• Announcements

    • LS.Andy

      Support for other products than adaware, ad block, web protection and Web Companion   05/05/2017

      Support for the following products is handled by the Lavasoft support team: Lavasoft Tuneup Kit Lavasoft PC Optimizer Lavasoft Driver Updater Lavasoft Registry Tuner Lavasoft Privacy Toolbox Lavasoft File Shredder Lavasoft Digital Lock

      For help with these products, contact the support team here: http://www.lavasoft.com/support/supportcenter/
       
Sign in to follow this  
Followers 0
misterphoneman

Search Engine Misdirection

1 post in this topic

Please help! I seem to be having trouble using web search engines like Google, Yahoo etc. When I conduct my search and get the results, I then try to launch the desired link. But instead of getting to the website I'm trying to access I get the following redirection on my IE window...

 

I get this first...

http://89.149.227.101/click.php?c=bb89cd83...06f4004&r=1

Then I get this...

http://www.easywebsearch.net/search.php?qq= "Searched Keywords"

 

I ran Ad-Aware vs 7.0.1.6 (as well as other spyware and virus detectors) also clearing out my Temp and IE Temp/Cookie (cleanmgr) files but with no luck. Please help!

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 6:20:48 PM, on 8/22/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

C:\WINDOWS\System32\WLTRYSVC.EXE

C:\WINDOWS\System32\bcmwltry.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\BigFix Enterprise\BES Client\BESClient.exe

C:\WINDOWS\SYSTEM32\DWRCS.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\Program Files\Utimaco\SafeGuard Easy\SgeClient.exe

C:\Program Files\Utimaco\SafeGuard Easy\SgeCtl.exe

C:\WINDOWS\system32\SgLogPlayer.exe

C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.7\bin\tcsd_win32.exe

C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe

C:\Program Files\Utimaco\SafeGuard Easy\WksCfgSrv.exe

C:\WINDOWS\system32\CCM\CcmExec.exe

C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe

C:\PROGRAM FILES\TREND MICRO\OFFICESCAN CLIENTFCD0G.EXE

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\SYSTEM32\DWRCST.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Apoint\Apoint.exe

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\Program Files\Apoint\HidFind.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\WLTRAY.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\stsystra.exe

C:\Program Files\Trend Micro\OfficeScan Client\Pccntmon.exe

C:\Program Files\Utimaco\SafeGuard Easy\Ecview.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\Citrix\ICA Client\pnagent.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://vzweb.vzwcorp.com/

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://vzweb.vzwcorp.com/

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: PolicyMaker Browser Helper - {0A9CDB52-EBDF-4210-9C6A-B90C2FD410AB} - C:\WINDOWS\system32\pmbho.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: HttpGuard - {98B822AD-6BE7-49BC-B773-97240B774080} - C:\WINDOWS\system32\AClient.dll

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe

O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe

O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\Pccntmon.exe" -HideWindow

O4 - HKLM\..\Run: [sgeEcView] "C:\Program Files\Utimaco\SafeGuard Easy\Ecview.exe"

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKCU\..\Run: [ModemOnHold] C:\Documents and Settings\Administrator\Desktop\NetWaiting\netwaiting.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'Default user')

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

O4 - Global Startup: Bluetooth Manager.lnk = ?

O4 - Global Startup: Program Neighborhood Agent.lnk = C:\Program Files\Citrix\ICA Client\pnagent.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://njcwednavp1:4343/officescan/console...ll/WinNTChk.cab

O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB

O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - https://njcwednavp1:4343/officescan/console...stall/setup.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - https://njcwednavp1:4343/officescan/console/html/AtxEnc.cab

O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - https://njcwednavp1:4343/officescan/console.../RemoveCtrl.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1185404606265

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1185404600015

O16 - DPF: {E3CA256C-E054-4CD2-9C79-115D3A6B3314} (Lucent EESD Download Control) - https://download.support.lucent.com/ActiveX/w32RmtAgent.cab

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = win.eng.vzwnet.com

O17 - HKLM\Software\..\Telephony: DomainName = win.eng.vzwnet.com

O17 - HKLM\System\CCS\Services\Tcpip\..\{E2089C83-A012-4EC1-A927-A7E66E8B2F34}: NameServer = 66.174.95.44 69.78.96.14

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = win.eng.vzwnet.com

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = win.eng.vzwnet.com,eng.myvzw.com,eng.vzwcorp.com,uswin.ad.vzwcorp.com

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = win.eng.vzwnet.com,eng.myvzw.com,eng.vzwcorp.com,uswin.ad.vzwcorp.com

O20 - Winlogon Notify: NotLog - C:\WINDOWS\SYSTEM32\SGLogEx.dll

O20 - Winlogon Notify: SGLogNotification - C:\WINDOWS\SYSTEM32\SGLogNotification.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: BES Client (BESClient) - BigFix Inc. - C:\Program Files\BigFix Enterprise\BES Client\BESClient.exe

O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Contivity VPN Service (ExtranetAccess) - Nortel Networks NA, Inc. - C:\Program Files\Nortel Networks\Extranet_serv.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: SafeGuard Easy Client (SgeClient) - Unknown owner - C:\Program Files\Utimaco\SafeGuard Easy\SgeClient.exe

O23 - Service: SafeGuard Easy Control (SgeCtl) - Utimaco Safeware AG - C:\Program Files\Utimaco\SafeGuard Easy\SgeCtl.exe

O23 - Service: SafeGuard SGLOG Player (SgLogPlayer) - Utimaco Safeware AG - C:\WINDOWS\system32\SgLogPlayer.exe

O23 - Service: NTRU Hybrid TSS v2.0.7 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.7\bin\tcsd_win32.exe

O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe

O23 - Service: OfficeScan NT Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe

O23 - Service: SafeGuard Easy Workstation Server (WksCfgSrv) - Utimaco Safeware AG - C:\Program Files\Utimaco\SafeGuard Easy\WksCfgSrv.exe

O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

 

--

End of file - 10838 bytes

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0