Jump to content
Come try out our new Arcade we just put up, new games added weekly. Link at the top of the website ×

Redirecting my explorer


Rescue 911

Recommended Posts


  • Member ID:  1055
  • Group:  ***- Inactive Clan Members
  • Followers:  37
  • Topic Count:  47
  • Topics Per Day:  0.01
  • Content Count:  356
  • Content Per Day:  0.07
  • Reputation:   9
  • Achievement Points:  2344
  • Solved Content:  0
  • Days Won:  0
  • Joined:  01/26/10
  • Status:  Offline
  • Last Seen:  
  • Birthday:  04/09/1977
  • Device:  Android

Hi everyone, i have some issues with explorer when i google something and try to connect to the websites. It's always redirecting me to some other websites, what can i do to repair that or fix it? I've tried something it was saying on the internet about it but when i was trying to save my folders, it was saying i didn't have the autorisation to save it? Since when i can't even save my things on my own computer.... Anyone can help me please?

 

Thanks in advance for your help....

Link to comment
Share on other sites



  • Member ID:  4
  • Group:  ++++ Senior Admin
  • Followers:  169
  • Topic Count:  1090
  • Topics Per Day:  0.20
  • Content Count:  5149
  • Content Per Day:  0.97
  • Reputation:   3004
  • Achievement Points:  43495
  • Solved Content:  0
  • Days Won:  14
  • Joined:  09/01/09
  • Status:  Offline
  • Last Seen:  
  • Birthday:  08/16/1967
  • Device:  Windows


  • Member ID:  1194
  • Group:  ***- Inactive Clan Members
  • Followers:  40
  • Topic Count:  436
  • Topics Per Day:  0.08
  • Content Count:  6692
  • Content Per Day:  1.30
  • Reputation:   11691
  • Achievement Points:  53094
  • Solved Content:  0
  • Days Won:  76
  • Joined:  02/27/10
  • Status:  Offline
  • Last Seen:  
  • Birthday:  04/15/1960
  • Device:  Windows

Yep, you have a virus or malware.  Take Rockapes advice and run the program.

Link to comment
Share on other sites



  • Member ID:  2083
  • Group:  **- Inactive Registered Users
  • Followers:  42
  • Topic Count:  172
  • Topics Per Day:  0.04
  • Content Count:  3554
  • Content Per Day:  0.73
  • Reputation:   4992
  • Achievement Points:  23761
  • Solved Content:  0
  • Days Won:  6
  • Joined:  12/31/10
  • Status:  Offline
  • Last Seen:  
  • Birthday:  10/20/1962

yeah agreed with LOM & Rockape also run ...... hijack this by trend micro, they both worked for me just a week ago!

 

http://www.spychecker.com/program/hijackthis.html

Link to comment
Share on other sites



  • Member ID:  2048
  • Group:  ***- Inactive Clan Members
  • Followers:  0
  • Topic Count:  294
  • Topics Per Day:  0.06
  • Content Count:  6689
  • Content Per Day:  1.38
  • Reputation:   4709
  • Achievement Points:  48999
  • Solved Content:  0
  • Days Won:  5
  • Joined:  12/15/10
  • Status:  Offline
  • Last Seen:  
  • Birthday:  05/30/1967
  • Device:  Windows

http://www.malwareremovalguides.info/pup-webcake-removal-guide/

Edited by Damage_inc-
Link to comment
Share on other sites



  • Member ID:  1055
  • Group:  ***- Inactive Clan Members
  • Followers:  37
  • Topic Count:  47
  • Topics Per Day:  0.01
  • Content Count:  356
  • Content Per Day:  0.07
  • Reputation:   9
  • Achievement Points:  2344
  • Solved Content:  0
  • Days Won:  0
  • Joined:  01/26/10
  • Status:  Offline
  • Last Seen:  
  • Birthday:  04/09/1977
  • Device:  Android

ok thanks guys for your advices and help ;-)

Link to comment
Share on other sites



  • Member ID:  1965
  • Group:  Fallen Members
  • Followers:  0
  • Topic Count:  43
  • Topics Per Day:  0.01
  • Content Count:  1176
  • Content Per Day:  0.24
  • Reputation:   1082
  • Achievement Points:  8599
  • Solved Content:  0
  • Days Won:  0
  • Joined:  11/12/10
  • Status:  Offline
  • Last Seen:  
  • Birthday:  02/11/1969

sounds like an add on in your browser....sometimes they sneak those things in .....check all your add ons..in explorer....someone has definately hijacked something

Link to comment
Share on other sites



  • Member ID:  1055
  • Group:  ***- Inactive Clan Members
  • Followers:  37
  • Topic Count:  47
  • Topics Per Day:  0.01
  • Content Count:  356
  • Content Per Day:  0.07
  • Reputation:   9
  • Achievement Points:  2344
  • Solved Content:  0
  • Days Won:  0
  • Joined:  01/26/10
  • Status:  Offline
  • Last Seen:  
  • Birthday:  04/09/1977
  • Device:  Android

Ok i downloaded the malwarebites and scan it, it showed me some issues and removed them but still doing the same crap. When i make a search for a website and click on it after it's always redirecting me to some other websites and showing redirecting..... to some crap websites..... Do i have other options?

Link to comment
Share on other sites



  • Member ID:  1055
  • Group:  ***- Inactive Clan Members
  • Followers:  37
  • Topic Count:  47
  • Topics Per Day:  0.01
  • Content Count:  356
  • Content Per Day:  0.07
  • Reputation:   9
  • Achievement Points:  2344
  • Solved Content:  0
  • Days Won:  0
  • Joined:  01/26/10
  • Status:  Offline
  • Last Seen:  
  • Birthday:  04/09/1977
  • Device:  Android

On internet someone was saying that in that file i have to see this inside only: hosts file:(located in \Windows\System32\drivers\etc

Inside Hosts i have this

 

# localhost name resolution is handled within DNS itself.
# 127.0.0.1       localhost
# ::1             localhost

 

In red i shouldn't see that inside but when i try to delete it it says that i don't have access to delete that, how can i fix that? Where can i change my own access to be able to fix this?

Link to comment
Share on other sites



  • Member ID:  755
  • Group:  ***- Inactive Clan Members
  • Followers:  21
  • Topic Count:  120
  • Topics Per Day:  0.02
  • Content Count:  2191
  • Content Per Day:  0.42
  • Reputation:   961
  • Achievement Points:  14309
  • Solved Content:  0
  • Days Won:  0
  • Joined:  11/17/09
  • Status:  Offline
  • Last Seen:  
  • Birthday:  01/14/1982

If this all of the content in your hosts file you're fine.

That's mine (the # means that the entries don't take effect):

529a348b35303_hosts.gif

 

How it works:

The hosts file allows you to manipulate your local DNS settings.
For example:

If you add this line:
74.208.112.174 google.com

you will be redirected to the XI Website everytime you try to open http://www.google.com

This is the easiest way to force users to crappy websites. But most anti virus tools will deny access to this file by any program.
Manupulating this file takes effect to ALL installed browsers. You have this problem only with IE, right?

Link to comment
Share on other sites



  • Member ID:  2313
  • Group:  Fallen Members
  • Followers:  0
  • Topic Count:  330
  • Topics Per Day:  0.07
  • Content Count:  4924
  • Content Per Day:  1.03
  • Reputation:   3034
  • Achievement Points:  33897
  • Solved Content:  0
  • Days Won:  4
  • Joined:  03/19/11
  • Status:  Offline
  • Last Seen:  
  • Birthday:  05/26/1974

also try deleting ur browser cookies and history too that may help

Link to comment
Share on other sites



  • Member ID:  155
  • Group:  *** Clan Members
  • Followers:  211
  • Topic Count:  61
  • Topics Per Day:  0.01
  • Content Count:  989
  • Content Per Day:  0.19
  • Reputation:   760
  • Achievement Points:  6973
  • Solved Content:  0
  • Days Won:  2
  • Joined:  09/02/09
  • Status:  Offline
  • Last Seen:  
  • Birthday:  11/29/1967
  • Device:  Android

Are you getting advertisements that interrupt your internet too. if so its a malware program too its spyware get a spyware removal

Link to comment
Share on other sites



  • Member ID:  3036
  • Group:  ***- Inactive Clan Members
  • Followers:  31
  • Topic Count:  219
  • Topics Per Day:  0.05
  • Content Count:  9419
  • Content Per Day:  2.09
  • Reputation:   7515
  • Achievement Points:  62539
  • Solved Content:  0
  • Days Won:  21
  • Joined:  11/29/11
  • Status:  Offline
  • Last Seen:  
  • Birthday:  04/26/2008
  • Device:  Windows

Spybot s&d is a good program also.

 

http://www.safer-networking.org/

Link to comment
Share on other sites



  • Member ID:  2162
  • Group:  ++ COD4 Admin
  • Followers:  153
  • Topic Count:  152
  • Topics Per Day:  0.03
  • Content Count:  5080
  • Content Per Day:  1.06
  • Reputation:   5008
  • Achievement Points:  44606
  • Solved Content:  0
  • Days Won:  22
  • Joined:  01/25/11
  • Status:  Offline
  • Last Seen:  
  • Birthday:  02/26/1972
  • Device:  Windows

I'm so used to reformatting that I can do it blind folded.

 

1 bad thing about Windows is that Internet Exploder is integrated into the OS that's why I use Firefox for a browser on my gaming machine.I'm using linix based Zorin OS7 Ultimate on my web computer and loving it.

 

Most times you can find and delete infections the old fashioned way by deleting registry entries and infected files in safe mode BUT this takes a few hours of digging to get rid of everything and you have to know what your looking for.

 

Run Hyjackthis http://download.cnet.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html in Safe Mode and manually delete the contents of your Temp folders also in safe mode.Check add/remove programs for anything that may have been installed as an Add-On.Some times they install with other programs and you can uninstall them if your lucky.

Try to run Malewarebytes http://www.malwarebytes.org/mwb-download/ in safe mode Or Eset online scanner http://www.eset.com/us/online-scanner/.

Edited by Pvt.Death
Link to comment
Share on other sites



  • Member ID:  1055
  • Group:  ***- Inactive Clan Members
  • Followers:  37
  • Topic Count:  47
  • Topics Per Day:  0.01
  • Content Count:  356
  • Content Per Day:  0.07
  • Reputation:   9
  • Achievement Points:  2344
  • Solved Content:  0
  • Days Won:  0
  • Joined:  01/26/10
  • Status:  Offline
  • Last Seen:  
  • Birthday:  04/09/1977
  • Device:  Android

Yes it's what i have technoboy so it's not that my problem then.

The problem is when i open explorer and try to find a website so i am making a search and there is the results, when i click to go on the website i want to go, thats where my problem starts:

it goes to a redirecting page and to some other website that i don't want, like food, or many other websites.....

Link to comment
Share on other sites



  • Member ID:  42
  • Group:  *** Clan Members
  • Followers:  50
  • Topic Count:  338
  • Topics Per Day:  0.06
  • Content Count:  8258
  • Content Per Day:  1.55
  • Reputation:   5965
  • Achievement Points:  53557
  • Solved Content:  0
  • Days Won:  12
  • Joined:  09/01/09
  • Status:  Offline
  • Last Seen:  
  • Birthday:  01/30/1959
  • Device:  Android

So don't use explorer . Get Chrome or opera or fire fox ect. Then when everything back to normal on IE go tools internet options and under the homepage  hilite the one thats bad and delete it. Then do not use IE

Link to comment
Share on other sites



  • Member ID:  1055
  • Group:  ***- Inactive Clan Members
  • Followers:  37
  • Topic Count:  47
  • Topics Per Day:  0.01
  • Content Count:  356
  • Content Per Day:  0.07
  • Reputation:   9
  • Achievement Points:  2344
  • Solved Content:  0
  • Days Won:  0
  • Joined:  01/26/10
  • Status:  Offline
  • Last Seen:  
  • Birthday:  04/09/1977
  • Device:  Android

This is what i see when i do the hijackthis program but not sure how it works and what to do with it???

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:16:37, on 02/12/13
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16736)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
C:\Program Files\Trend Micro SafeSync\HrfsClient.exe
C:\Program Files (x86)\Xfire\xfire.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
C:\MSI\MSI SUITE\MSI SUITE.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.msn.com/defaultf.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: Groove GFS Browser Helper - {4DB74D06-491C-440D-305E-012400990F3E} - C:\Windows\SysWOW64\CTTTHXCAL.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [AsioReg] REGSVR32 /S CTASIO.DLL
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [Live Update 5] C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
O4 - HKLM\..\Run: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSI Suite] C:\MSI\MSI SUITE\StartMSISuite.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJA.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus NX130"
O4 - HKCU\..\Run: [incrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: Xfire.lnk = C:\Program Files (x86)\Xfire\xfire.exe
O4 - Global Startup: Trend Micro SafeSync.lnk = C:\Program Files\Trend Micro SafeSync\HrfsClient.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Pare-feu AVG (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSIFileSyncMonitor - Micro-Star Int'l Co., Ltd. - C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe
O23 - Service: MSI_SuiteCharger - MSI - C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe
O23 - Service: MSI_SuiteComCen - MSI - C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe
O23 - Service: MSI_SuiteFastBoot - MSI - C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: OnlineStorageService - Trend Micro Inc. - C:\Program Files\Trend Micro SafeSync\hrfscore.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9558 bytes

 

 

Link to comment
Share on other sites



  • Member ID:  2083
  • Group:  **- Inactive Registered Users
  • Followers:  42
  • Topic Count:  172
  • Topics Per Day:  0.04
  • Content Count:  3554
  • Content Per Day:  0.73
  • Reputation:   4992
  • Achievement Points:  23761
  • Solved Content:  0
  • Days Won:  6
  • Joined:  12/31/10
  • Status:  Offline
  • Last Seen:  
  • Birthday:  10/20/1962

I was going to tell you about this SUPERAntiSpyware but you already have it, windows defender is also good for spyware..

I did see you have a noname toolbar with this number ae07101b-46d4-4a98-af68-0333ea26e113

 

here you go try this for it:   http://windowsvc.com/bbs/board.php?bo_table=windowsvc&wr_id=1277

 

with the hijack program you have to look close at what it shows you, it will remove everything you see there but YOU DON'T want to do that lol

the above was the first I noticed along with a fix I hope!

 

here was all of them it showed me

 

https://www.google.com/search?q=ae07101b-46d4-4a98-af68-0333ea26e113&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a&channel=np&source=hp

 

I hope everything turns out ok Rescue!

 

hey also look at add-ons & extensions and shut all that crap down bring them back 1 at a time, its a slow and retarded process but it is well worth the wait (time spent)

 

also check this stuff out : http://community.trendmicro.com/t5/Malware-Discussions/Hijack-this-scan-with-lots-of-file-missing-results/td-p/49413

 

And like Labob said, dump freaking IE and switch to firefox or google chrome

Edited by Boomer
Link to comment
Share on other sites



  • Member ID:  3036
  • Group:  ***- Inactive Clan Members
  • Followers:  31
  • Topic Count:  219
  • Topics Per Day:  0.05
  • Content Count:  9419
  • Content Per Day:  2.09
  • Reputation:   7515
  • Achievement Points:  62539
  • Solved Content:  0
  • Days Won:  21
  • Joined:  11/29/11
  • Status:  Offline
  • Last Seen:  
  • Birthday:  04/26/2008
  • Device:  Windows

A few places suggest this....

 

ae07101b-46d4-4a98-af68-0333ea26e113

 

refers to a trojan for toolbars.

Link to comment
Share on other sites



  • Member ID:  755
  • Group:  ***- Inactive Clan Members
  • Followers:  21
  • Topic Count:  120
  • Topics Per Day:  0.02
  • Content Count:  2191
  • Content Per Day:  0.42
  • Reputation:   961
  • Achievement Points:  14309
  • Solved Content:  0
  • Days Won:  0
  • Joined:  11/17/09
  • Status:  Offline
  • Last Seen:  
  • Birthday:  01/14/1982

Except the key mentioned by Boomer and Sammy I can't find anything suspicious in your log file.

 

Try this

 

Press WinKey+R

Enter iexplore.exe -extoff

Press return or click OK

 

-extoff forces IE to run without any add-on and afaik without toolbars.

Be careful, IE is running with administrator permissions!

 

Surf a bit around and see if you get redirected again.

Link to comment
Share on other sites



  • Member ID:  1011
  • Group:  ***- Inactive Clan Members
  • Followers:  5
  • Topic Count:  16
  • Topics Per Day:  0.00
  • Content Count:  532
  • Content Per Day:  0.10
  • Reputation:   318
  • Achievement Points:  3254
  • Solved Content:  0
  • Days Won:  0
  • Joined:  01/12/10
  • Status:  Offline
  • Last Seen:  
  • Birthday:  02/10/1962
  • Device:  Windows

Have you downloaded an update and ran it for "DAEMON TOOLS" lately? They have an alternate search programme attached/included - which you have to unclic in order NOT to get it installed.

If so .- you can remove it from the Controlepanel>programs>functions

Link to comment
Share on other sites



  • Member ID:  349
  • Group:  Fallen Members
  • Followers:  0
  • Topic Count:  30
  • Topics Per Day:  0.01
  • Content Count:  821
  • Content Per Day:  0.15
  • Reputation:   541
  • Achievement Points:  5195
  • Solved Content:  0
  • Days Won:  0
  • Joined:  09/10/09
  • Status:  Offline
  • Last Seen:  
  • Birthday:  01/27/1971

Go into safe mode, create a new Admin account that you prefer to use. Login to the new account, see if all is well, which all likelihood it will be. Migrate over what you need, and move on. 

 

The're many compelling reasons to stop using Internet Explorer. Google Chrome, Firefox, Safari to name a few. Internet Explorer by far, is the most exploited piece of software on the planet. There is no perfect piece of software, I.E. can be used successfully without worries of having the intrusion that you're experiencing. Most I.T. groups here in the states have to tolerate the existence of I.E., but do so, with guidelines. You won't find that with Firefox and Chrome, as of yet. 

 

By the way, recreating an account is much faster than trying to find and resolve this particular type of issue!

Link to comment
Share on other sites



  • Member ID:  1055
  • Group:  ***- Inactive Clan Members
  • Followers:  37
  • Topic Count:  47
  • Topics Per Day:  0.01
  • Content Count:  356
  • Content Per Day:  0.07
  • Reputation:   9
  • Achievement Points:  2344
  • Solved Content:  0
  • Days Won:  0
  • Joined:  01/26/10
  • Status:  Offline
  • Last Seen:  
  • Birthday:  04/09/1977
  • Device:  Android

Ok thank you everyone for all those suggestions and i will try them tonight, thanks again and i will let you know about it ;-)

Link to comment
Share on other sites



  • Member ID:  2313
  • Group:  Fallen Members
  • Followers:  0
  • Topic Count:  330
  • Topics Per Day:  0.07
  • Content Count:  4924
  • Content Per Day:  1.03
  • Reputation:   3034
  • Achievement Points:  33897
  • Solved Content:  0
  • Days Won:  4
  • Joined:  03/19/11
  • Status:  Offline
  • Last Seen:  
  • Birthday:  05/26/1974

rescue seriously ..if u like i can join ur pc thru team viewer and have look see whats goin on i probably get better idea whats goin on if i can see what ur looking at that way i get better idea to diagnose ur issue or even be able to fix it for you...if you would like me to take a look just hit me up in xfire and would be more than happy to do so bud...im here to help ur hacker ass out lmao...just let me know i usually available anytime...

Link to comment
Share on other sites



  • Member ID:  1055
  • Group:  ***- Inactive Clan Members
  • Followers:  37
  • Topic Count:  47
  • Topics Per Day:  0.01
  • Content Count:  356
  • Content Per Day:  0.07
  • Reputation:   9
  • Achievement Points:  2344
  • Solved Content:  0
  • Days Won:  0
  • Joined:  01/26/10
  • Status:  Offline
  • Last Seen:  
  • Birthday:  04/09/1977
  • Device:  Android

Ok good Cobra and at the same time you would be able to see that there is no hack for my gaming :-P

Link to comment
Share on other sites


Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.