Welcome to the TechSpot OpenBoards. Please read the FAQ if you have any questions. Login to participate.
|
|||||||
Redirected, please help
 |
|
|
|
Thread Tools |
|
#1
09-06-2008
|
|||
|
|||
|
Redirected, please help
ok so the other day i was on a website and i clicked on a link it it suddenly turned off my windows firewall and i knew something went wrong. i turned it back on and i thought it was fine.but i got the redirecting virus.when im on google or yahoo and i search for something and click on a link it redirects me to another website.
heres the hijackthis log. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2:12:49 PM, on 9/6/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\PROGRA~1\LAUNCH~1\LManager.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\WLTRAY.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Vista Drive Icon\DrvIcon.exe C:\Program Files\AIM6\aim6.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Vista Rainbar\Rainmeter.exe C:\Program Files\Styler\Styler.exe C:\WINDOWS\system32\igfxext.exe C:\Program Files\AIM6\aolsoftware.exe C:\Program Files\iPod\bin\iPodService.exe C:\DOCUME~1\OSKARC~1\LOCALS~1\Temp\RtkBtMnt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Internet Explorer\Iexplore.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Loader Class - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - C:\Documents and Settings\Oskar Cazessus\Desktop\New Folder\More Extras\Favorite links kit\FindeXer\FindeXer.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll O3 - Toolbar: QT Breadcrumbs Address Bar - {af83e43c-dd2b-4787-826b-31b17dee52ed} - mscoree.dll (file missing) O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [Vista Rainbar] C:\Program Files\Vista Rainbar\Rainmeter.exe O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\system32\drivers\svchost.exe O4 - Startup: Styler.lnk = ? O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE -- End of file - 4934 bytes can anyone help? |
|
#2
09-07-2008
|
||||
|
||||
|
antiSPYWARE/antiTROJAN program(s)
Hi :
Based on your "symptoms", it appears you have some bad malware on your computer; also your HijackThis log indicates you have NO antiSPYWARE/ antiTROJAN programs, a serious security lack . Would recommend you run "Full Scan(s)" of BOTH the FREE Version of "SUPERAntiSpyware" from www.superantispyware.com AND the "Free" Version of "Malwarebytes' Anti- Malware", best downloaded from www.malwarebytes.org/mbam.php . IF these 2 fail to resolve your problem(s), let us know . |
|
|
#3
09-07-2008
|
|||
|
|||
|
i ran both those programs and SUPERantivirus didnt find anything, but Malwarebytes' Anti-
Malware found some stuff and got rid of it.my computer is finally back to normal.:] also, whatever i had on my computer wouldn't let me go to a bunch of websites where i could resolve the problem,and would not let me go to any links to like the malwarebytes anti-malware .so i found other download sites where i downloaded it from. my computer is running great now thank you |
|
#4
09-07-2008
|
||||
|
||||
|
You have no Java installed. Please download and install the latest version, v6u7:
http://www.java.com/en/download/manual.jsp You need to run another HijackThis scan- this does not look like the entire log- the mid-section isn't there. Also, attach Malwarebytes and SuperAntispyware logs. You have an issue with the following- make sure the install is correct- uninstall/reinstall if needed: Quote:
Quote:
If you require more help, please post new logs as an attachment: |
|
| Thread Tools | |
|
|
| Similar Topics | ||||
| Topic | Category | Replies | Last Post | |
| My Searches Were Redirected | Virus & Malware removal | 5 | 03-09-2008 02:12 PM | |
| Google getting redirected Pls help | Virus & Malware removal | 12 | 12-16-2007 09:20 AM | |
| Web pages redirected | Virus & Malware removal | 5 | 08-02-2007 01:36 PM | |
| Browser keeps getting redirected | Virus & Malware removal | 3 | 04-03-2007 10:02 AM | |
| keep getting redirected | Virus & Malware removal | 7 | 03-24-2007 12:25 PM | |
All times are GMT -4. The time now is 05:38 PM.