i realized there was a redirect virus on my computer…<\/p>\n
i figured out the issue my self using task manager ( stopped all other processes except Internet explorer and assumed the one that would pop up would be the issue…)<\/p>\n
i have used trend micro- hijack this -heard of it from other users saying it would help to fix the problem<\/p>\n
i have no idea what to think of it because there was a pop up that said:<\/p>\n
For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, Hijack This may NOT be able to fix this.<\/p>\n
If that happens, you need to edit the file yourself. To do this, … Run and type:<\/p>\n
notepad C:\\Windows\\System32\\drivers\\etc\\hosts
\nand pres enter. find the line(s) Hijack this reports and delete them. Save the file as ‘hosts.’ and reboot.<\/p>\n
…then there was another option for vista- i have this and right click ->run as administrator.<\/p>\n
do i need to edit the file?… how would i know?<\/p>\n
this is the log and its really long because i wasn’t sure if i needed to not include anything<\/p>\n
Log file of Trend Micro Hijack This v2.0.4
\nScan saved at 18:41:12, on 2011-11-08
\nPlatform: Windows Vista SP2 (WinNT 6.00.1906)
\nMSIE: Internet Explorer v9.00 (9.00.8112.16421)
\nBoot mode: Normal<\/p>\n
Running processes:
\nC:\\Windows\\system32\\taskeng.exe
\nC:\\Windows\\Explorer.EXE
\nC:\\Program Files\\Windows Defender\\MSASCui.exe
\nC:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe
\nC:\\Windows\\sttray.exe
\nC:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe
\nC:\\Program Files\\ATI Technologies\\ATI.ACE\\CLI.EXE
\nC:\\Program Files\\ATI Technologies\\ATI.ACE\\CLI.exe
\nC:\\Program Files\\ATI Technologies\\ATI.ACE\\CLI.exe
\nC:\\Program Files\\Internet Explorer\\iexplore.exe
\nC:\\Program Files\\Internet Explorer\\iexplore.exe
\nC:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe
\nC:\\Program Files\\Internet Explorer\\iexplore.exe
\nC:\\Program Files\\Trend Micro\\Hijack This\\Hijack This.exe
\nC:\\Windows\\System32\\SnippingTool.exe
\nC:\\Program Files\\Internet Explorer\\iexplore.exe
\nC:\\Program Files\\Windows Media Player\\wmpnscfg.exe<\/p>\n
R1 – HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page =\u00a0http:\/\/go.microsoft.com\/fwlink\/?Lin…<\/a> thank you very much to anyone willing to give me advice<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"inline_featured_image":false,"iawp_total_views":81},"question-category":[56],"question_tags":[],"class_list":["post-7192","question","type-question","status-publish","hentry","question-category-security"],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/computing.net\/answers\/wp-json\/wp\/v2\/question\/7192","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/computing.net\/answers\/wp-json\/wp\/v2\/question"}],"about":[{"href":"https:\/\/computing.net\/answers\/wp-json\/wp\/v2\/types\/question"}],"author":[{"embeddable":true,"href":"https:\/\/computing.net\/answers\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/computing.net\/answers\/wp-json\/wp\/v2\/comments?post=7192"}],"wp:attachment":[{"href":"https:\/\/computing.net\/answers\/wp-json\/wp\/v2\/media?parent=7192"}],"wp:term":[{"taxonomy":"question-category","embeddable":true,"href":"https:\/\/computing.net\/answers\/wp-json\/wp\/v2\/question-category?post=7192"},{"taxonomy":"question_tags","embeddable":true,"href":"https:\/\/computing.net\/answers\/wp-json\/wp\/v2\/question_tags?post=7192"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nR1 – HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL =\u00a0http:\/\/go.microsoft.com\/fwlink\/?Lin…<\/a>
\nR1 – HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page =\u00a0http:\/\/go.microsoft.com\/fwlink\/?Lin…<\/a>
\nR0 – HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page =\u00a0http:\/\/go.microsoft.com\/fwlink\/?Lin…<\/a>
\nR0 – HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant =
\nR0 – HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch =
\nR1 – HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Window Title = Internet Explorer provided by Dell
\nR1 – HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings,ProxyServer = http=127.0.0.1:6522
\nR0 – HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName =
\nR3 – URLSearchHook: (no name) – {88c7f2aa-f93f-432c-8f0e-b7d85967a527} – (no file)
\nO1 – Hosts: ::1 local host
\nO2 – BHO: StumbleUpon Launcher – {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} – C:\\Program Files\\StumbleUpon\\StumbleUponIEBar.dll
\nO2 – BHO: AcroIEHelperStub – {18DF081C-E8AD-4283-A596-FA578C2EBDC3} – C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll
\nO2 – BHO: (no name) – {9D425283-D487-4337-BAB6-AB8354A81457} – (no file)
\nO2 – BHO: AIM Toolbar Loader – {b0cda128-b425-4eef-a174-61a11ac5dbf8} – C:\\Program Files\\AIM Toolbar\\aimtb.dll (file missing)
\nO2 – BHO: CBrowserHelperObject Object – {CA6319C0-31B7-401E-A518-A07C3DB8F777} – C:\\Program Files\\Dell\\BAE\\BAE.dll
\nO2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:\\Program Files\\Java\\jre6\\bin\\jp2ssv.dll
\nO2 – BHO: Yontoo Layers – {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} – C:\\Program Files\\Yontoo Layers\\YontooIEClient.dll (file missing)
\nO3 – Toolbar: AIM Toolbar – {61539ecd-cc67-4437-a03c-9aaccbd14326} – C:\\Program Files\\AIM Toolbar\\aimtb.dll (file missing)
\nO3 – Toolbar: StumbleUpon Toolbar – {5093EB4C-3E93-40AB-9266-B607BA87BDC8} – C:\\Program Files\\StumbleUpon\\StumbleUponIEBar.dll
\nO3 – Toolbar: (no name) – {9D425283-D487-4337-BAB6-AB8354A81457} – (no file)
\nO4 – HKLM\\..\\Run: [Windows Defender] %ProgramFiles%\\Windows Defender\\MSASCui.exe -hide
\nO4 – HKLM\\..\\Run: [SynTPEnh] C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe
\nO4 – HKLM\\..\\Run: [ATICCC] “C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe”
\nO4 – HKLM\\..\\Run: [Broadcom Wireless Manager UI] C:\\Windows\\system32\\WLTRAY.exe
\nO4 – HKLM\\..\\Run: [ISUSScheduler] “C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe” -start
\nO4 – HKLM\\..\\Run: [dscactivate] c:\\dell\\dsca.exe 3
\nO4 – HKLM\\..\\Run: [ECenter] C:\\Dell\\E-Center\\EULALauncher.exe
\nO4 – HKLM\\..\\Run: [LogitechQuickCamRibbon] “C:\\Program Files\\Logitech\\Logitech WebCam Software\\LWS.exe” \/hide
\nO4 – HKLM\\..\\Run: [iTunesHelper] “C:\\Program Files\\iTunes\\iTunesHelper.exe”
\nO4 – HKLM\\..\\Run: [RegWork] C:\\Program Files\\RegWork\\RegWork.exe
\nO4 – HKLM\\..\\Run: [MSConfig] “C:\\Windows\\System32\\msconfig.exe” \/auto
\nO4 – HKLM\\..\\Run: [Adobe Reader Speed Launcher] “C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe”
\nO4 – HKLM\\..\\Run: [Adobe ARM] “C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe”
\nO4 – HKLM\\..\\Run: [QuickTime Task] “C:\\Program Files\\QuickTime\\QTTask.exe” -atboottime
\nO4 – HKLM\\..\\Run: [SigmatelSysTrayApp] sttray.exe
\nO4 – HKLM\\..\\Run: [SunJavaUpdateSched] “C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe”
\nO4 – HKCU\\..\\Run: [ehTray.exe] C:\\Windows\\ehome\\ehTray.exe
\nO4 – HKCU\\..\\Run: [EA Core] “C:\\Program Files\\Electronic Arts\\EADM\\Core.exe” -silent
\nO4 – HKCU\\..\\Run: [Speech Recognition] “C:\\Windows\\Speech\\Common\\sapisvr.exe” -SpeechUX -Startup
\nO4 – HKCU\\..\\Run: [jhcelcof] C:\\Users\\Jenny\\AppData\\Local\\yhirmkvkp\\dthcdneshdw.exe
\nO4 – HKCU\\..\\Run: [Sidebar] C:\\Program Files\\Windows Sidebar\\sidebar.exe
\nO4 – HKCU\\..\\Run: [BitTorrent DNA] “C:\\Users\\Jenny\\Program Files\\DNA\\btdna.exe”
\nO4 – HKCU\\..\\Run: [ctfmon.exe] C:\\WINDOWS\\system32\\ctfmon.exe
\nO4 – HKCU\\..\\Run: [Google Update] “C:\\Users\\Jenny\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe” \/c
\nO4 – HKCU\\..\\Run: [EADM] “C:\\Program Files\\Origin\\Origin.exe” -AutoStart
\nO4 – HKCU\\..\\Run: [WMPNSCFG] C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe
\nO4 – HKCU\\..\\RunOnce: [FlashPlayerUpdate] C:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe -update activex
\nO4 – Global Startup: Digital Line Detect.lnk = C:\\Program Files\\Digital Line Detect\\DLG.exe
\nO4 – Global Startup: QuickSet.lnk = ?
\nO8 – Extra context menu item: Google Sidewiki… – res:\/\/C:\\Program Files\\Google\\Google Toolbar\\Component\\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll\/cmsidewiki.html
\nO8 – Extra context menu item: StumbleUpon PhotoBlog It! – res:\/\/StumbleUponIEBar.dll\/blogimage
\nO11 – Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
\nO16 – DPF: {1C3DE665-D259-4C72-9D7D-C51FCB4CCFB9} (Panasonic Network Camera) –\u00a0http:\/\/62.2.213.149\/SysCamInst.cab<\/a>
\nO16 – DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} –\u00a0http:\/\/platformdl.adobe.com\/NOS\/get…<\/a>
\nO16 – DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} –\u00a0http:\/\/content.systemrequirementsla…<\/a>
\nO22 – SharedTaskScheduler: Component Categories cache daemon – {8C7461EF-2B13-11d2-BE35-3078302C2030} – C:\\Windows\\system32\\browseui.dll
\nO23 – Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) – Unknown owner – C:\\Program Files\\Adobe\\Elements Organizer 8.0\\PhotoshopElementsFileAgent.exe (file missing)
\nO23 – Service: Apple Mobile Device – Apple Inc. – C:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\AppleMobileDeviceService.exe
\nO23 – Service: Ati External Event Utility – ATI Technologies Inc. – C:\\Windows\\system32\\Ati2evxx.exe
\nO23 – Service: Bonjour Service – Apple Inc. – C:\\Program Files\\Bonjour\\mDNSResponder.exe
\nO23 – Service: DSBrokerService – Unknown owner – C:\\Program Files\\DellSupport\\brkrsvc.exe (file missing)
\nO23 – Service: FLEXnet Licensing Service – Acresso Software Inc. – C:\\Program Files\\Common Files\\Macrovision Shared\\FLEXnet Publisher\\FNPLicensingService.exe
\nO23 – Service: Google Update Service (gupdate) (gupdate) – Google Inc. – C:\\Program Files\\Google\\Update\\GoogleUpdate.exe
\nO23 – Service: Google Update Service (gupdatem) (gupdatem) – Google Inc. – C:\\Program Files\\Google\\Update\\GoogleUpdate.exe
\nO23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\\Program Files\\Common Files\\InstallShield\\Driver\\11\\Intel 32\\IDriverT.exe
\nO23 – Service: iPod Service – Apple Inc. – C:\\Program Files\\iPod\\bin\\iPodService.exe
\nO23 – Service: Process Monitor (LVPrcSrv) – Logitech Inc. – C:\\Program Files\\Common Files\\LogiShrd\\LVMVFM\\LVPrcSrv.exe
\nO23 – Service: My Web Search Service (MyWebSearchService) – Unknown owner – C:\\PROGRA~1\\MYWEBS~1\\bar\\1.bin\\mwssvc.exe (file missing)
\nO23 – Service: PnkBstrA – Unknown owner – C:\\Windows\\system32\\PnkBstrA.exe
\nO23 – Service: RoxMediaDB9 – Sonic Solutions – C:\\Program Files\\Common Files\\Roxio Shared\\9.0\\SharedCOM\\RoxMediaDB9.exe
\nO23 – Service: Roxio Hard Drive Watcher 9 (RoxWatch9) – Sonic Solutions – C:\\Program Files\\Common Files\\Roxio Shared\\9.0\\SharedCOM\\RoxWatch9.exe
\nO23 – Service: stllssvr – MicroVision Development, Inc. – C:\\Program Files\\Common Files\\SureThing Shared\\stllssvr.exe
\nO23 – Service: StumbleUponUpdateService – stumbleupon.com – C:\\Program Files\\StumbleUpon\\StumbleUponUpdateService.exe
\nO23 – Service: Dell Wireless WLAN Tray Service (wltrysvc) – Unknown owner – C:\\Windows\\System32\\WLTRYSVC.EXE
\nO23 – Service: XAudioService – Conexant Systems, Inc. – C:\\Windows\\system32\\DRIVERS\\xaudio.exe<\/p>\n