Getting Redirected from Google search results
- Thread starter tamir23
- Start date
- Status
howard_hopkinso
Posts: 21,238 +17
Hello and welcome to Techspot.
Your system has been hijacked.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Download and run the Blacklight programme. Follow all the instructions carefully.
Tehn, go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT, Combofix and AVG Antispyware logs as attachments into this thread, only after doing the above.
Regards Howard :wave: :wave:
This thread is for the use of tamir23 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Your system has been hijacked.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Download and run the Blacklight programme. Follow all the instructions carefully.
Tehn, go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT, Combofix and AVG Antispyware logs as attachments into this thread, only after doing the above.
Regards Howard :wave: :wave:
This thread is for the use of tamir23 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
It appears you`re not running any antivirus or firewall software. After following these instructions, go HERE and install one of the antivirus and firewall programmes.
Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} (JInitiator 1.3.1.22) - http://esis-app4.mesd.k12.or.us:7777/forms/jinitiator/jinit.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{559FD3C7-FAE9-46C0-9E75-6680800932AE}: NameServer = 85.255.113.123,85.255.112.72
O17 - HKLM\System\CCS\Services\Tcpip\..\{C2FA1640-80AA-4E8D-9D8F-BB82D2E444DB}: NameServer = 85.255.113.123,85.255.112.72
O17 - HKLM\System\CCS\Services\Tcpip\..\{E247592B-BA86-4D8B-922D-696E44764191}: NameServer = 85.255.113.123,85.255.112.72
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.123 85.255.112.72
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.123 85.255.112.72
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.123 85.255.112.72
Click on the fix checked button.
Close HJT and reboot your system.
Locate and delete the following bold files and/or directories(if there).
C:\windows\ALCMTR.EXE
Install antivirus and firewall software.
Post a fresh HJT log.
Regards Howard
This thread is for the use of tamir23 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} (JInitiator 1.3.1.22) - http://esis-app4.mesd.k12.or.us:7777/forms/jinitiator/jinit.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{559FD3C7-FAE9-46C0-9E75-6680800932AE}: NameServer = 85.255.113.123,85.255.112.72
O17 - HKLM\System\CCS\Services\Tcpip\..\{C2FA1640-80AA-4E8D-9D8F-BB82D2E444DB}: NameServer = 85.255.113.123,85.255.112.72
O17 - HKLM\System\CCS\Services\Tcpip\..\{E247592B-BA86-4D8B-922D-696E44764191}: NameServer = 85.255.113.123,85.255.112.72
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.123 85.255.112.72
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.123 85.255.112.72
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.123 85.255.112.72
Click on the fix checked button.
Close HJT and reboot your system.
Locate and delete the following bold files and/or directories(if there).
C:\windows\ALCMTR.EXE
Install antivirus and firewall software.
Post a fresh HJT log.
Regards Howard
This thread is for the use of tamir23 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
Your HJT log is now clean.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of tamir23 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of tamir23 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
- Status
Similar threads
Latest posts
-
Apple secures supplier to replace physical buttons on iPhone- Atmajaya2020 replied