.bin\*.* /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
explorer.exe
svchost.exe
userinit.exe
qmgr.dll
ws2_32.dll
proquota.exe
imm32.dll
kernel32.dll
ndis.sys
autochk.exe
spoolsv.exe
xmlprov.dll
ntmssvc.dll
mswsock.dll
Beep.SYS
ntfs.sys
termsrv.dll
sfcfiles.dll
st3shark.sys
ahcix86.sys
srsvc.dll
/md5stop

Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.Please download GME... Read more

15 more replies
Answer Match 72.24%

My system is an old (2003) Pentium 4, 2.6ghz single processor. Replaced the hard drive a little under a year ago, running XP Pro, SP3.
It's on a Verizon FIOS wireless router with one other desktop and a laptop.
I was using AVG 9 Free as my malware protection.

I am not a power user, or even particularly competent. The last time I really understood my computer was my Amiga 500. This old computer is primarily used by my teen son for homework, youtube, and playing flash games and Battlefield 2142.

Sunday, he told me there was a virus warning. I told him not to click or accept anything, and I highlighted the windows and used alt-F4 to shut them down. AVG hadn't detected anything, and I discovered google was redirecting when I tried to look into making sure its definitions were up to date.
When I tried to use ctl-alt-del to bring up task manager, it opened and closed immediately.

I rebooted into safe mode with networking and downloaded malwarebytes to try to get a second program to scan. It found an infection and announced it cleaned. The computer seemed okay. However, when I rebooted out of safe mode, I noticed that instead of the two users normally offered (named after my wife and son, the former with admin priviliges), it offered "Administrator" and wife. I was stupid and assumed that it had reverted somehow, and I tried all the passwords I would normally put on something like that,to no avail. I finally selected wife, and got in.

The system was ru... Read more

A:Rootkit, google redirect, bogus user account

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

18 more replies
Answer Match 72.24%

Hello!When I do a search in Google, I get the right search results. But clicking on them would take me to some bogus pages. This happens only in Firefox not in Internet Explorer. I have tried MalwareBytes and Adware and they did not fix the problem.Here's the RSIT log file. Thank you for your help!-JoeLogfile of random's system information tool 1.05 (written by random/random)Run by Joe at 2008-12-19 16:59:01Microsoft Windows XP Professional Service Pack 3System drive C: has 28 GB (36%) free of 76 GBTotal RAM: 1535 MB (46% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 4:59:02 PM, on 12/19/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16762)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Symantec AntiVirus\DefWatch.exeC:\WINDOWS\System32\svchost.exeC:\Progra... Read more

A:Google search results redirect to bogus pages!

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I may ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.Please download SDFix and save it to your Desktop.Double click SDFix.exe and it will extract the files to %systemdrive%(Drive that contains the Windows Directory, typically C:\SDFix)Please then reboot your computer in Safe Mode by doing the following :Restart your computerAfter hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;Instead of Windows loading as normal, the Advanced Options Menu should appear;Select the first option, to run Windows in Safe Mode, then press Enter.Choose your usual account. Open the extracted SDFix folder and double click RunThis.bat to start the script. Type Y to begin the cleanup process. It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot. Press any Key and it will restart the PC. When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons. Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will als... Read more

11 more replies
Answer Match 70.98%

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 2013 Mb
Graphics Card: Intel(R) G41 Express Chipset, 782 Mb
Hard Drives: C: Total - 293632 MB, Free - 233705 MB; D: Total - 11509 MB, Free - 1642 MB;
Motherboard: FOXCONN, ETON
Antivirus: Norton 360 Premier Edition, Updated and Enabled
Using Windows media player I visit a internet radio web site and while a piece of music is playing clicked the "add a song to your personal playlist" . A message appears stating that this song has been added.
From this point on I am totally confused.
I am unable to find the song I have added or indeed what playlist it has been aded to.

I am new to Windows Media Player .

Any assistance would be greatly appreciated.

Regards

Flynne
 

A:Windows Media player - creating a playlist using music from an internet radio station

Unless you've integrated Windows Media Player with an unlimited streaming service like Spotify or own all the songs you're adding to a play list, I don't think the feature does anything for you.
 

2 more replies
Answer Match 70.14%

Thanks for any help I can get!

I caught the Windows Recovery Malware and cleaned it up with Malwarebytes software. But now I have Google redirects and a ghost radio that just starts while on my desktop and can not stop unless I silence sound system. I downloaded Hijack This and scanned and have a log file from them. Hijack This direct me to your site. How do I get rid of this?

Thanks again for any help.

A:Google Redirect and Internet Radio Ads

Hello,Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

1 more replies
Answer Match 68.88%

It's time to seek professional help.
When connected to LAN, I am experiencing these symptoms:
- Google redirects using Firefox (only browser I use) intermittantly
- What I call "Pop-Up Radio" - No pop-up window, just pop-up sound, Ads and talk. Browser does not have to be open.
- Real-Time Protection software (MBAM or Norton) blocks repeated intrusion or outgoing attempts to 3 sets of IP addresses: 94.102.60.6, 178.238.36.17, and 112.175.243.22 - by "set" I mean that the last octet varies

Norton Internet Security reports that I am infected by a "Bamital Trojan", and various attempts to remove it, over a couple of weeks, have all failed.

Over the course of 2 weeks, I have tried:
- TDSSkiller and Sophos Anti-Rootkit - found nothing
- Malwarebytes MBAM - ran the trial version of MBAM with "real-time" monitoring - it constantly blocked "outgoing attempts" to the IP addresses described above.
- rkill and then MBAM - still found nothing
- Bit Defender Rescue CD - nothing; Kaspersky Rescue CD would not run.

I had ZoneAlarm Security Suite installed when I got infected - first virus in many years! After the above, I abandoned ZA, and have installed Norton Internet Security 2012, which now blocks the "intrusions", but does not find any virus to remove. Then I tried Norton's tools:
- Norton Power Eraser - finds 3 "BAD" Windows files: explorer.exe, svchost.exe, winlogon.exe.
The Norton recommen... Read more

A:Bamital Trojan, Google Redirect, Phantom "Pop-Up Radio"

Hello and Welcome to the forums!My name is Gringo and I'll be glad to help you with your computer problems.Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Run Combofix:You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<Combofix may need to reboot your computer more than once to do its job this is normal.You can download Combofix from one of these links.Link 1Link 2Link 31. Close any open browsers or any other programs that are open.2. Close/disable all anti virus and anti malware programs so they do not interfere with the runn... Read more

18 more replies
Answer Match 68.88%

Hello, I am in need of assistance for the following issues. I have the same issues as the following thread.

http://www.bleepingcomputer.com/forums/topic398307.html

Basically, it all started with the inabliity to do a control alt delete, then the fakealert trojan and it went from there.

I did run combofix as suggested by a coworker, (this was before I saw that I shouldn't have on the site, my apologies) but I have the log file saved for your reference.

I am currently running Windows XP Pro SP 3 on a Lenovo Thinkpad T410 Intel i5.

I had installed malwarebytes, as well as stinger and AVG. However, in order to run combofix without any issues i uninstalled them before running it. I ran combofix, and I still have the redirect issue which is what brought me to your site. I want to make sure that I am doing this the right way, and would like a professionals help moving forward.

Thank you in advance for your assistance
 

A:Random Radio Ads, Google Redirect, Fake Alert etc.

Can anyone please help me with this?? I noticed 50 views, and no replies.

Thanks in advance!
 

2 more replies
Answer Match 68.04%

Hello everyone, first thank you for reading.
Now I run into this strange errors like the title said, here is what I 've done, use Hijackthis and kill the BHO thing. use the Melwarebyte, btw, this one never helps. Use ccleaner and spybot. TDSSkiller can fix the redirect before but not this time. It cannot even be opened.
Now I found here:
log

----------------------
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Wesley.Sin at 16:01:27.92 on 05/10/2011 Tue
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_25
Microsoft Windows XP Professional 5.1.2600.3.950.886.1033.18.1022.284 [GMT -4:00]
.
AV: Symantec AntiVirus Corporate Edition *Enabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\... Read more

A:Google redirect & script error & radio voice advertisement ?

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

11 more replies
Answer Match 67.2%

Hello, found your site after trying to remove/fix the problem by myself. Wish I knew about you guys before I went through all the steps I've already taken. Hope you can help.

My internet speed is fine. I am experiencing Google redirects to various advertisement sites and antivirus-removal sites. I am also experiencing something that sounds like a radio station playing over my speakers. When I load up anything on the internet, any site, it takes an extremely long time to load. I assume it has something to do with the malware I cannot remove or the loads of anti-virus/malware removal I have downloaded to fix the problem.

I have been using (and pay for) Advanced System Care 5, Norton 360. Trying to resolve the issue myself I have recently started using Spybot and Ad-Aware and when I got frustrated I added Malwarebytes Anti-Malware, SuperAntispyware Professional, Kapersky Security Scan, Norton Power Eraser and even ran ComboFix once. Yes, I'm sorry, I should have gone to the professionals but I didn't know about you guys until now. My programs have removed a number of tracking cookies and I believe it is Spybot that keeps locating something called iCrossrider that it removes frequently.

Other than the issues above, my computer is running fine.

My documents are attached. Please note that GMER did not find anything and did not produce a log. I was only able to save a blank Ark.txt file.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 Bro... Read more

A:Google redirect, slow searches and music/radio playing over speakers

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your computer problems. I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At... Read more

36 more replies
Answer Match 67.2%

Hello,

I am new to this forum and of course in desperate need of some guidance. A few days ago, my husband's laptop (Windows XP SP3) became infected (his Trend Micro subscription expired). He said that while browsing, all of a sudden music and commercials started playing in the background, a small window appeared and stated the system would shut down (there was a countdown timer in the window). Upon reboot, all of his desktop icons were missing, and very few programs appeared in his start menu.

This happened on May 24th. I restored the system to May 21st and most of the desktop icons reappeared (program icons) but many appeared transparent (document icons), and I think all of the Start Menu's programs returned. I later found that the Hidden attribute for the files on the Desktop was turned on, so I turned that attribute back off and those icons reappeared in full. But I could not get rid of the background music/commercials. I also noticed that while I used IE to look for solutions, the popup window which shut down the system would return frequently. I could not download certain software (MalwareBytes) using IE and a lot of times I would get redirected from a Google search. I was able to download MalwareBytes using Safari for Windows. I ran MalwareBytes and corrected some infections, but the problem with the music/commercials and shutdown still remains.

This morning, I shut off the wireless card and I haven't exeperienced these 2 problems, but we really need to ... Read more

A:Google Redirect, Desktop Icons Missing, Radio Plays in Background

Hello Bails and welcome to BC.

Do you still need help?

2 more replies
Answer Match 67.2%

Ive got an unwanted radio station playing on my speakers while computer is on, probably a spyware. tried most spyware scans and still have it, any help is appreciated.
Cheers, Larry
 

A:radio station

Click here to download HJTInstall.exe

Save HJTInstall.exe to your desktop.
Doubleclick on the HJTInstall.exe icon on your desktop.
By default it will install to C:\Program Files\Trend Micro\HijackThis .
Click on Install.
It will create a HijackThis icon on the desktop.
Once installed, it will launch Hijackthis.
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

 

1 more replies
Answer Match 66.36%

Hi there,
is that possible on my/any computer,or could I record first?
Is there a recorder in the computer,this one I found in accessories,is only set for a few seconds?
Would you help please?

A:Burning Cd From Radio Station

Probably not. Most streaming radio stations don't want you to do that because the record industry would go ballistic and try to shut them down.

8 more replies
Answer Match 66.36%

hey i live in the uk and normaly listen to my fav. radio station Metroradio online but for some reason today i can't. it says this when i try to listen:

Cannot open. Please verify that the path and filename are correct and try again. (Error=C00D0029)

COuld somebody please help!
 

A:cant listen to radio station

13 more replies
Answer Match 66.36%

I wirk ata radio station.. some idiot was surfing porn on the weekends, and ever since we have not been able to get rid of these stupid pop up ads.. thy are not dirty,, but adaware adn spybot wont grab them...

this logfile is very sensitive, because a lot of the items that keep our network and stuff running are in here.. its a work computer.. i just want to get rid of the stupid popups.. especially the ones with SOUND.. nothing freaking sucks worse than to be reading a newscast and have sound pop up in the background on the air...



Logfile of HijackThis v1.99.1
Scan saved at 6:48:11 AM, on 6/22/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\WINNT\system32\svchost.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Kyocera Mita\FileUtility\SFUSVC.exe
C:\Program Files\Kyocera Mita\FileUtility\nsCatCom.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Adaptec\EASYCD~1\CreateCD\creat... Read more

A:Radio Station News Guy Needs Help

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should 'not' have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that 'Display the contents of system folders' is checked. If you have Windows XP, the search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that 'Search system folders', 'Search hidden files and folders', and 'Search subfolders' are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work. Make sure to close any open browsers. Go into HijackThis->Config->Misc. Tools->Open process manager. Select the following and click 'K... Read more

3 more replies
Answer Match 66.36%

Hello All

I'm just to this forum but i need help. I want to add Fm Station link from my website but i don't know. Anyone knows the code so i can populate Fm Station online to my website.

Thank you so much for your help.

Gerro
 

A:Radio Station online.

If you are using something like Dreamweaver all you need to do is open the link properties box for the place on the webpage and type in the url (complete with http://)
 

1 more replies
Answer Match 65.52%

Hi,
 
I'm taking this title from an article promoting "River Media Center" and I would like to know 2 things?
 
1. I would like to know how to setup my PC to get my own personal CD collection ripped to my PC in wav format to should as good as downloaded music from Internet Radio stations.
 
The music downloaded from Internet Radio stations always sounds so much better than my music ripped to wav from my CD collection. I did see an article a while back about setting up your PC to get your own music collections to should great, like Internet Radio stations and now can't find it. Does anyone know where I might find such an article? I really want all my music to sound great not just the downloaded Internet Radio stuff.
 
2. Does "River Media Center" accomplish what I'm looking for, Internet Radio station quality music with my own ripped PC collection?
 
That is basically it. Anyone knowing where I might find instructions to accomplish this would be greatly appreciated. Thanks!
 
John

A:How to Get that 'Radio Station Sound' with Your Own Music

A ripped CD that is stored in WAV format should sound 100 times better than internet radio. Most internet radio is barely pushing out 128 kbps or at best 192 kbps audio stream, whereas a ripped CD is pumping out an uncompressed 1411 kbps audio stream. The difference is night and day. I have about 6,000 CDs stored on my system that I ripped myself, some I ripped using dbPowerAmp, and some I ripped using EAC. Both are very good ripping tools. I playback using foobar2000 in a pure WASAPI method, but River Media is really good as well. If you do not like the sound of a ripped CD, then maybe you are doing something wrong. I use an outboard DAC and a Marantz amplifier to playback my files, the sound can be ethereal. Computer based audio is a very big hobby, I have been into it for about 5 years, but I began collecting albums back around 1965, so I have a big head start in this area.
 
 
http://www.computeraudiophile.com/​

1 more replies
Answer Match 65.52%

The radio station doesn't come through the speakers of my computer, as others have in one thread I've found on this site, only my subwoofer. Has anyone else had this problem? Any answers?
Thanks,
Marsha
 

A:Radio station heard through my subwoofer

try moving your woofer and wires around to see if reception varies. You are probably picking up an AM station because something around it is acting like a receiver

Do the wires have a splice anywhere where you twisted them together? Or is the wiring in your house really old - it might not be grounded proper
 

7 more replies
Answer Match 65.52%

This is all new to me but I would like to learn it.

I am listening to music from a radio station using WMP11 and would like to burn it on
a CD. So far I have no success and wonder what I do wrong ?

Can anybody explain me the procedure ? I use WindowsXP and the WMP11.

Thanks for your help

AntonABC
 

A:How to burn music from a radio station ?

8 more replies
Answer Match 65.52%

Hi l jus decided to try streaming from home a radio station but seem l cannot get to connect .l have virtual dj and win amp but still cannot get to start for some reason .any come to my rescue?
 

A:Streaming online radio station

Hi

I tried VDJ and winamp and had a hell of a time getting it to stream, I did google a lot of pages and realised that there is a lot of things to tweak to get it working, follow this link, I admit I gave up in the end as it was more trouble than it was worth but i think I did once get it to work...just the once.

Oh and dont forget you have to open ports in your firewall and your router if you use one...

Regards
 

2 more replies
Answer Match 65.52%

Hello,
 
I have noticed a faint radio station playing in the background of my computer for the past 3 weeks or so and am having a hard time getting it to go away. I have logitech external speakers plugged in and thought it was just weird radio interference, but then i unplugged them the radio station started to play on the computers internal speaker instead. I disable the internet for about 5 minutes and it continued to play. Funny thing is, the radio host is talking about current events so i know it is a somewhat live stream.
 
This is a win 7 64bit operation system on a HP xw4400 Workstation. I am currently running Trend Micro Security Agent and i have tried many different removal tools such as
Malwarebytes
superantispyware
Kaspersky tdskiller
combofix
trend rootkit buster
hijack this
and a few more things. nothing really turns it off.
 
Any ideas?
Thanks
Jeff
 

A:Radio station is playing in the background Win 7

Hi and welcome.
 
Please download Farbar Recovery Scan Tool and save it to your desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to disclaimer.
Make sure that under Optional Scans, there is a checkmark on Addition.txt and Shortcut.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The tool will also produce another two logs (Addition.txt and Shortcut.txt). Please attach these to your reply.

 
 

13 more replies
Answer Match 65.52%

it's a Dell, Windows 7, a radio is playing somewhere - slightly off the station of course -- and it doesn't show up in task manager or YIM - yet always comes on at boot.
 

More replies
Answer Match 65.52%

How can I make a shortcut to open Tunein radio to a particular station?
tcebob

A:Tunein radio shortcut to station

Originally Posted by tcebob


How can I make a shortcut to open Tunein radio to a particular station?
tcebob



I am not familiar with Tunein radio, but if you know the streaming link, paste that link in notepad, save it (as txt file) and modify .txt in .m3u.
Associate .m3u extension to your favorite player such as the VLC player.

3 more replies
Answer Match 65.52%

Problem just started a few days ago. When ever I log onto the web, I am receiving an intermitten radio station coming thru my speakers in the background. I have used "Malware Bytes Anti Malware" but no success. I have changed speakers, used headphones but to no avail. I am very certain this is not a bleed over thru my speakers from the radio station. I do have an anti-virus running (AVG) but this has not stopped the radio bleed thru. I am using a Vista operating system with Firefox. Any advice?

A:Intermitten radio station bleeding thru my pc

Are you using wireless to connect to the net?

1 more replies
Answer Match 65.52%

Hi,

I am facing an issue in my laptop where i am hearing radio sound even when i am not connected to the internet. This has been happening since yesterday.

I have run Malwarebytes Anti Malware software today and it has tracked and removed a lot of spyware. But, still i hear this radio sound. I have also run the SUPERAntiSpyware Free Edition.

I am attaching the hijackThis, DDS and GMER logs as below. If you need anything else, please let me know.

Please help in removing this malware. The system performance is deteriorating.

hijackThis log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at PM 06:50:28, on 28-12-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\Rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\A... Read more

A:Radio Station Malware in laptop

Hiya and welcome to Tech Support Guy

Are you still having this problem? If so, can you do the following first:

---

Your Java is out of date, so lets do that first:

Upgrade Java : (32 bits)

Download the latest version of Java SE Runtime Environment (JRE) JRE 7 Update 45 .
Under the JAVA Platform Standard Edition, click the "Download JRE" button to the right.
Accept License Agreement.".
Click on the link to download Windows Offline Installation 32 bit ( jre-7u45-windows-i586.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java version.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on the download to install the newest version.(Vista or Win 7 users, right click on the jre-7u45-windows-i586.exe and select "Run as an Administrator.")
Don't install any of the toolbars that are offered.
After doing the above, for the remains of the Java, can you do this:

Open Java in the Control Panel and under the General tab, under Temporary Internet Files, click the Settings button. Then click on Delete Files.

Make sure both of these options are chec... Read more

1 more replies
Answer Match 64.68%

I just installed a new hard drive and re-installed XP SP3. For some reason a radio station I use off the MS Station Guide won't play on the media player like it did before on the old drive. Instead, the pop-up blocker comes up asking if I want to install some files. I went ahead and clicked to install and nothing happens.

A:Media Player 11 won't play radio station

What are you referring to as "pop-up blocker"? And what files does it ask you to install? You may be missing a codec.

3 more replies
Answer Match 64.68%

Greetings all T.S.G fans.

I have an inquiry, that I'm hoping somebody can shed some light on.

I've always wanted to start my own internet radio station.

The problem is finding a suitable application that is, dare I say it, 'Freeware'

If anyone can point me in the right direction, please let me know.

Thanks
 

More replies
Answer Match 64.68%

On a different Win7 computer I broadcast a station via the internet through a LPFM transmitter. I use windows media player buffered to 60 seconds.

Once every day or two the program on the internet will apparently stop resulting obviously in dead air until I can return home later in the day to click the media player icon on the broadcast stream again. This program uses "via streaming" (Shoutcast server). My incoming connection speed is 12Mbps or more.

I am wondering if there is some kind of software I could use that could automatically re-connect to the stream after say 30 seconds of silence as that reconnection is all it needs to get the program going again. Hoping I have provided the necessary information and that someone can help. I would certainly appreciate any suggestions. Many thanks....
 

A:Streaming internet radio station stops.

If there was anything available it would most likely be from the manufacturer of the transmitter device, don't know if windows has anyway to detect that. What if you just reset the stream before leaving the house? Maybe a daily reset will keep it active long enough? Or you could remote desktop into the computer and reset the stream?
 

2 more replies
Answer Match 64.68%

I listen daily to an i/net radio station. Recently,the station has re-hashed it's website & has a 'new look', & also the previous link via. ''Loud City' has been closed. Over the last 4 days, after opening the new site to listen,i've had a message pop-up in a new tab :- ''Reported web forgery''.
There's nothing fraudulent about the radio site,so why should i be getting this message ?. One further point,i don't click on either of the 2
boxes to close the message,i just close the new tab completely. Is this some form of 'phishing' going on ?,
                                                                                                                                                             ... Read more

A:I/net radio station page - 'Reported web forgery'

Hello Saska
What is making this report? These pages are usually malicious pages. They may change your homepage, install addons and infect your PC so we should scan.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory size.Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Download TDSSKiller and save it to your desktop.Extract (unzip) its contents to your desktop.Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.If an infected file is detected, the default action will be Cure, click on Continue.If a suspicious file is detected, the default action will be Skip, click on Continue.It may ask you to reboot the computer to complete the process. Click on Reboot Now.If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here..
.
.
ADW Cleaner

... Read more

3 more replies
Answer Match 64.68%

Hey guys!
I really need your help. I have been working an a radio station of mine for the past year or so, creating websites, applications and the like. The station is due to be launched in a week or so and right at the last moment something has gone wrong!
Im at my wits end and I really dont know why it isnt working, heres the details:
Im broadcasting on port 8001 which I have forwarded in my NETGEAR router to 192.168.1.2 (the computer with the server running on it)
It was working about 2 days ago perfectly, but then all of a sudden it has stopped! The port is still accessable (checked using port forwarding tool) and I can access my router configuration page from outside my LAN too. I have tried a DMZ to my server on my LAN too, and even tried different servers with no luck! No firewalls enabled, nothing! I have even tried different ports too..

I just cannot access the stream of audio from my server- neither can anyone else!

Please, any help AT ALL would be most appreciated. I have probably missed something small but bear in mind it WAS working 2 days ago!

Please save my station! No one here can figure out what the hells going on!

Thank you in advance!
 

More replies
Answer Match 64.68%

I need help on how to create the radio station. I know it's basic stuff but for someone who did not know what 'burning a CD' meant a few minutes ago this is a massive jump in the dark. I'll tell you what I have done so far in the hope you will be able to help me.
1. I downloaded musicMatch jukebox and burned several CDs onto my hard drive; (don't laugh, I don't know all the technical jargon lol)
2. I traced the cds to a folder called My Music;
3. I then 'MOVED'the files individually (each file contained a CD) into the audio folder in error (because that was what someone said you should do on another site);
4. I then dragged the music files into the mp3 folder. from the audio folder;

Each of the individual cds are listed there. I have the mp3 text file in the folder also. But I don't know what to do from here. I'm assuming the music files I've downloaded automatically became mp.3 files but I could be wrong because the custom channel has not appeared on the game. I've pressed F9 and scrolled down in an attempt to find the MP3 radio channel

I don't know what I'vedone wrong.
I've obviously missed something.
Any gurus have any ideas?
Thanks in advance.
 

A:GTA Vice city MP3 radio station won't work

How do I play my own MP3s in the game?
There is a folder inside the GTA Vice City game folder called MP3. You can place your own MP3s into this folder. Inside the game, scroll through the various radio stations until you get to the one that is usually the last one ("Wave 103"). There will now be a new station listed as MP3 Player after the Wave 103 station. Select this, and you're now listening to whatever music you placed into that folder. It will play in random order.Click to expand...

This quote is directly from Rockstar Games support site. If the files that you copied from their CD's are indeed .mp3 files then they should play randomly on the radio station named "mp3".
 

3 more replies
Answer Match 64.68%

I've been conversing with the owner of an internet radio stream http://199.16.186.34:8104 About three weeks ago, this station began constantly skipping/buffering when listening. I contacted the owner & we've tried me pinging their ISP which gave me the following result:

Target Name: echo1.serverhostingcenter.com
IP: 199.16.186.34
Date/Time: 11/3/2011 9:32:26 PM

1 1 ms 1 ms 1 ms [192.168.1.1]
2 18 ms 18 ms 17 ms cable1-0.ptfdmagb-ar4001.nyroc.rr.com [74.70.128.1]
3 169 ms 192 ms 172 ms gig3-1.pit6500.twalb.com [24.29.44.81]
4 174 ms 206 ms 160 ms rdc-74-76-242-224.alb.northeast.rr.com [74.76.242.224]
5 171 ms 198 ms 184 ms rdc-74-76-241-178.alb.northeast.rr.com [74.76.241.178]
6 170 ms 202 ms 191 ms rdc-74-76-241-193.alb.northeast.rr.com [74.76.241.193]
7 187 ms 221 ms 211 ms [107.14.19.26]
8 187 ms 195 ms 220 ms ae-0-0.pr0.nyc30.tbone.rr.com [66.109.6.159]
9 221 ms 209 ms 226 ms xe-4-2-0.edge2.Newark1.Level3.net [4.59.20.157]
10 225 ms 218 ms 218 ms ae-31-51.ebr1.Newark1.Level3.net [4.69.156.30]
11 215 ms 216 ms 209 ms ae-2-2.ebr1.NewYork1.Level3.net [4.69.132.97]
12 290 ms 216 ms 204 ms ae-7-7.car2.Detroit1.Level3.net [4.69.133.249]
13 268 ms 229 ms 205 ms WAVEFORM-TE.car2.Detroit1.Level3.net [4.53.74.174]
14 249 ms 212 ms 200 ms g2-0.core1.troy2.waveform.net [208.92.220.173]
15 249 ms 200 ms 212 ms g4-1.agr1.troy2.waveform.net [208.92.220.198]
16 255 ms 222 ms 217 ms ... Read more

A:Internet radio station skips on computers

Im listening to it with WMP9 and its playing fine!

128k stream and sounds EXCELLENT!!
Been listening for 5 minutes now.... I LOVE THE MUSIC!!
Try using WMP to listen to this stream,open WMP and click TOOLS/OPTIONS/PERFORMANCE and choose "DETECT CONNECTION SPEED" .. That will tell your player to sense what speed the stream is at and will allow @ LEAST that much stream from YOUR END to support the stream w/o skipping,etc

Then click FILE/OPEN URL and enter the url in...
Thanx for the link and good luck

5 more replies
Answer Match 64.26%

This has happened to me twice in the past three hours.
I'm aware my dad opened some attachment to an email he shouldn't have.
I cleared all that out via Mcafee/Ad-Aware/Registry Mechanic.

But now there's random intervals of what sounds like a canadian radio station lasting about 5 minutes.

Here is my HJT scan thingy.
I have no idea what to do with it?

Anything is appreciated, thanks. :]
 

A:Radio station playing through headset, no programs running

HijackThis v1.99.1Click to expand...

Please un-install your old version of HJT then...

Have a look at:

UPDATED 8-step Viruses/Spyware/Malware Preliminary Removal Instructions
 

1 more replies
Answer Match 64.26%

Hello.  My daughters laptop has something weird going on.  I suspect it's a virus and/or malware.  I have done everything and you are my last hope.  I have run about six different virus/malware softwares and all of them say I am Virus (malware) FREE!!  Yeah!  But it still has this stupid radio station running the minute it connects to the internet.  Sometimes there are two or three stations running over top of each other... very annoying and she can hardly use it.  PLEASE, can you help me?  I am not all that computer educated and I need help!
It is a Dell Inspiron running Windows Vista Home Basic with Service Pack 2.  It has 3 GB of memory abd a 32-bit Operating system.
 
Thanks for ANY help you can provide!
 
Nancy
 

A:Laptop is Playing Radio Station(s) with No Program Showing

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.* Double-click mbam-setup.exe and follow the prompts to install the program.* At the end, be sure a checkmark is placed next to Up... Read more

17 more replies
Answer Match 64.26%

Hi. This might be a minor annoyance, but I am unable to remove a radio station in Media Player (v9). Also, since I have the max number of 10, I can't add any more.

Has anyone else run across this issue, and have you found a solution?

Thanks very much,
stuarth
 

More replies
Answer Match 64.26%

Hi,
 
My computer starting randomly playing a radio station. I have rum malewarebytes, AVG, and TDSSKiller all saying that the PC is virus free yet the radio keeps playing. Please any advice on how to remove.

A:PC plays random radio station with no program running?

Hi Buckycat Matt, and welcome to Bleeping Computer.
 
Is you ISP on cable?
 
If they are you can use a FM trap to resolve this.

23 more replies
Answer Match 64.26%

Hi,
 
As instructed by user - xXToffeeXx , i am re-posting the issue in this forum for removing malware. The earlier topic was in http://www.bleepingcomputer.com/forums/t/518815/rogue-radio-station-virus-playing-in-the-laptop/
 
Please help. You may close the earlier topic, if any one of you can help me out here. The laptop is troubling me a lot.
 
I am facing an issue in my laptop where i am hearing radio sound even when i am not connected to the internet. This has been happening since last 2 days. 
I have run Malwarebytes Anti Malware software yesterday and it has tracked and removed a lot of spyware. But, still i hear this radio sound. I have also run the SUPERAntiSpyware Free Edition.
 
The radio station issue that i am referring here looks to me same as http://www.bleepingcomputer.com/forums/t/493820/computer-plays-radio-stations-without-a-program-running/
 
I am attaching the hijackThis, DDS and GMER logs as below. If you need anything else, please let me know.
 
Please help in removing this malware. The system performance is deteriorating.
 
hijackThis log
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at PM 06:50:28, on 28-12-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
 
Running processes:
C:\Windows\SysWOW64\Rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
... Read more

A:Rogue 'Radio Station' virus playing in the laptop

Hello lastchristmas I would like to welcome you to the Malware Removal section of the forum.Around here they call me Gringo and I will be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the ... Read more

16 more replies
Answer Match 64.26%

Hi, I am facing an issue in my laptop where i am hearing radio sound even when i am not connected to the internet. This has been happening since yesterday. To add, in the Open Volume Mixer - i can see a column (name not available) - which is in fact the rogue sound. I have put it on mute and then there is no radio sound. However, the system performance is detiriorating. I have run Malwarebytes Anti Malware software today and it has tracked and removed a lot of spyware. But, still i hear this radio sound. I have a Sony Vaio laptop - Windows 7 Home Basic 64 bit Malwarebytes also blocks a lot of outgoing traffic for iexplorer.exeSo, i thought that issue was with IE and i tried to uninstall IE version 11. But, i could not uninstall it completely. Also, i could not also put this feature off in Windows for the same reason.  Can you please help me in : 1. Solving the issue with the radio sound in my laptop.2. Also, uninstalling IE 11 from my laptop completely, and/or putting IE 11 feature off from the Windows feature. Please let me know the next steps so that the issue can be resolved. Regards,lastchristmasEdit: Moved topic from Windows 7 to the more appropriate forum. ~ Animal

A:Rogue 'Radio Station' virus playing in the laptop

What kind of gadgets or widgets are you using? Maybe you got a media player running at start up. Some chat programs also have a internet radio built it. Like AIM, Yahoo, MSN chat to name a few. Since you mentioned that you have a Sony Vaio I am guessing that you have a built in tv tuner/radio. You will have to refer to your manuals/cd's to install the driver and get it's functionality back, so you can properly disable or shut off the audio aspect of it. If no CD, then google the model of the laptop and the word drivers. (XXXXX drivers) and go to the Sony Vaio support website to download them.
 
As for your issue with Internet Explore you can uninstall it in add/remove. Be sure to download an alternate internet browser prior to doing all this. Click on start button or hit the Windows key. Type in appwiz.cpl (hit enter). Next, over on the left panel click on the 'Turn Windows features on and off'. Once that loads search for Internet Explore and uncheck the box to it. Hit apply and ok and close out the appwiz. Done

7 more replies
Answer Match 64.26%

Hi folks, each time I try to listen to any radio station or click on a video link nothing happens. I used to lieten and watch to these in the past, but I don't know what the problem is now. it seems to be my computer doesn't like stm# or # suffixes, any ideas?

cheers
 

More replies
Answer Match 64.26%

Hi there,
I started a post already, but replied to my original message to add info....looking back a the welcome guide I see that I shouldn't have done that so I'm re-posting....hope that doesn't cause too much confusion.

Hoping someone can help?
I have a radio station that plays constantly on my computer & I have no idea where it came from or how to make it stop. It will start playing without any programs being opened.
Any scan I use doesn't seem to stop it (Spyware Doctor etc).
Also, pop ups appear asking for confirmation to add websites to my favourites list, usually porn related based on what the titles are.
Operating system is Windows XP.
Below is my HJT report.
Thanks!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:26:45 AM, on 29/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL... Read more

A:Radio station plays constantly + add to favourites requests

Hi Welcome to TSG!!
Download SDFix and save it to your Desktop.
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix and remove some of its embedded files which may cause "unpredictable results".
Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
Remember to re-enable the protection again afterwards before connecting to the Internet.

Double click SDFix.exe and choose Install to extract it to its own folder on the Desktop. Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, a menu with options should appear;
Select the first option, to run Windows in Safe Mode, then press "Enter".
Choose your usual account.

Open the c:\SDFix folder and double click RunThis.cmd to start the script.
Type Y to begin the script.
It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
Your system will take longer that normal to restart as the fixtool will be running and removing files.
When the desktop loads the Fixtool ... Read more

1 more replies
Answer Match 64.26%

Hi All, I had this problem this morning, but I have been noticing some browser windows that pop-up for the last week. The laptop is running, on and off, some 'radio station' which I have no idea about. The problem is specific to the laptop as I am not having it with my desktop. I am pasting the HijackThis log below. Please advise: Logfile of Trend Micro HijackThis v2.0.2Scan saved at 23:08:25, on 07/06/2009Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18226)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\RtHDVCpl.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Windows\system32\taskeng.exeC:\Windows\FixCamera.exeC:\Windows\tsnp325.exeC:\Windows\vsnp325.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Windows\ehome\ehtray.exeC:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEC:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.acC:\Windows\ehome\ehmsas.exeC:\Windows\system32\wbem\... Read more

A:Laptop playing a radio station - HijackThis log Posted

Hi, I just wanted to update my post. It seems its not a 'live' radio station, because the same programs/music is being repeated. It originally sounded to me as if its playing a radio station. I hope this and the previous details will help in getting some feedback on this. Thanks.===========Hello While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large as are other comparable sites that help others with malware issues. Although our HJT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, neither... Read more

3 more replies
Answer Match 64.26%

I know how to broadcast music using a simple server and a add on for winamp. I can stream mp3 music to poeple but they need to have winamp.

Is there a way to broadcast music to people who use the windows media player? Maybe an add on for winamp??
 

More replies
Answer Match 64.26%

I'd like to have my notebook 'self-record' an audio stream that I receive from the radio station's web page (AM radio). What I'd like to record would not be made available later on-line.
 
I'm willing to look for the software but I'm not sure what the process would be called. I'm not very familiar with streaming software. I'm using Windows 7 Pro/64.
 
Thanks.

A:Would like to have computer record streamed audio of radio station. Possible?

https://www.google.com/search?q=software+for+capturing+audio+streaming&ie=utf-8&oe=utf-8&aq=t&rls={moz:distributionID}:{moz:locale}:{moz:official}&safe=active&gws_rd=ssl
I have not vetted any of these web sites.  Hope one of them points to the software you believe will work best for you.

4 more replies
Answer Match 64.26%

Hi,

I'm not sure if this the right place to ask this question or not but I'm really frustrated with this problem for weeks that I'm trying to solve.

My problem is that I want to listen to an oversea radio station using their application (in this case a popup window player -much like player365), however, the stream kept on buffering most of the time... making the playback slow to a halt every 5 seconds or so.

Is there anyway to bypass/fix this problem? I think the main reason for this problem could be due by busy server in my area since I live in CA which is really populated. Usually in the morning, it tend to be a little better but no luck during summer time.

I have no problems listening to other radio stations online though, even using WMA player or Real Player etc.

Can anyone help me?

Could switching proxy helps with this problem? I have hide IP platinum. Any trick to get around the problem?

Eve
 

More replies
Answer Match 62.58%

my desktop icons and start tab are gone. Radio station plays constantly even when i'm not on net. None of my virus programs will run. HJT wont run. HELP
 

More replies
Answer Match 55.44%

I have a friends PC. It is an;eMachinesVista home SP2I.E. 8It has a constant redirect to bogus search sites. It also seems to block any attempt to reach MS updates. Did a scan with HiJack This, MalwareBytes, Spybot, and Panda Cloud. Got rid of everything that was flagged or looked suspicious.Any help would be appreciated. I'm at a loss.Thanks,EDDDS (Ver_10-03-17.01) - NTFSx86 Run by ADMIN at 7:44:27.88 on Mon 08/23/2010Internet Explorer: 8.0.6001.18928 BrowserJavaVersion: 1.6.0_18Microsoft? Windows Vista? Home Basic 6.0.6002.2.1252.1.1033.18.1790.1033 [GMT -5:00]SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\rundll32.exeC:\Windows\system32\svchost.exe -k NetworkService... Read more

A:Constant Redirect to bogus search

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The ap... Read more

3 more replies
Answer Match 55.02%

Hello,
 
I run a Dell Inspirion 530, 32-bit os, Intel Core 2 Duo CPU
 
About 4 days ago(January 27th) I was playing a computer game called "Wartune" on my computer, I was also searching a wiki about the game and I had the wiki open for a few minutes when all of a sudden, the wiki window changes to a bougs AV software ad, I didn't take a picture, but I do have the link. I ran the link through virustotal right away and it said it was safe, ran the link again through recently and it looks bad. If needed, I can give it, don't want anyone clicking it.
 
I remember accidentally clicking an ad in a wiki about 5 days ago for a video game, got lead to a "404 page", ran that link through virustotal and it had a download attached to it, some kind of ".dll" file.
 
About 3 days ago, the computer wouldn't start up properly, got a 3 minute black screen as well before the computer started working.
 
Yesterday, I updated and ran rougekiller and it found some wierd crap in the drivers section.  I decided to go here instead of trying to fix it myself.
 
So far I have run
Rougekiller
MSE
TDSS
 
Thank you for taking a look at this and hope this can be figured out.

A:Bogus Anti-virus software redirect

Hey Dude -
Not sure why or in what order you ran those programs, but lets start at the beginning.
A few tools to look at your system, and then some basic removal tools -
Please download all listed tools to Desktop in the order listed, unless asked.
XP users should double click on tools to run them, while Vista, Win7/8 users Right click on the exe icon and select Run as administrator.
You may wish to print this page, and if you have any questions or problems, please post them.
Please use Copy and Paste for all logs -
 
First -
Download Screen317 Security Check and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Please post the contents of that document.
Note:: If a security program requests permission to access the Internet, allow it to do so.
 
Next -
Please download MiniToolBox to run it.
Checkmark following boxes:
* List content of Hosts
* List last 10 Event Viewer log
* List Installed Programs
* List Devices (do NOT change any settings here)
* List Users, Partitions and Memory size.
Click Go and post the result. (result.txt)
 
Next -
Please download and run RKill by Grinler.
A black DOS box will briefly flash and then disappear.
This is normal and indicates the tool ran successfully.
At most the tool will run for about 2 minutes
RKill logs will open, please post them back here.
 
Important: Do not reboo... Read more

13 more replies
Answer Match 55.02%

Hi, i got this problem of google.com search links redirecting to bogus ads sites. It also does it to bing.com search links. However, yahoo.com search links were unaffected.
(I've only tried these 3)
Disabling javascripts seems to stop the redirecting

I followed the steps in the stickied post.
Here are the following hijackthis log, DDS.text and attach.text

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:49:24 AM, on 10/16/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
D:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\XFastUsb\XFastUsb.exe
C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe
C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
D:\Program Files (x86)\Razer\Salmosa\razerhid.exe
D:\Program Files (x86)\Logitech\G930\G930.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe
D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
D:\Program Files (x86)\R... Read more

A:Search links redirect to bogus ads sites

7 more replies
Answer Match 54.6%

Can SOMEONE PLEASE help me???
When I try to GOOGLE something, I get the normal results that I expect to get ON THE FIRST TRY ONLY. But if I 'refine' my search, I get results with links that take me to 'monstermarketplace, couponmountain, toseeka.com, antivirus2009, etc.
I know NOTHING of computers.
I HAVE already downloaded 'hijackthis', and I am able to done the scans. The scan results come up in 'notepad', but I don't know what to do after that.
Can ANYBODY PLEASE HELP?? this is SUPER FRUSTRATING.

thanks...
moozicdood

A:Bogus Google results

Hi and welcome to BleepingComputer The process of cleaning your computer may require temporarily disabliling some security programs. If you are using SpyBot Search and Destroy, please refer to Note 2 at the bottom of this page.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Result... Read more

1 more replies
Answer Match 54.6%

Hello, I know that I have unintentionally installed some kind of malware/adware while downloading a torrent file, (stupid me).I've tried several cleaning solutions:Malwarebytes Anti-MalwareXoftspy SEKaspersky Virus Removal toolWebroot Window WasheretcSome say I have issues, but dont specify, and and some dont.I've gone through the task manager, and nothing is new or unfamiliar in there, (and I check regularly)I just want to stop the redirects. I found this topic here: Similar post on this boardBut that was geared to WinXp which I now don't runI'm on Windows 7 Pro, and would like any suggestions/help beyond being told to wipe the HDD...unless thats the last option.Any help is appreciated, Thanks!SkotEdit: Moved topic from Win 7 to the more appropriate forum. ~ Animal

A:Redirect Questions from a Noob

Hello.Are you using a router in your home?Let's try this as well.Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Be sure to download TDSSKiller.exe from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.If TDSSKiller does not run, try renaming it.To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.Click the Start Scan button.Do not use the computer during the scanIf the scan completes with nothing found, click Close to exit.If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).Copy and paste the contents of that file in your next reply.~BladeIn your next reply, please include the following:TDSSKiller log

1 more replies
Answer Match 54.18%

I have a similar problem to this post. Have not been able to remove it all day.

I only notice it working in Firefox.

http://forums.techguy.org/virus-other-malware-removal/1022515-search-links-redirect-bogus-ads.html

No idea how it started.

Goes to links like this (dont click!!)

(don't click) http://www.search-fast-results.com/jump1/?affiliate=mstorn90&subid=45792&terms=cat%20acne&sid=Z398044425%40EzX3ITN1kDOz8lN1MzMfJTMfJTNy81N2kzMygDOxMTM&a=zfgbea40&mr=1&rc=0

I don't appear to have the exact same issue as this guy, since it didn't find the same host file problems that most other people have.

Here are my steps to your sticky.

ogfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:53:25 PM, on 10/16/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16869)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\hpdocstart.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java ... Read more

A:Search Links also redirect to bogus websites - Part 2?

9 more replies
Answer Match 54.18%

This pest seems to be a frequent problem on this forum. I've tried several malware removal tools, made sure my firewall is working correctly, and made sure my anti-virus is updated, but have had no luck in removing this pest. Please help me if you can. I would love to have my machine back.Here is my dds.txt.DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_13Run by Brian at 13:05:54 on 2011-09-10Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3070.2039 [GMT -7:00].AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}FW: McAfee Firewall *Enabled* .============== Running Processes ===============.C:\WINDOWS\system32\svchost -k DcomLaunchSVCHOST.EXEC:\WINDOWS\System32\svchost.exe -k netsvcsSVCHOST.EXESVCHOST.EXEC:\WINDOWS\system32\spoolsv.exeSVCHOST.EXEC:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\CTsvcCDA.EXEC:\Program Files\Intel\Intel Application Accelerator\iaantmon.exeC:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\... Read more

A:Searched Links Randomly Redirect to Bogus Websites

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

14 more replies
Answer Match 54.18%

Hi there,This looks like a great help site. I hope you can help.I used to consider myself fairly computer literate, however, I'm beginning to wonder. An associate of mine has evidently acquired a rather nasty, and very tenacious virus that appears to be, from what I have read so far, a "redirect virus", and the symptoms appear to be the same as one of the posts I read that dubbed it "The Google Redirect Virus".I have run Avast! AV, Spybot, AdAware, and Malwarebytes Anti-Malware, both from the normal windows environment, and from Safe Mode, and also have run those that provide the option as a boot scan ... I have also searched for everyone suspicious file (and found number of them) and deleted or quarantined them, but have not been able to find and/or eradicate this stinkin' virus.I have read the instructions provided on your site, and believe I correctly followed them:- Downloaded Defogger, DDS, and GMER;- run each of them in the order given, and saved the reports as indicated;- downloaded RKUnHooker, but HAVE NOT run it yet- registered on this site (obviously);- Posting this new topic- Pasting the DDS.txt file copy below;- Attaching the zipped ATTACH.txt file.The following is the cut-n-pasted text from the DDS.txt file:--------------------------------DDS (Ver_10-03-17.01) - NTFSx86 Run by Sherry at 14:31:03.39 on Sat 09/18/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.429 [GMT -7:00]... Read more

A:Need help removing Redirect Virus plus Bogus AV Alert Warning

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The ap... Read more

19 more replies
Answer Match 53.76%

When I do a google search, I get results that are not from google. Same search on other computer gives correct results.

Problem started on 12/27/08, about midday.

Bogus google results are from such website as:

toseeka

couponmountain

shipica
I ran spybot and malwarebytes scans. Maywalbytes found nothing. Spybot found a couple of things. I let it fix those things, but problem is still here.

Thanks in advance for any help you can provide.
DDS (Version 1.1.0) - NTFSx86
Run by Owner at 14:04:16.81 on Mon 12/29/2008
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1918.1389 [GMT -8:00]
============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\ehome\ehtray.exe... Read more

A:Web Search - Bogus Google results

I have decided to just reformat my hard drive and reinstall the operating system. Thanks just the same!

2 more replies
Answer Match 53.76%

Hi,

When I access Google.com from either IE7 or FireFox 3, I get bogus results for anything I search for. For example, if I search for 'wikipedia' I get, as the first three results:

bottomdollar.com
find-more-here.com
crackle.com/c/the_karate_kid_i

etc ..

I believe it is the result of either installing a codec (I think it was ac3) in response to a movie DL'ed from piratebay or visiting 'p*rntube.com' or something like that. I was running bitdefender 10 at the time, though it was uninstalled when I get the log dump. I have since removed the codec. I have done a full kaspersky scan, bitdefender 10 scan and adaware scan, but they don't find anything.

AltaVista is OK, etc.

Other things I noticed. The microsoft updater did a 'funny' update about that time. I didn't look like the usual, but I trusted it because it sort of looked like the MS updater.

Any help would be appreciated.

Thanks,

Brad

Please find below DDS and access logs. The Online Kasperky scann yielded no viruses.

Oh, also, I had Kaspersky 10 installed, but I had to uninstall it in order to run the free online scan. klif.ddl kept giving me a BSOD.

===============
Monday, December 15, 2008
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, December 15, 2008 05:35:27
Records in database: 1461989


Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases ... Read more

A:Bogus Search Results from Google.com

Hi,

I have fixed the problem by running Malware Byte's anti malware

The problem looks like it was one of these, I'm going with the Rootkit.Agent

Files Infected:
C:\WINDOWS\system32\sysaudio.sys (Rootkit.Agent) -> Quarantined and deleted successfully.

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent)

2 more replies
Answer Match 53.76%

I am experiencing a problem with my PC in that it running slowly when connected to the internet and the main Google search page displays "Introducing... Our new online casino!" (this shows twice with Opera and once with Internet Explorer), with the link pointing to <hxxp://216.240.159.88/gogo.php?id=2522782>.I have tried scanning (both in normal and in safe mode) with Norton Antivirus 2002, AVG Free 8.5, Spybot Search & Destroy 1.6.2 and Ad-Aware 2008 (Free) to no avail. One scan I did a week or two ago with either Spybot or Ad-Aware picked up something called Adware (sorry to be vague on this, but I didn't make a note of this at the time and I can't find a logfile on my PC with the information) and three associated executables, one of which I think was called 404fix.exe. The repair was rather short-lived, as the problem came back after a day or two, and now the scans I do find nothing of any relevance.Here is my HJT log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 00:52:05, on 19/05/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\system32\spoolsv.exec:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exe... Read more

A:Possible trojan and bogus Google links

A couple of things occurred to me after I posted the above message that hopefully might throw a bit more light on what's happening:

Firstly, when I said that my PC was slow when connected to the internet, it's not slow on all sites, just certain ones - and they are all Google related - that is, the main Google site; (sometimes but not always) the search results and certain sites that make use of Google AdSense.

Secondly, every time I shut down my PC after being connected to the internet, it gives me a message that it is installing update 1 of 1. There can't be that many updates to instal, so presumably it is either trying to instal the one update and failing each time, or it's doing something else.

15 more replies
Answer Match 53.76%

Two issues using both IE7 and Firefox3.0.4:1. Google results redirecting via copy-book.com (can be seen connecting to copy-book.com via status bar)2. Windows Update redirects to msn.com------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------Malwarebytes' Anti-Malware 1.30Database version: 1419Windows 5.1.2600 Service Pack 316/12/2008 7:06:20 PMmbam-log-2008-12-16 (19-06-20).txtScan type: Quick ScanObjects scanned: 61572Time elapsed: 3 minute(s), 38 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 6Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.105 85.255.112.186 1.2.3.4 -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{d9d40769-8208-4e7a-936c-859fc057bd18}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.105 85.255.112.186 1.2.3.4 -> Quarant... Read more

A:Google Copy-book.com redirect & Windows Update redirect

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Thanks and again sorry for the delay.First,Download GMER Rootkit Scanner from here. Extract the contents of the zipped file to the desktop. Double click GMER.exe and if you are asked if you want to allow gmer.sys driver to load, please allow it to do so. If it gives you a warning about rootkit activity and asks if you want to run scan, please click on NO. In the right panel you will see several boxes that have been checked. Uncheck the following the following checkboxes: Sections IAT/EAT Drives/Partition other than Systemdrive (typically C:\) Show All (don't miss this one) Now click on the Scan button and wait for it to finish. Once done click on the [Save..] button, and in the File name area, type in ark.txt and save it to your desktop.Please note that rootkit scans often pro... Read more

1 more replies
Answer Match 53.34%

Hi there and thank you,

My computer recently starting doing the following:

1. It redirects to advertisements from searches (eg: hxxp:
finditand.com)

2. Sent False Emails with a nasty link to Facebook friends

3. Get Numerous "http 404" sites that pop up

4. I may have a "specific911 hijack" (my spyare doctor found and
quarantined it), but it is still causing great problems.

I've followed the 5 steps as best as best as I could. Below is my HiJackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:32:24 AM, on 10/5/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Charter\InstaLAN\AffinegyService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\PROGRA~1\... Read more

A:Google Redirecting/Sending bogus emails...

Hello and welcome to TSF.

This is identified as a common infection spread via FaceBook and MySpace.

Scan with HijackThis and put a checkmark against the following entries:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8181
O4 - HKLM\..\Run: [sysftray2] C:\windows\bolivar19.exe
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\Program Files\TinyProxy\TinyProxy.exe

Close all browsers and windows other than HijackThis and click on 'fix checked'. Exit HijackThis.

=======================

Restart your computer.

=======================

Using Windows Explorer (right click on Start, click on Explore) navigate to locate and delete the following folder and files if still present:

C:\Program Files\TinyProxy
C:\Windows\fmark2.dat
C:\Windows\Kenny**.exe ( ** stand for a numbers such as 16, 17, 18..)

Note: If you run into problem deleting the TinyProxy folder, try it in Safe Mode.

Safe Mode instructions:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.

==========================

If you experience connection problems afterwards (browsing):

In IE:

Go to Tools> Internet Options > Connections Tab... Read more

2 more replies
Answer Match 53.34%

Help! there is a dramatic change in Google search results -- I put in any topic and at least the top 10 results are often bogus URLs that lead you to commercial sites and even a fake antivirus download that tells you that you have tons of viruses, worms, etc. As someone wrote on a different site: "Search term "Raising Money Smart Kids" (book title) yields an Amazon.com page title and description but it is linked to moneypowercenter.com."
Tried my McAfee antivirus -- found nothing.
Tried Spybot Search and Destroy - found nothing.
Tried Malwarebytes's Anti-Malware - found nothing.
Tried changing my homepage, rebooting, but it continues.

What should I be trying? On another forum, someone found that their Malwarebyte's program found these but mine didn't:

Trojan.Agent (C:\Windows\system32\sysaudio.sys)
Malware.Trace (C:\Documents and Settings\Username\results.txt)
Heuristics.Reserved.Word.Exploit (C:\Windows\system32\smss.TMP)

Suggestions would be greatly appreciated!

CAS

A:Google Search yields bogus URLs

Did you run Mbam from normal mode and do a Quick scan(recommende) from your user accout?.Please turn off Mcafee and Spybot for these scans. Then turn it back on. Next run these. Post back the logs.Please download ATF Cleaner by Atribune & save it to your desktop.Double-click ATF-Cleaner.exe to run the program.Under Main "Select Files to Delete" choose: Select All.Click the Empty Selected button.If you use Firefox browser click Firefox at the top and choose: Select AllClick the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.If you use Opera browser click Opera at the top and choose: Select AllClick the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".Now SASPlease download and scan with SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installe... Read more

1 more replies
Answer Match 53.34%

Hello,

I am having issues with both of my Internet Browsers (Firefox and Internet Explorer). Whenever I click on a link it re-directs me to a bogus fake anti virus sites, random sites and fake web search sites. I have run Malwarebytes, Norton AV, AVG AV, CCleaner and Tune up utilities and this prob. still exists.
I have also uninstalled and installed each of the browsers and made sure to clear all info such as cookies, customizations, bookmarks, etc.
One thing I did notice is that when I re-installed FF, I was not being re-directed, until I accessed my bookmarks (that I backed up), then BAM! re-direction craziness!
I am at my wits end, ready to throw my laptop across the room. I have attached GMER and OTL logs to my post (My computer is not allowing me to copy and paste the logs directly within the body of the e-mail, so I have attached them to my post instead.
Thanks for reading and hopefully you can help!
 

A:Bogus antivirus programs & Google redirects

Please download OTM

Save it to your desktop.
Please double-click OTM to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
Code:

:Processes

:Services

:Reg

:Files
C:\WINDOWS\System32\15724.exe
C:\WINDOWS\System32\19169.exe
C:\WINDOWS\System32\26500.exe
C:\WINDOWS\System32\6334.exe
C:\WINDOWS\System32\18467.exe
C:\Documents and Settings\Taheerah\Application Data\grwqhp.dat

:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[EMPTYFLASH]
[Reboot]
Return to OTM, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.

Click the red Moveit! button.
Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
Close OTM and reboot your PC.
Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open... Read more

3 more replies
Answer Match 53.34%

When I search Google.com the first page or so of results look normal but really are spam sites. Please help!
DDS (Ver_09-01-19.01) - NTFSx86
Run by Nathanael Herrod at 8:07:25.74 on Thu 01/29/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.479.72 [GMT -5:00]

AV: AVG Internet Security *On-access scanning enabled* (Outdated)
FW: Norton Internet Worm Protection *disabled*
FW: AVG Firewall *disabled*

============== Running Processes ===============

C:\Program Files\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.... Read more

A:Google giving bogus search results

Hello eherrod,This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.1. Download this file - combofix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe2. Double click combofix.exe & follow the prompts.3. When finished, it will produce a log for you. Post that log in your next reply please, along with a new HijackThis log.Note:Do not mouseclick combofix's window while it's running. That may cause it to stall.Please do this:1. Download HijackThis? here:http://www.trendsecure.com/portal/en-US/th.../hijackthis.php2. Click 'Do a System Scan and Save log'.The HJT log will open in notepad.Thanks,tea

2 more replies
Answer Match 52.92%

Win XP home, sp3;

Help much appreciated...this one is nasty

MBAM indicates that it is "stopping access to malicious site 188.124.7.189

MBAM log follows:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7743

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

9/18/2011 12:59:37 PM
mbam-log-2011-09-18 (12-59-37).txt

Scan type: Full scan (C:\|)
Objects scanned: 179248
Time elapsed: 12 minute(s), 53 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 759
Registry Values Infected: 15
Registry Data Items Infected: 4
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\a.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aAvgApi.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options&#... Read more

A:Google and yahoo results are redirecting to bogus sites

Welcome aboard Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Please download GMER from one of the following locations and save it to your desktop:Main Mirror
This version will download a randomly named file (Recommended)Zipped Mirror
This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.
GMER will open to the Rootkit/Malware tab a... Read more

15 more replies
Answer Match 52.92%

When I search on google and click on a webpage result, it sends me off to the wrong page. Here is the log. I have also attached another version. I am a newby...bare with me! LOL..>THX KirkgoogleDDS (Ver_09-10-13.01) - NTFSx86 Run by Kirk A Deutrich at 12:35:07.20 on Thu 10/22/2009Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.191 [GMT -4:00]AV: BitDefender Antivirus *On-access scanning enabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}AV: Norton 360 *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}FW: BitDefender Firewall *enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}FW: Norton 360 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEsvchost.exeC:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exeC:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exeC:\WINDOWS\system32\CTsvcCDA.EXEC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\WINDOWS\sYSteM32\SvchOst.eXE -k fioo32C:\WINDOWS\system32\svchost.exe -k hpdevmgmtC:\Program Files\Java\jre6... Read more

A:Google search results sending me to bogus pages

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand corner ... Read more

2 more replies
Answer Match 52.92%

I have two problems which may be related:

1. Whenever I do a Google search, many of the links (not all) go to various third party search engines or ad sites. OS is Vista 32 with Firefox.

2. I'm having a secondary problem which may be related. MS Office Outlook is receiving 25-30 emails per day from msnbc.com (although I suspect another address) I have diverted them to the Junk folder and shut off all links, but Outlook will not let me add to the blocked list.

Thanks! Dana

A:Google Search Hijacked / Bogus MSNBC emails

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:

msconfig
safebootminimal
activex
drivers32
netsvcs
%SYSTEMDRIVE%\*.exe
/m... Read more

2 more replies
Answer Match 52.92%

When I type www.google.com or www.yahoo.com in my browser the URL is diverted to a bogus security center, "Microsoft Security Center" stating, “Alert : Your computer have been attacked by spyware or viruses! Please download AntiSpyware to fix.” This site is obviously bogus as the English is not grammatically correct. And I have NOT clicked the hyperlink found on that site.
I am able to overcome this problem with Yahoo as the Yahoo Toolbar on my browser works just fine. Unfortunately, I never installed the Google Toolbar on my browsers. When I try to use the Google Search in the top right of my browser I am taken to an error page that looks to be in a Chinese language.
This problem occurs in Mozilla Firefox/3.0.4, Internet Explorer 7.0.6001, and msn Explorer
9.6. I am running Windows Vista Home Premium, Service Pack 1, 32-bit.
Does anybody know what I can do to eliminate this problem? You folks are awesome!
 

A:Google Redirected to Bogus Microsoft Security Center

This problem also exists for www.youtube.com
 

2 more replies
Answer Match 52.5%

Hello,I picked up a nasty single or bundle of malware last week, I believe it came from downloading a YouTube video. Here is what has happened to my computer... The first sign was when the computer locked up completely while downloading the video. I left it alone hoping it was just a temporary freeze due to Internet traffic or file size or something. Then, a few minutes later I heard the Windows sounds of a reboot...that's when I knew I was in trouble. The problems started immediately after it rebooted.At first, it did just this:*All Internet search engine links redirected to some product site or advertisement.*Every few minutes, Internet Explorer would open a new window (I don't even use ie, I use Firefox) to a product site or ad.*At first this did not affect my computer or browser speed (except while opening the ie popup ads), but after a couple days, everything was running very slowly.*A few days after the initial infection, the computer started locking up for no apparent reason. It is always a complete freeze that requires a hard re-boot (the cursor won't respond, not even ctl-alt-del does anything).*A couple days later, a red circle with a white "X" appeared on my screen-bottom grey bar that looks exactly like the red "X" circle that appears on the Norton AntiVirus box when it's time for an update. Also a callout box pops up from this "X" with the message, "Warning! Security report/Your computer is infected! It is recommended to... Read more

A:INfected with search engine redirect, unwanted/bogus spyware cleaner tool (& others?)

Sorry, I know this will bump my post and thus drop-kick me to the end of the line again, but the Edit function rejects me saying I am not allowed to edit my own post. But the situation has changed for the worse and I need to post the additional information as it will probably affect the necessary response. So here is an update on the gradual systematic destruction of my laptop:Immediately after posting this topic, I ran full backup with Cobian Backup, so I would be ready to act on any help I got on how to handle this infection. And it froze my computer completely as described before, somewhere after 75% complete (that was the last time I checked before it froze). I had to turn the computer off to reboot but now it won't reboot. After showing the black background screen with the WindowsXP logo and the booting progress bar for a short while, it goes black for a few seconds as if it is going to the next boot step, but then goes to blue screen with the following error message:"Stop: e000021a {Fatal System Error}The Windoms Logon Process System process terminated unexpectedly with a status of 0X00000000 (0X00000000 0X00000000).The system has been shut down."Then it goes into a perpetual loop of trying to reboot, and failing to the same blue screen error message.It rebooted once on its own after I left it to do many auto-reboot tries, and I tried to run backup again, but it never even started because apparently if you're not hooked up to the Internet for it to check fo... Read more

32 more replies
Answer Match 52.5%

I am in need of help here. It looks like this is basically a individual computer issue. Started with the Windows XP Restore Virus (which I have seemed to get rid of using Malware Bytes) and now I am getting the redirect on both Firefox and IE. Also get the random radio adds in the background. I am running on XP. Help!!
 

A:Like Everyone Else - Radio Sounds and Redirect

14 more replies
Answer Match 52.5%

Hi,
 
Came home from the movies, turned on my pc, and immediately got bogus virus scan thing going, with bogus firewall pop-up, and "Microsoft Security Shield" in tray.
It closed my browser, and won't allow me to re-open.  Won't allow Malware Bytes to run, cuts off McAfee scan after about 5% of scan.
What do I do?
 
Currently, I have logged into another ID on the pc, and was able to open a browser, and install Malwarebytes for that user (my son).
It is running, and has detected 5 objects so far.  But will this clean up the problems on my profile?
 
I don't remember how to start in safe mode, and run malware bytes from there, or how to download something else, like superantispyware, while in safe mode.
 
I need my pc working, because I run a e-commerce business from my home, and everything is on that one PC, and none of my peripherals are compatible with my laptop, as the PC is Vista, and the Laptop is Win7 64.
 
It is na HP Pavilion Desktop, with Vista.  Microsoft firewall is turned off because it isn't compatible with my McAfee, which is provided by AT&T (my ISP).
 
Any help would be greatly appreciated.
 
Oh... I have tried in the past to use the restore feature, and it never works on this pc.

A:HELP! Please! Bogus Firewall popup, bogus Seurity Shield, etc

Hello, yes running a Full scanBut Run Rkill first then rerun MBAMThis tool simply does the following:Terminates approximately 320+ known rogue processesDeletes some of the more annoying protection processes commonly being used today:c:\Windows\svchastc:\Windows\svchastsc:\Windows\svohostC:\program files\Windows Police Pro\Windows Police Pro.exeUses the reg command to fix the following policy restrictions:Disable TaskManagerDisable RegeditDisable Run menu option in the Startup Menu  Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:•Link 1•Link 2•Link 3•Link 4•In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.•Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)?Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.•A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.•An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)•Do not reboot your computer after running Rkill as the malware programs will start again.&... Read more

8 more replies
Answer Match 52.08%

When I run a google search in Firefox, it returns a valid list. However, when I click on any of the links, they get redirected to bogus sites such as yellow pages, can't find web page, etc. When I hit the back button, it just returns the same page. I have to search again to find the links, copy them and paste them to get the information I need.

I've also had issues where GTalk and google desktop will not sign in. They keep trying to connect and get disconnected.

I ran Ccleaner to clean up cache. No luck. I have run spybot. It didn't correct the issue. AVG didn't find the issue. I'm at a bit of a loss on where to go.

I've attached the required logs....thank you for any assistance you can provide.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5 CPU M 560 @ 2.67GHz, Intel64 Family 6 Model 37 Stepping 5
Processor Count: 4
RAM: 3891 Mb
Graphics Card: Intel(R) HD Graphics, 1721 Mb
Hard Drives: C: Total - 294042 MB, Free - 176943 MB; Q: Total - 9999 MB, Free - 2384 MB;
Motherboard: LENOVO, 4313CTU
Antivirus: AVG Anti-Virus Business Edition 2012, Updated and Enabled

HiJackthis log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:57:37 AM, on 4/5/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBan... Read more

A:Firefox 11 google search links redirected to bogus sites

A friend suggested trying Malwarebytes.

The following was found and quarantined but did not address the problem I am having.

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.04.06.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
nicklombardi :: NICKLTHINKPAD [administrator]

Protection: Enabled

4/6/2012 10:19:56 AM
mbam-log-2012-04-06 (10-19-56).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 528966
Time elapsed: 1 hour(s), 22 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Temp\Utilities\Zwinky.exe (PUP.FunWebProducts) -> Quarantined and deleted successfully.
C:\Users\nicklombardi\AppData\Local\Temp\9A74.tmp (Trojan.Agent) -> Quarantined and deleted successfully.

(end)
 

2 more replies
Answer Match 52.08%

Everytime I do a search on google and click on any of the links, it re-directs to a bogus site.
 
Here is the DDS log:
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16720  BrowserJavaVersion: 1.6.0_30
Run by AB at 0:04:50 on 2013-11-05
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8151.6017 [GMT -5:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malwa... Read more

A:Google search result links redirects to bogus sites

Hi there,my name is Marius and I will assist you with your malware related problems.Before we move on, please read the following points carefully. First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding. Perform everything in the correct order. Sometimes one step requires the previous one. If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem. Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me. Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts. If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed. Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean. My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.   Scan with Gmer rootkit scannerPlease download Gmer from here by clicking on the "Download EXE" Button.Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.If it gives you a warning about rootkit activity and asks if you want to ru... Read more

35 more replies
Answer Match 52.08%

Hi,
I just want to outline some of the symptoms I am getting on my computer.
1) when I open up firefox it is usually set to the default google search, now an error occurs telling me "Firefox has detected that the server is redirecting the request for this address in a way that will never complete."

2)When i search something on google and click on a link it opens a new tab and usually directs me to some random website trying to sell me stuff that i do not want.

3) If i do manage to get to the site i want i see these vimax ads everywhere. these pills claim to permanently enlarge a certain body part. These ads are quite irritating

4) i have tried to download spybot- search and destroy but somehow it is not able to update.

5) I found a scanning program and scanned my computer and it came up with the result that i have Zlob. DNS Changer and some adware toolbar thing.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:24:18 AM, on 07/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ltmoh\ltmoh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Progra... Read more

A:Vimax Ads and bogus Google search results--> Zlob Trojan?

Bump
 

1 more replies
Answer Match 52.08%

I received notice that I had an issue and clicked on the button, not realizing I was letting in the malware virus or whatever after that could only do certain things on the web. Google kept redirecting me to an xp page that wanted me to buy the software to fix the problem. My techie friend told me it was a bogus site just wanting your credit card info and pointed me to this site to help get things fixed up.
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Linda Jo Landau at 10:29:59.75 on Thu 05/05/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.907 [GMT -5:00]
.
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFi... Read more

A:Infected with a malware google keeps redirecting to xp virus remove which is bogus

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

3 more replies
Answer Match 52.08%

I am having a bazillion problems with my computer. I am getting stressed out and I need help!

I believe I have a redirect virus. I am constantly redirected to spam websites when using google in chrome, mozilla. My internet explorer has stopped working too. Also there were different radio or something playing in the background even though no program was running and it definitely wasn't from the websites I was visiting.

I also cant get my firewall to work. Its due to some unidentified problem.

I have malwarebytes, spybot search and destroy as well as super antispware. While they do detect problems the problems haven't gone away!
Please help me so I can enjoy the internet once again.

A:redirect, radio, firewall not working

Hello and Welcome to Bleeping Computer!!My name is Gringo and I'll be glad to help you with your computer problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At t... Read more

38 more replies
Answer Match 51.66%

I've had this virus/bug before and have removed it in the past, but this time I got it I followed directions on bleepingcomputer (ie: downloading and running rkill, turning off the bogus proxy settings, and running an updated version of malware bytes in safe mode) but I was still getting redirects when searching google. While trying to figure out what was wrong, I somehow got reinfected with the same fake antivirus removal software bug. I decided it was best to go ahead and post my particular problem so I can get a specific response rather than continuing to take shots in the dark based on other people's problems. So, I am sorry if this is redundant and I will happily follow a link to the correct fix if it is already out there. I just want to make sure I am solving this once and for all. Thanks so much in advance!!!DDS Text:DDS (Ver_10-03-17.01) - NTFSx86 NETWORK Run by casandra at 10:28:12.29 on Fri 07/02/2010Internet Explorer: 7.0.5730.11Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.740 [GMT -4:00]AV: eTrust ITM *On-access scanning enabled* (Updated) {33EA71EA-56CF-40B5-A06B-BD3A27397C44}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\system32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\ctfmon.exeC:\Program Files\internet explorer\iexplore.exeC:\Docu... Read more

A:Bogus Anti-spyware Removal/Virus protection and Google Redirects

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

3 more replies
Answer Match 51.66%

Keep being directed to random sites such asd the one in the title and i can't find and destroy the source. I've tried a number of methods including Malwarebyte's antimalware and spyware doctor but nothing seems to have fixed it :sHere is the Hijackthis log :Logfile of Trend Micro HijackThis v2.0.2Scan saved at 19:10:26, on 01/06/2010Platform: Unknown Windows (WinNT 6.01.3504)MSIE: Internet Explorer v8.00 (8.00.7600.16385)Boot mode: NormalRunning processes:C:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\AVG\AVG9\avgtray.exeC:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exeC:\Windows\system\CMGxMon.exeC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files\Razer\Tarantula\razerhid.exeC:\Program Files\Razer\Mamba\RazerTray.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exeC:\Program Files\Sitecom\Sitecom WL-171 Wireless LAN Card\Installer\WLANUTL.exeC:\Program Files\ASUS Xonar D2X Audio\Customapp\MXMon.exeC:\Program Files\... Read more

A:Redirected to bogus site from Google: http://www.adcloudmedia.com/denyPage1.html

Hi,Download DDS and save it to your desktop from here or here or here.Disable any script blocker, and then double click dds.scr to run the tool. When done, DDS will open two (2) logs: DDS.txt Attach.txtSave both reports to your desktop. Post them back to your topic.---Download GMER here by clicking download exe -button and then saving it your desktop:Double-click .exe that you downloadedClick rootkit-tab, uncheck files option and then click scan.Don't check Show All box while scanning in progress!When scanning is ready, click Copy.This copies log to clipboardPost log (if the log is long, archive it into a zip file and attach instead of posting) in your reply.

2 more replies
Answer Match 50.82%

Several days ago while visiting a blog I have visited many times before my computer was infected with some malware. The first sign was the fake defrag request. I was able to get rid of this malware pretty easily (I think), but realized later I was still infected when all search engines would perform the search but when I click on the page I want to see it takes me to about 3 random websites instead of the one I intended to see. I also have random radio play at odd times for no reason. When this happens I have closed down the internet and it will continue to play. I have been through the steps of the preparation guide before posting this message, but gmer.exe will not finish. The first 2 times I tried to run it the computer shut down during the scanning process the third time I got an error message. Shame on me for not writing down exactly what it said. I will try again after posting and write it down.

.
DDS (Ver_2011-06-03.01) - NTFSx86
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_19
Run by margaret at 13:02:59 on 2011-06-09
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.1790.873 [GMT -4:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe... Read more

A:Search Engine redirect and random radio play

Hello and welcome. Please follow these guidelines while we work on your PC:Malware removal is a sometimes lengthy and tedious process. Please stick with the thread until I?ve given you the ?All clear.? Absence of symptoms does not mean your machine is clean! Please do not run any scans or install/uninstall any applications without being directed to do so.Please note that the forum is very busy and if I don't hear from you within five days this thread will be closed. Please download Rootkit Unhooker and save it on your desktop.Disable your security programsDouble click RKUnhookerLE.exe to run itClick the Report tab, then click ScanCheck Drivers, Stealth Code, Files, and Code HooksUncheck the rest, then click OKWhen prompted to Select Disks for Scan, make sure C:\ is checked and click OKWait till the scanner has finished then go File > Save ReportSave the report somewhere you can find it. Click CloseCopy the entire contents of the report and paste it in your next reply.Note - You may get this warning it is ok, just ignore it:"Rootkit Unhooker has detected a parasite inside itself!It is recommended to remove parasite, okay?"Please include the following in your next post:RootkitUnhooker log

18 more replies
Answer Match 50.82%

This is without a doubt the most difficult to remove bit of nastiness I've had to deal with. It started as the Ultra Defragger malware. It flipped the hidden file switch on everything, changed the screen resolution, wiped the Start menu, and rebooted into its phony safe mode with hard drive failure notices. I've managed to take care of that, and get everything pretty much back to normal. What remains is what I suspect is a rootkit that is URL redirecting and, very strangely, randomly booting up an Internet radio station in IE. First time I've heard of that one. I've tried every program I could think of to get rid of it. Nothing works. Here's what I've tried: MalwareBytes. Finds Nothing.Kaspersky Online Scan. Found the Ultra Defragger and killed it. Did not get remaining issues. Now finds nothing.ESET. Found nothing.RKill to kill the evil processes. Finds nothing. TDSSKiller. Wouldn't run. Ran Defogger. Still wouldn't run. ComboFix. Doesn't get it. Still redirects. I think I'm down to needing some logfile analysis. Here are the logs I've got, below. I hope that someone can help. If you need anymore logs, or need me to run any other programs, please let me know. Thank you! ------------// OTL LOGFILE //---------------OTL logfile created on: 11/29/2011 11:37:11 AM - Run 2OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\rmh\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Typ... Read more

A:Suspected Rootkit -- URL Redirect and Random Internet Radio

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

16 more replies
Answer Match 50.4%

Attached are HJT, Combofix, and gmer logs. Using Norton AV and its up to date. Any help would be greatly appreciated. Thanks.

A:IE,Firefox, Opera all return bogus search results while searching on Google, Yahoo, MSN, dogpile etc

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for p... Read more

2 more replies
Answer Match 49.56%

Okay, I'm a bit confused by something and hope you guys can help me out. I downloaded a trial version of WS_ftp from ipswitch.com Well, I discovered that there are two web sites and am wondering if they're both legit, or if one is bogus and if I've downloaded something bad...

http://www.ipswitch.com
http://www.wsftp.com

Are they both legit? Now the second part of my question....

I began getting a pop up window when launching ws_ftp today (have had it for almost a week now and have been using it a lot) that's asking for my ID, password and account number for the site I'm trying to connect to. But here's the thing....

I've been hitting 'cancel' and the software works fine. AND, I'm already connected and logged in to my hosting server by the time that window pops up. It's not happened before today, and I'm wondering what's going on with this, if it's spyware, a trojan, whatever?

Thanks. I'm stumped, and a little worried, and I can't get help from the company who made the software because I don't know which site is theirs (or both?)..
 

A:Bogus Sites, Bogus Software?

8 more replies
Answer Match 49.14%

How do I get the Fox News Stream toolbar to show up in Google Chrome? I've just started using Chrome recently and really like its simplicity. However, I like to listen to the Fox News Radio Stream while I surf, and so far I can't figure how to integrate it into Google Chrome. I've had no problems downloading and using it with both Firefox and IE. I figure there must be an extremely simple way to make it work. Thus far, though, I've been stumped.

I would greatly appreciate hearing from anyone who can help. Thank you.
 

A:How do I add Fox News Radio Stream toolbar to Google Chrome?

Oh, well, at least I can make it work easily enough by using two browsers at once.
 

1 more replies
Answer Match 49.14%

Hello,

About two weeks ago my computer became infected with malware. I'm not sure how I became infected but it came in the form of the Windows Restore virus. After numerous attempts I finally got MalwareBytes to run and it got rid of it. However a few days after this more problems started occuring. First off, I seem to have the google redirecting virus. All links I click on off of Google and various other search engines redirect me to random sites. Also I keep getting many different internet script errors popping up. And yet another problem is some random radio station is playing in the background whenever I'm connected to the internet. Before I stumbled on this site I tried numerous antispyware/malware programs including MalwareBytes, AVG, Spybot, AdAware, SuperAntiSpyware but none of them took care of these problems. Unfortunately I haven't been able to run my computer in Safe Mode for a long time (a problem in itself which I should've taken care of). I get to the screen where I can select safe mode but after I hit enter for it I get the blue screen with error codes relating to BIOS. I will write the specific codes down next time. I'm not too concerned with that at the moment if I can get the rest of my problems fixed first. Below is the results of the DDS scan. Thank you in advance!

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Bobby at 18:05:37.15 on Mon 04/18/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.2.1252... Read more

A:Google redirecting virus, background radio playing

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is to make sure sure that your anti-virus definitions are up-to-date!
Please do not use the Attachme... Read more

15 more replies
Answer Match 48.72%

Wife is on me about not getting Pandora or Chicago sports radio .
If it is related to Google's new secure guidelines, for flash and/or plugins , so be it.
What are my options besides using a different browser ?
thanks for any help

More replies
Answer Match 48.72%

Wife is on me about not getting Pandora or Chicago sports radio .
If it is related to Google's new secure guidelines, for flash and/or plugins , so be it.
What are my options besides using a different browser ?
thanks for any help

More replies
Answer Match 48.72%

Atheros AR5B95 Radio can ping google in command prompt but when I go to a browser I get a cannot connect to website error. if I use a lan line I can connect just fine if I use a external wifi device can connect just fine is. Any thoughts about what would cause such a condition. Have reformatted and reloaded window 3 time no changes.

A:Atheros AR5B95 Radio can ping google in command prompt but

Welcome to the Seven Forums.

Please provide the info mentioned here:
Basic Requirements Before Posting your Networking Thread

For number 6, please provide that info when using a wireless and wired connection.

3 more replies
Answer Match 48.3%

Hello,
My laptop (running Windows 7 Home Premium) randomly plays what sounds like radio adverts and music. Also, google searches are occasionally redirected to spam websites. I suspect it is a malware infection and it started a few days ago. I have seen other people have posted similar problems that were solved; however, I would not be confident trying to remove the malware myself without expert guidance along the way! Any help would be appreciated. Below are the logs:

HJT log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:40:32 PM, on 18/05/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Pro... Read more

A:Suspected Malware - Radio plays randomly and google redirects to advertising

16 more replies
Answer Match 47.88%

I cannot get rid of this thing..every third search or so the results from yahoo get redirected to an ad page.. and the it may go for a day and not do it at all and then bam several searches in a row redirected.. when it first started I ran my two typical antivirus programs..superantispyware and Avira, neither of which found anything..then after some research on the web I dug into the windows,system32,drivers,etc file..and deleted the extra host there.. ok thought I was done no luck.. so download malwarebytes and hitman pro.. maleware found three issues and hitman found one.. problem still there.. came to this site and after reading took the initiative to download combofix, ran it and still having problems..I forgot to mention somewhere along the way someone mentioned Java files to be an issue so went in an deleted those...just befor writing this I went in and deleted browsing history, I doubt thats gonna do anything.. I have no idea what to do now? any help is greatly appreciated..

A:Google redirect>> Windows 7

Welcome aboard Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform quick scan, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. * Post the log back here.Be sure to restart the computer.The log c... Read more

11 more replies
Answer Match 47.88%

I have picked up the google redirect virus, I think over the last few days(who knows?). I have tried Hitman Pro & Eset online scanner. No luck so far. Hitman pro did detect somethings & quarantined them. After I rebooted & ran the scan again, it now says there is a TDL3, or Alureon rootkit trace. Eset also removed a few things. I tried the Kasperksy tdss killer but it didn't pick up anything. I saved the logs for both scans if needed. I was going to try combofix but I think it's a little too out of my experience so thought to post here. I am using an old Dell inspiron 630m which came bundled with Mcafee. So far I can log in & have internet access, I just have to keep opening the search results in a new tab(Firefox) and I can get around the redirect. I would rather get rid of this thing alltogether than try to constantly block it. Any help much appreciated & thanx again.

More replies
Answer Match 47.88%

OK, I have run several system scans with Trend Micro PC-cillin and come up "clean". I have also run Registry Mechanic and cleaned up my registry. I STILL have the Google Redirect though! I have tried starting my PC in "Safe Mode" but it continually gets hung up. Help!

A:Google Redirect on Windows XP

Hello and Welcome.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Answer Match 47.88%

Hello.I have 3 machines all connected in a small home network. [Machine 1]Windows Server 2003 - 32 bitWired connection to the routerMbam scan comes up clean and I am able to perform mbam updates.No redirect problem on this machine.[Machine 2]Windows XP - 32 bitWireless connection to the routerMbam scan comes up clean and I am able to perform mbam updates.No redirect problem on this machine.[Machine 3]Windows 7 - 64 bitWireless connection to the routerMbam scan comes up clean, but I am NOT able to perform mbam updates.The redirect problem on this machine is horrible.Please not that I cannot run combofix.exe on Machine 3, as it does not support 64 bit machines. Any help would be greatly appreciated. Thank you all.

A:Yet Another Google Redirect - Windows 7 64 Bit

Download the following: http://mbam.malwarebytes.org/database/mbam-rules.exe on a clean computer and move it to a flash or cd drive and try updating it that way.

5 more replies