Google results redirecting to another website

[bluecherry726]

Whenever I search for something using google, the results send me to another website that has nothing to do with what I was looking for. I have to click the results 3 or more times before it sends me to the actual website. I've seen many posts with this problem and I was hoping that it can be fixed. I've done the 8 steps and have attached the 3 logs.

Thanks in advance!!!

 

[Bobbye]

Welcome to TechSpot, Bluecherry. Thank you for your patience.

You have to do some Housekeeping first:

I have noticed that you have multiple antivirus programs running.
Symantec
McAfee
You should decide which you want to keep and remove the others for the following reasons:

• Multiple antivirus programs can cause conflicts that may leave the system more vulnerable.
• Multiple antivirus programs can also slow down the system.
  
  If you are using a paid program, Consider removing the free programs. If you are using a Trial of a paid program, please decide which programs you would like to keep and remove the others. You will find the following removal tools helpful: Download just the tool for the program you will remove and save it to your desktop. Don't run it yet:
  
• McAfee Removal
• Norton Removal Tool
  Note:Security programs are best removed while in Safe Mode. Download the removal tool and save to your desktop. Boot into Safe Mode
• Restart your computer and start pressing the F8 key on your keyboard.
• Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.
  Now double-click on the tool you save to the desktop and run it, following any onscreen prompts.

P2P or 'file sharing Warning:
Note: Even if you are using a "safe" P2P program, it is only the program that is safe. I suggest that you uninstall uTorrent for the following reasons:

• As long as you are using file sharing networks and programs which are from sources that are not documented, you cannot verity that a download is legitimate.
• Malware writers use these program to include malicious content.
• Fie sharing is usually unmonitored and there is a danger that your private files might be accessed.
• The 'sharing' also includes malware that the shared system has on it.
• Files that are illegal can be spread through file sharing.

Please read the information on P2P Warning to help you better understand these dangers.

When you have finished the above, please rescan with HijackThis and include a new logs in your next reply.

 

[bluecherry726]

That is weird. I'm pretty sure I am only using McAfee as my antivirus. The Norton and McAfee product came with my laptop and only used McAfee. As for getting rid of it using the removal tool, it says that I would need the product key. I don't believe I ever got one since my computer came with it installed on it.

As for the P2P program, I already uninstalled it when I made the earlier logs. I went into Program Files and found just an empty folder there so I deleted it.

 

[bluecherry726]

Just tried to go into safe mode and i got the blue screen telling me the computer shut down to protect my files. I'm guessing it's referred as the blue screen of death.

 

[Bobbye]

Norton Removal Tool:

You may need your Product Key when you reinstall your Norton product

You do not need the product key to uninstall it- just to reinstall it. Ir doesn't mater whether you have used a program or not. If it was put on the Startup menu, it's going to start on boot and run in the background. Unfortunately, the manufacturers want you to use all the junk they preload so they don't give any uninstall directions.

I went into Program Files and found just an empty folder there so I deleted it.

This process was loading:
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

Now the system is confused because you deleted the program folder while the program was running. What's it suppose to do with the file now?

Boot into Normal Mode> right click on the Taskbar> Task Manager> find uTorrent and highlight it> click on End task. Close the Task Manager.

Go to Start> Run> type in msconfig> enter> Selective Startup> Start menu> Uncheck uTorrent> Apply> OK.

Go to Add/Remove Programs and remove uTorrent if there.
(NOTE: the first time you reboot after making a change using msconfig, you get a nag message- you can ignore and close it after checking 'don't show this message again.' Stay in Selective Startup.

Now try to boot into Safe Mode. If IE crashes again, check the time on the computer clock.

Find the Error that corresponds to the BSOD and crash using the Event Viewer:

Start> Run> type in eventvwr

Do this on each the System and the Applications logs:
[1]. Click to open the log>
[2]. Look for the Error>
[3] .Right click on the Error> Properties>
[4]. Click on Copy button, top right, below the down arrow >
[5]. Paste here (Ctrl V)
[6].NOTES

• You can ignore Warnings and Information Events.
• If you have a recurring Error with same ID#, same Source and same Description, only one copy is needed.
• You don't need to include the lines of code in the box below the Description, if any.
• Please do not copy the entire Event log.

Errors are time coded.

 

[bluecherry726]

here's what i get:
Stop: 0x0000007E(0xC0000005, 0x80537009, 0xF796A508, OxF796A204)
on the BSOD

as for the error codes:

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7026
Date: 1/15/2010
Time: 8:16:59 PM
User: N/A
Computer: BLUECHERRY
Description:
The following boot-start or system-start driver(s) failed to load:
Lbd



Event Type: Error
Event Source: Ftdisk
Event Category: None
Event ID: 49
Date: 1/15/2010
Time: 8:15:57 PM
User: N/A
Computer: BLUECHERRY
Description:
Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.



Event Type: Error
Event Source: Ftdisk
Event Category: None
Event ID: 45
Date: 1/15/2010
Time: 8:15:57 PM
User: N/A
Computer: BLUECHERRY
Description:
The system could not sucessfully load the crash dump driver.

Thanks for such a quick response. I really appreciate the help you are giving me.

 

[Bobbye]

Regarding LBD Driver: this is part of AdAware. Did you have that program? did you try to uninstall it?

Here is the solution: From Lavasoft Support:
I ran Autoruns for Windows http://technet.microsoft.com/en-us/sysinte...s/bb963902.aspx and screened
it closely and found the culprit. It was listed under HKLM\System|CurrentControlSet\Services and I unticked "Lbd" Ad-aware Mini-Filter Driver. Rebooted and the problem was gone.

However, to be sure I deleted all aspects of the Lavasoft Lbd driver problem failing to load on System Startup I ran
Regedit> HKLM\System\CurrentControlSet\Services and deleted the "Lbd" entry.
Now it is entirely gone and no longer appears in Autoruns.

NOTE: Before doing a Registry Edit, backup the Registry.

Events 45/49: I just had another one of these a few days ago:
The following 2 Events go together: Either The pagefile.sys needs to be increases to hold the Memory.dump file-OR- you can prevent the Memory.dump file.

Instructions for both HERE (http://windowsitpro.com/article/articleid/74464/jsi-tip-3145-windows-2000-system-event-id-49.html)
Event Type:Error, Event Source Ftdisk, Event ID:49
Description:Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.

Event Type:Error, Event Source:Ftdisk, Event ID:45
Description:The system could not successfully load the crash dump driver.

See if adjusting the page file prevents the BSOD.

 

[bluecherry726]

I did have AdAware but I had uninstalled a while back when my sister bought McAfee for me. From the above direction, I actually don't understand how I'm suppose to go about it. The link leads to nothing, says bad request.

As for the other errors, I increased the size of the page file from 1524 to 2000, not sure if that is enough. I then tried to go into safe mode and still got the BSOD. Then I did the other that you suggested by preventing the memory dump file and I still got the BSOD. Does this mean the problem is worst than it seems?

 

[Bobbye]

Sorry about the link. IT was good when I posted it. I just found 4 more references where the link is bad- so-

• 
  1. Download Autoruns
  2. Click on Logon tab first.
  3. Uncheck any entry for Ad-Aware or Lavasoft to disable it.
  4. Then go to Drivers tab
  5. Look for "lbd.sys" driver for "Ad-Aware mini filter driver" and uncheck.
  6. Check the Scheduled Tasks Tab. Uncheck any Aware weekly update task.

When the system problem with Safe Mode has been resolver, let me know and we'll proceed with the cleaning.

 

[bluecherry726]

Sorry for the late response. Was away for the week.
I followed the above steps. I am still getting BSOD.
I also found a new error:

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 1/24/2010
Time: 1:41:16 PM
User: NT AUTHORITY\SYSTEM
Computer: BLUECHERRY
Description:
The server {6A972E27-93E2-4F98-8367-4101B2073814} did not register with DCOM within the required timeout.

Also, when I was running autoruns, I noticed under the drivers tab that there were a few boxes where it said the files can not be found. Do I uncheck them?

 

[Bobbye]

Bluecherry, please move over to the Windows OS forum. See if you can resolve the system problems. If it is felt that you may have malware, then you will come back to this forum and start again.

There are more members to help with system problems in that forum. You can reference this thread by leaving the URL: https://www.techspot.com/vb/topic141222.html#post844054