Other > Viruses and worms
Google/Yahoo redirect
ghuschke:
Hi all. I am, along with many others, a victim of the Google/Yahoo redirect. I'm getting redirected to a site called searchclick10.com. At first I was just going to live with it and not use Google or Yahoo, but I've realized that I can't do that. Plus some other weird things have been going on that I've been fighting with, so I'm ready to get rid of the redirect. Any help would be appreciated. Thanks!
Pondus:
Try a scan with these
MBAM http://filehippo.com/download_malwarebytes_anti_malware/
update, run quick scan and click "remove selected" to quarantine anything found, and restart
SAS http://filehippo.com/download_superantispyware/
Are cookies really spyware and are they dangerous?
http://www.superantispyware.com/supportfaqdisplay.html?faq=26
come back and post scan logs here
ghuschke:
Ok. Here's the logs. BTW, Malwarebyte's didn't find anything wrong, and SuperAntiSpyware found some cookies. Malwarebyte's log is first....
Malwarebytes' Anti-Malware 1.41
Database version: 3221
Windows 5.1.2600 Service Pack 2
11/23/2009 7:32:42 PM
mbam-log-2009-11-23 (19-32-42).txt
Scan type: Quick Scan
Objects scanned: 150377
Time elapsed: 15 minute(s), 37 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Now SuperAntiSpyware....
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 11/23/2009 at 07:51 PM
Application Version : 4.30.1004
Core Rules Database Version : 4303
Trace Rules Database Version: 2170
Scan type : Quick Scan
Total Scan Time : 00:17:27
Memory items scanned : 678
Memory threats detected : 0
Registry items scanned : 626
Registry threats detected : 0
File items scanned : 8734
File threats detected : 68
Adware.Tracking Cookie
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@countlessmemoriesphotography[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@a1.interclick[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@specificmedia[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@interclick[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@ads.ifanboy[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@doubleclick[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@timeinc.122.2o7[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@247realmedia[3].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@mediaplex[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@atdmt[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@serving-sys[3].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@burstnet[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@msnportal.112.2o7[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@revsci[4].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@oasn03.247realmedia[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@content.yieldmanager[6].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@specificclick[3].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@tacoda[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@hitbox[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@ads.pointroll[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@statse.webtrendslive[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@tribalfusion[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@chitika[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@casalemedia[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@ads.belointeractive[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@overture[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@burstnet[3].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@media.mtvnservices[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@www.burstnet[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@iacas.adbureau[3].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@content.yieldmanager[5].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@at.atwola[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@statcounter[4].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@ehg-space.hitbox[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@apmebf[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@collective-media[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@pointroll[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@2o7[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@cdn4.specificclick[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@insightexpressai[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@yieldmanager[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@xiti[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@kaboose.112.2o7[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@adserver.adtechus[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@data.coremetrics[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@ad.yieldmanager[6].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@advertising[4].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@realmedia[3].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@fastclick[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@questionmarket[4].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@ads.scrapbook[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@zedo[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@aarf.122.2o7[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@linksynergy[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@grandstand.uclick[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@smartadserver[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@adecn[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@network.realmedia[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@dc.tremormedia[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@bs.serving-sys[4].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@sales.liveperson[3].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@sales.liveperson[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@ads.bleepingcomputer[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@kontera[2].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@trafficmp[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@warnerbros.112.2o7[1].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@media6degrees[3].txt
C:\Documents and Settings\Glenn.D79DN881\Cookies\glenn@householdaccount[3].txt
FreewheelinFrank:
Check your hosts file and router DNS settings for hacks.
http://en.wikipedia.org/wiki/Hosts_file
ghuschke:
Ok. The Wiki article told me how to get to where I'm going, but could you tell me what to look for after that? We're starting to tread a little out of my comfort zone here. Besides basic internet surfing, I'm pretty dumb when it comes to all of this stuff.
Navigation
[0] Message Index
[#] Next page
Go to full version