Search engine links being hijacked

Status
Not open for further replies.
D

dflatley76

Hi. I believe I have malware on my system. Today, I noticed that when I click on links from various search engines, I am always redirected to some other site, mainly advertisement sites.

I have followed the eight-step virus/malware removal process posted here; however, I am still experiencing the link redirect problem.

Please help. I have attached the three logs you requested.

Thank you for this terrific service.
 
Malwarebytes
Scan type: Quick Scan
Objects scanned: 51269
Time elapsed: 4 minute(s), 19 second(s)
Click to expand...
Pretty sure under infection, Quick Scan is Not the best option ;)

Please open HijackThis run a scan, and tick the following entries
Then select Fix all, confirming any Internet browser is closed first
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Flash Video Object - {0FA6E827-077A-4B2E-8674-2F9122AAC9AC} - C:\Windows\system32\aaclient32.dll
O2 - BHO: File Print FedEx Kinko's - {9566395F-43D2-4c64-B525-B501FFA276E2} - mscoree.dll (file missing)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: File Print FedEx Kinko's - {9566395f-43d2-4c64-b525-b501ffa276e2} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{171AAEFC-C977-4F20-BB33-A8005B268249}: NameServer = 209.183.50.151 209.183.48.10
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe (file missing)
Click to expand...

Restart

Then run another Malwarebytes scan (update it first) Then run a full scan

I'd say, you'll be mostly ok at that point :)
 
Status
Not open for further replies.

Similar threads

midian182
Apple made a search deal with Google because there was no "valid alternative," Eddy Cue...
Replies
0
Views
266
midian182
midian182
J
Inactive Admin rights are revoked
Replies
18
Views
2K
Broni
Broni
Daniel Sims
Thousands of websites infected to redirect users in Google Ads view-pumping scam
Replies
5
Views
637
Feng Lengshun
F

Latest posts

Back