Question---Are you running IE5? If you are that explains a lot of your
problems. IE6 I believe is required for MSAS.
Ira
"Google links go to wrong URL"
: Andy,
:
: Firstly many thanks for your efforts to help me, it's very much
appreciated.
:
: I did all you said and the problem still exists. Something happened that
may
: help to solve the problem. When I was searching for sp.ex and inetbar
: (neither of which showed up in Hijack This) my computer crashed every
time
: the search tried to access the following folder
: C:\...\LocalSettings\temp\TemporaryInternetFiles\Content.IE5\
:
: Is is safe to delete this directory and start again?
:
: Cheers
:
: Mick
:
:
: "AndyManchesta" wrote:
:
: > Hi There ,
: >
: > Here's some info on ntsearch:
: >
: >
http://www.sophos.com/virusinfo/analyses/trojspoonerb.html
: >
: > the filename is sp.exe but that part will be clearer by viewing the
Hijack
: > This log, If you cannot find these entries due to Microsoft Antispy
already
: > removing them then skip this part and download Ewido & Ad-aware SE to
check
: > for other problems,
: >
: > Run Hijack This and choose to do a system scan and save the logfile,
check
: > the 04 run key area for a path leading to sp.exe and fix that entry if
found
: > by placing a checkmark next to the entry and pressing Fix Checked with
all
: > other open windows except Hijack This closed but make a note of where
the
: > sp.exe file is (Typically c:\sp.exe or c:\windows\sp.exe) like this
entry:
: >
: > O4 - HKCU\..\Run: [sp] C:\sp.exe
: >
: > For inetbar check the 04 run key area for 'ibautolaunch' and fix if
found
: > then after fixing the entries reboot and delete the sp.exe file from
your
: > system.
: >
: > c:\sp.exe <--Delete this file
: >
: > c:\Windows\sp.exe <--Delete this file
: >
: > For Inetbar check for these folder's and delete them,
: >
: > c:\programfiles\inetbar <--Delete this folder
: >
: > c:\programfiles\commonfiles\inetcash <--Delete this folder
: >
: > You may need to enable hidden files and folders to find the sp.exe
file,
: >
: > To Enable Hidden Files and Folders
: >
: > Click Start > Open My Computer > Select the Tools menu from the top
bar
and
: > click Folder Options > Select the View Tab.
: >
: > Under the Hidden files and folders heading select Show hidden files
and
: > folders.
: > Uncheck the Hide protected operating system files (recommended)
option.
: >
: > Click Yes to confirm > Click OK.
: >
: > Set this back after you have checked for the files by opening the same
page
: > and pressing "Restore Defaults"
: >
: >
: > Please then download, install, and update the trial version of ewido
: > security suite
: >
: >
http://www.ewido.net/en/download/
: >
: > When installing, under "Additional Options" uncheck "Install
background
: > guard" and "Install scan via context menu". Click on update in the
left
menu,
: > then click the Start update button. After the update finishes close
Ewido
: >
: > Then download Ad-Aware SE from here:
: >
: >
http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10045910.html
: >
: > Install Ad-Aware and run it. In the bottom-right hand corner, click
"Check
: > for updates now". Click "Connect" to download the newest reference
file
then
: > close Ad-Aware,
: >
: > Now reboot to Safe Mode - Restart your computer and immediately begin
: > tapping the F8 key on your keyboard.
: > If done right a Windows Advanced Options menu will appear. Select the
Safe
: > Mode option and press Enter.
: > To return to normal mode just restart your computer as you normally
would.
: >
: > Open Ad-Aware SE and click 'Start'. Select "Full System Scan" and then
click
: > "Next". Ad-Aware will then scan for malware. When it is finished, make
sure
: > all objects listed are selected and click "Next" to remove anything
found.
: >
: > Run Ewido again. From the main menu click on 'scanner' then click
'Complete
: > System Scan' When ewido finds something, it will pop up a
notification.
: > Select "Remove" and check the boxes "Perform action with all
infections"
and
: > "Create encrypted backup" then click on ok.When the scan finishes,
click
on
: > "Save Report" and save it to your desktop or c:/drive incase you need
it
: > again.
: >
: > Reboot back to normal mode ,
: >
: > Goto Start Menu then Control Panel and click Internet Options, Click
the
: > Programs Tab and press "Reset Web Settings" and include the homepage
then
: > press Yes, Then goto the General Tab and enter the homepage you want
to
use
: > into the space provided and press Apply .
: >
: > Let us know if the problems continue and post the contents of the
Ewido
scan
: > log then we can have a closer look at your system using Hijack This if
needed.
: >
: > Regards
: >
: > Andy
: >
: >
: >
: > "Google links go to wrong URL" wrote:
: >
: > > Many Thanks for that Ira,
: > >
: > > Downloaded & run Hijack This and ended up with a big list. How on
earth do I
: > > know what to delete?
: > >
: > > Hope you can offer some help
: > >
: > > Cheers
: > >
: > > "Ira" wrote:
: > >
: > > > It sounds like you have been Hijacked, Try running Hijack This.
: > > > Ira
: > > > "Google links go to wrong URL, IE Problem" <Google links go to
wrong
URL, IE
: > > > (e-mail address removed)> wrote in message
: > > > : > > > : Having a nightmare with links from a google search, they don't
link to the
: > > > : correct URL and I get transfered to another site. Downloaded &
installed
: > > > MS
: > > > : Antispyware Beta 1 and it came up with a couple of severe
problems
for the
: > > > : following:
: > > > :
: > > > : INetBar Spyware
: > > > : CoolWebSearch.ntsearch Browser Modifier
: > > > :
: > > > : It recommended deleting them which I did, but the problem still
exists.
: > > > IE,
: > > > : MS Word & Excell also take a long time to open up. I've tried
running the
: > > > : Antispyware many times but it isn't detecting any problems.
: > > > :
: > > > : Any suggestions would be most welcome.
: > > > :
: > > > : Thanks
