Jump to content
datasafe

Something re-directing my Explorer Searches!

Recommended Posts

Hi guys

Something peculiar is happening! When I do a search with Google and then click on one of the results, Explorer is being re-directed to other sites!

I have the latest version of SAS Pro installed with latest updates and some trojans have been detected, cleaned and then following a re-boot I get the same problems!

I'm using XPPro.

Anyone here have any suggestions to get rid of this annoying problem?

Thanks

John

Share this post


Link to post
Share on other sites

Hi guys

Something peculiar is happening! When I do a search with Google and then click on one of the results, Explorer is being re-directed to other sites!

I have the latest version of SAS Pro installed with latest updates and some trojans have been detected, cleaned and then following a re-boot I get the same problems!

I'm using XPPro.

Anyone here have any suggestions to get rid of this annoying problem?

Thanks

John

You should download MBAM a.k.a Malwarebytes By visiting this link:

http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?tag=contentMain;contentAux

And if that doesnt work you should try deleting the infected host file but be careful and dont delete the real one.

But MBAM should help you out! Hoped i helped =)

Share this post


Link to post
Share on other sites

You should download MBAM a.k.a Malwarebytes By visiting this link:

http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?tag=contentMain;contentAux

And if that doesnt work you should try deleting the infected host file but be careful and dont delete the real one.

But MBAM should help you out! Hoped i helped =)

Thanks for the reply Mark.

I visited & downloaded MBAM and will try it. BUT, I bought SAS & Kaspersky to stop these sort of things happening & I'm gonna be a bit grumpy if I have to fork out more money to get rid of something that SAS & KIS 2010 should have dealt with.

Cheers

John

Share this post


Link to post
Share on other sites

Thanks for the reply Mark.

I visited & downloaded MBAM and will try it. BUT, I bought SAS & Kaspersky to stop these sort of things happening & I'm gonna be a bit grumpy if I have to fork out more money to get rid of something that SAS & KIS 2010 should have dealt with.

Cheers

John

UPDATE

MBAM discovered several bogus files and deleted them however, the problem with my explorer being hijacked continues :( it also affects Firefox too.

Same as before, when I do a Google or Bing search and then click on one of the links returned, the url changes several times and I might end up on a casino site!

Someone advised that I should run a utility called TDS Killer. I did this and here's an image of the discovery. Note the red arrows suggesting a memory infection but not cured.

Cheers

John

post-9168-127133665924_thumb.jpg

Share this post


Link to post
Share on other sites

UPDATE

MBAM discovered several bogus files and deleted them however, the problem with my explorer being hijacked continues :( it also affects Firefox too.

Same as before, when I do a Google or Bing search and then click on one of the links returned, the url changes several times and I might end up on a casino site!

Someone advised that I should run a utility called TDS Killer. I did this and here's an image of the discovery. Note the red arrows suggesting a memory infection but not cured.

Cheers

Hi Datasafe.

Please submit a CSR ticket so that the infection can be identified and removed:

https://www.superantispyware.com/csrcreateticket.html

John

Share this post


Link to post
Share on other sites

UPDATE

MBAM discovered several bogus files and deleted them however, the problem with my explorer being hijacked continues :( it also affects Firefox too.

Same as before, when I do a Google or Bing search and then click on one of the links returned, the url changes several times and I might end up on a casino site!

Someone advised that I should run a utility called TDS Killer. I did this and here's an image of the discovery. Note the red arrows suggesting a memory infection but not cured.

Cheers

John

OK If MBAM didn't work try spywareblaster that can be downloaded from here: http://download.cnet.com/SpywareBlaster/3000-8022_4-10196637.html?tag=mncol and if that doesnt work I will still help you just give me your email then I will glad to help you out untill this is fixed=)

Share this post


Link to post
Share on other sites

Thanks for the replies guys.

I've tried the various suggestions and although the situation has improved somewhat - my PC is usable without it granding to a halt, the redirecting of IE8 still occurs! Usually another IE8 windows opens.

Cheers

John

Share this post


Link to post
Share on other sites

Thanks for the replies guys.

I've tried the various suggestions and although the situation has improved somewhat - my PC is usable without it granding to a halt, the redirecting of IE8 still occurs! Usually another IE8 windows opens.

Cheers

John

There is definetly some kind of worm out there that I threw everything in the kitchen sink out at including SAS Pro. I basically gave up and backed up my profile and started again. It takes your DNS searchs and basically points you to different sites. I did get hit with the latets varient of AVE.exe and removed it and found a keylogger but is after Norman Malware,A2, and a whole host others.

Share this post


Link to post
Share on other sites

Thanks for the replies guys.

I've tried the various suggestions and although the situation has improved somewhat - my PC is usable without it granding to a halt, the redirecting of IE8 still occurs! Usually another IE8 windows opens.

Cheers

John

Does IE8 crash with a rundll error on exiting on ocassion? If it does you've got the same thing I had. Look to see if you have google as your search engine default in IE and also look if you have delete browsing history on exit. If you have both of them on you'll get the dll error on exit. You'll also notice odd behavior (which I think is a keylogger) but the program can not be detected that's doing it. Do you get odd results from a google search basically pointing you to sites that just don't seem right? Is your auto type in google work?

Share this post


Link to post
Share on other sites

Does IE8 crash with a rundll error on exiting on ocassion? If it does you've got the same thing I had. Look to see if you have google as your search engine default in IE and also look if you have delete browsing history on exit. If you have both of them on you'll get the dll error on exit. You'll also notice odd behavior (which I think is a keylogger) but the program can not be detected that's doing it. Do you get odd results from a google search basically pointing you to sites that just don't seem right? Is your auto type in google work?

Share this post


Link to post
Share on other sites

@datasafe

1. Run TDSS Killer again to make sure it got everything and it replaced your drives atapi.sys file. You did reboot right after running it like it said it need too didn't you?

2. Renamed your Host file to something like Host.old then restart your computer and see if that fixes the redirects.

3. Check to make sure your DNS server settings is correct and not pointing to a malware DNS server.

4. Download and run GMER and see if it catches anything. Note: not all rootkits or hidden items are bad.

5. If you are still having problems run a live CD like Dr. Web live CD or Avira Rescue CD. Note: with Avira Rescue CD you may have to click on the British flag in the lower left corner

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...