Chelsea, there are still 2 entries that bother me. So I'd like you to do the following:
First, explain to me exactly what is happening with the 'redirect.'
Does it happen on all of the searches?
Does it only happen when you choose a site from the Google search list?
Does it happen if you load a Bookmark or Favorite?
Does it happen in all browsers if you have more than IE?
Does it happen if you type the URL in the Address Bar?
For instance, I go to
http://www.engadget.com/ and use search term
netbooks: And get this page:
http://www.engadget.com/search/?q=netbooks&invocationType=wl-gadget
I select the topic
ARM blames Flash, netbooks and tablets for smartbook delay, oh my and this page displays
http://www.engadget.com/2010/05/06/arm-blames-flash-netbooks-and-tablets-for-smartbook-delay-oh-m/
If you did the same thing, where is the search breaking down?
==========================================
I want you to uninstall Combofix which will also remove the reports:
Uninstall ComboFix and all Backups of the files it deleted
- Click START> then RUN
- Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
=====================================
Now, please install a new Combofix:
Please download ComboFix from
Here and save to your Desktop.
[1]. Do NOT rename Combofix unless instructed.
[2].Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
[3].Close any open browsers.
[4]. Double click combofix.exe & follow the prompts to run.
- NOTE: Combofix will disconnect your machine from the Internet as soon as it starts. The connection is automatically restored before CF completes its run. If it does not, restart your computer to restore your connection.
[5]. If Combofix asks you to install Recovery Console, please allow it.
[6]. If Combofix asks you to update the program, always allow.
- Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
[7]. A report will be generated after the scan. Please post the C:\ComboFix.txt in next reply.
Note: Do not mouseclick combofix's window while it's running. That may cause it to stall.
Note: Make sure you re-enable your security programs, when you're done with Combofix..
=================================
Follow with
Run Eset NOD32 Online AntiVirus Scanner HERE
- Tick the box next to YES, I accept the Terms of Use.
- Click Start
- When asked, allow the Active X control to install
- Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
- Click Start
- Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
- Click Scan
- Wait for the scan to finish
- Re-enable your Antivirus software.
- A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
========================================
Then download the
HijackThis Installer HERE and save to the desktop:
- Double-click on HJTInstall.exe to run the program.
- By default it will install to C:\Program Files\Trend Micro\HijackThis.
- Accept the license agreement by clicking the "I Accept" button.
- Click on the "Do a system scan and save a log file" button. It will scan and then ask you to save the log.
- Click "Save log" to save the log file and then the log will open in notepad.
- Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
- Come back here to this thread and paste (Ctrl+V) the log in your next reply.
NOTE: Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.
Leave the logs from the new Combofix scan, Eset scan and HijackThis.