IE being redirected

S

Smiley

Hi,

I thought it is more likely to be an virus issue but I have scanned the
machine with paid and free software, registry cleaner but nothing showed up
as suspecious.

Use IE to do google search, I am always redirected to somewhere else. Not
what I was looking for, e.g. Oxford radio station, ended up with something
else. Also noticed the following pattern, which selected a link from the
search result, the first 2 links always appear but the 3rd one is random.
Anyone any idea ?

http://201.218.196.152/click.php?c=16b0708e0b6f767ad06f4004&r=2

http://www.search-daily.com/search.php?qq=nnnnn

http://www.growingbusiness.co.uk/06...ising-finance.html?rw.cm=Miva,PPC,nnnnn nnnnn
 
L

Leythos

firework123 said:
Hi,

I thought it is more likely to be an virus issue but I have scanned the
machine with paid and free software, registry cleaner but nothing showed up
as suspecious.

Use IE to do google search, I am always redirected to somewhere else. Not
what I was looking for, e.g. Oxford radio station, ended up with something
else. Also noticed the following pattern, which selected a link from the
search result, the first 2 links always appear but the 3rd one is random.
Anyone any idea ?

http://201.218.196.152/click.php?c=16b0708e0b6f767ad06f4004&r=2

http://www.search-daily.com/search.php?qq=nnnnn

http://www.growingbusiness.co.uk/06...ising-finance.html?rw.cm=Miva,PPC,nnnnn nnnnn
Click to expand...

The following links will take you to vendors sites for Spy Ware / Ad
ware removal tools and also for Antivirus tools. After you install any
of these applications and update them, run them in SAFE MODE to allow
them to properly clean your system.

First, make sure that your Java is updated to the latest version:
http://www.java.com/en/download/index.jsp

These sites are for downloading Anti-Malware and Anti-Spyware tools, in
order that I would use them myself:

Dave Lipman's tools:
Download MULTI_AV.EXE from the URL --
http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe

AdAwareSE can be found here:
http://www.lavasoft.com/products/ad_aware_free.php

SpyBot Search and Destroy can be found here:
http://www.safer-networking.org/en/download/index.html

Secured2K's AntiPauper (download link/info at)
http://secured2k.home.comcast.net/tools/AntiPuper.exe

Rogue Fix - This removal tool is the property of Internet Inspiration
http://www.internetinspiration.co.uk/roguefix.htm

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
(e-mail address removed) (remove 999 for proper email address)
 
S

Sandy Mann

Ron

The link that you supplied to spybot does not seem to be the same a spybot -
search & destroy which I usually see recommended in these NG's and none of
the links for spybot on that site, (ie the one you supplied) , seem to work,
at least for me. Did you really mean that Sptbot or did you intend Spybot
S&D?
 
S

Straight Talk

Spyware/adware cause numerous system problems. I recommend you download and
use AdAware or Spybot (or both) on a regular basis and consider removing
everything these programs identify.
Click to expand...

How about simply using another browser in order to not get it on your
system in the first place?

Once the crap is there, you really cannot rely on stuff like Ad Aware
and Spybot to remove it.
 
R

Ron Badour

Sandy,

That link takes you directly to a site that lists:
Search & Destroy
2007 Leading Spyware Remover
Download It Here - Free!

However, once that link is clicked, you are taken to Spywarebot. Talk
about deceptive practices !!! Thanks for the heads up--I will change my
crib sheet to:

http://www.safer-networking.org/en/download/
 
R

Richard Urban

Have you run Ad-Aware in deep scan mode? The same for your antivirus. Many
times the default scan is a quick sweep. If anything is found you then
should load all the pistols chambers for a comprehensive sweep.

Boot into safe mode and run your scans from there. You may be surprised at
what may turn up.

--

Regards,

Richard Urban
Microsoft MVP Windows Shell/User
(For email, remove the obvious from my address)
 
M

Milo \(MSPSS\)

A possible instance it wasnt detected or so removed by the following
security tools is that it is a new or a day zero infection ( new ). We may
have to proceed with manual removal on such matter.

Please call 866 727 2338 ( Microsoft Security US/CANADA ) - Toll free and
free support or if you aren't from the said location please reply so that we
can assist you from here.
 
D

Dustin Cook

A possible instance it wasnt detected or so removed by the following
security tools is that it is a new or a day zero infection ( new ). We
may have to proceed with manual removal on such matter.
Click to expand...

Couldn't just... oh, fix the browser? Seems like that would be easier.
*j.k*


--
Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2d
Email.: (e-mail address removed)
Web...: http://bughunter.it-mate.co.uk
Pad...: http://bughunter.it-mate.co.uk/pad.xml
PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt
 
H

Heather

Milo (MSPSS) said:
Please call 866 727 2338 ( Microsoft Security US/CANADA ) - Toll free
and free support or if you aren't from the said location please reply
so that we can assist you from here.
Click to expand...

Milo......if you had read his headers, you would have seen that he lives
in England and his ISP is demon.co.uk. It is obvious what "UK" stands
for, grin.

Just a head's up.....Heather
 
M

Milo \(MSPSS\)

Well as per heather in you are a resident of UK please proceed with
Microsoft Security Hotline
0870 60 10 100
 
D

didier_53

Same for a friend of me :

google searches gives good results but when clicking a link, a radom
commercial page come up !

We used last version of avast and add-aware :



avast > dont detect anomaly
ad-aware / ad-watch paid version > dont detect anomaly
testing with installing firefox in second hand browser > Same problem!

is it a new virus ?
is the dns server of his isp in cause ?

any idea?
 
Top