I've completed the 8 step process, but still have problems with links redirecting. I see the same 'curvy 2' icon in the address bar when some links are redirected. I've seen some reference to backdoor.bot in other posts with similar sounding issues, but don't know if that's my problem or how to resolve it if it is.
Completed 8 steps but unable to resolve redirect problem
- Thread starter jeffbitt
- Start date
- Status
Bobbye
Posts: 16,313 +36
Welcome to TechSpot, Jeff. I'll try to help with malware.
Your logs aren't showing much. That doesn't mean there is no malware- it just means these programs haven't found it. There is one entry in the HijackThis log that isn't complete:
O4 - Global Startup: SuperHybridEngine.lnk =?
The complete entry should be:
O4 - Global Startup: SuperHybridEngine.lnk = C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
I see the full entry in:
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
As far as I can tell, it's related to extended use with power and some of the Fn keys. Can you be mor specific how you use it? It is a legitimate program- I'm just trying to find out how you use it.
Please run a full system scan with the AV part of Microsoft Security Essentials. It should product a log. I'd like you to attach that to your next reply.
Follow with Download SDFix HERE and save it to your Desktop.
We'll see what these turn up. Attach SDFix log also.
Your logs aren't showing much. That doesn't mean there is no malware- it just means these programs haven't found it. There is one entry in the HijackThis log that isn't complete:
O4 - Global Startup: SuperHybridEngine.lnk =?
The complete entry should be:
O4 - Global Startup: SuperHybridEngine.lnk = C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
I see the full entry in:
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
As far as I can tell, it's related to extended use with power and some of the Fn keys. Can you be mor specific how you use it? It is a legitimate program- I'm just trying to find out how you use it.
Please run a full system scan with the AV part of Microsoft Security Essentials. It should product a log. I'd like you to attach that to your next reply.
Follow with Download SDFix HERE and save it to your Desktop.
- Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)
Boot into Safe Mode - Restart your computer and start pressing the F8 key on your keyboard.
- Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.
Run SDFix - Open the extracted SDFix folder and double click RunThis.bat to start the script.
- Type Y to begin the cleanup process.
- It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
- Press any Key and it will restart the PC.
- When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
- Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
- Attach Report.txt back here
We'll see what these turn up. Attach SDFix log also.
Jeff - Sorry I can't provide any insight, but I have an open problem that sounds exactly like yours - the curvy 2. I hope you find a solution.
I had similar symptoms - ComboFix resolved them. Good luck.
Bobbye
Posts: 16,313 +36
Sorry Jeff. I didn't see that much in the logs. Further programs might have found the problem. Here are some tips to help you keep the system clean.
Please follow these simple steps to keep your computer clean and secure:
1.Disable and Enable System Restore: This will help you to drop the old restore points and set a new, clean one:
System Restore Guide
2.Stay current on updates:
3.Make Internet Explorer safer. Follow the suggestions HERE
This Tutorial will help guide you through Configuring Security Settings, Managing Active X Controls and other safety features.
4.Remove Temporary Internet Files regularly: Use5. Use an AntiVirus Software(only one)
6.Use a good, bi-directional firewall(one software firewall)
[*]See Understanding and Using Firewalls including links to download a firewall.
7.Consider these programs for Extra Security
If help later on, please let me know.
Please follow these simple steps to keep your computer clean and secure:
1.Disable and Enable System Restore: This will help you to drop the old restore points and set a new, clean one:
System Restore Guide
2.Stay current on updates:
- Visit the Microsoft Download Sitefrequently.
You should get All updates marked Critical and the current SP updates:Windows 2000> SP4, Windows XP> SP2, SP3, Vista> SP1 - Visit this site[Adobe Readeroften and make sure you have the most current update. Uninstall any earlier updates as they are vulnerabilities.
- Check this site often.Java Updates Stay current as most updates are for security. Uninstall any earlier versions in Add/Remove Programs.
3.Make Internet Explorer safer. Follow the suggestions HERE
This Tutorial will help guide you through Configuring Security Settings, Managing Active X Controls and other safety features.
4.Remove Temporary Internet Files regularly: Use5. Use an AntiVirus Software(only one)
- This can save you a lot of trouble with malware in the future.It should be kept updated and useed to scan regularly.
- See This link for a listing of some online & their stand-alone antivirus programs:
Virus, Spyware, and Malware Protection and Removal Resources
6.Use a good, bi-directional firewall(one software firewall)
[*]See Understanding and Using Firewalls including links to download a firewall.
7.Consider these programs for Extra Security
- Spywareblaster:
- SpywareBlaster protects against bad ActiveX. It places kill bits to stop bad Active X controls from being installed. Remember to update it regularly.
- IE/Spyad
- This places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.
- MVPS Hosts files This replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
- Google Toolbar Get the free google toolbar to help stop pop up windows.
If help later on, please let me know.
- Status
Similar threads
