Re: Have I got a virus please!)

On Fri, 16 Jan 2009 10:49:51 +0000, nospam@xxxxxxxxxxxx wrote:

Can anyone help?
For the last two days I find that on my PC (using XP), whenever I use
Yahoo or Google search, and using either MSIE or Firefox, I am
redirected to pages that do not seem to be the one listed on the
search engines and tend to be commercially-based.
The uurls of gallane.com, bediidle.com, and xalab.com seem
to appear a lot in the bottom line of the browser while the search
engines works.

For example, on typing Buddhism in Yahoo, one of the early options
listed by Yahoo is:

BBC - Religion & Ethics - Buddhism
Guide to Buddhism, a tradition of personal spiritual development,
including ... The history of Buddhism is the story of one man's
spiritual journey to ...
www.bbc.co.uk/religion/religions/buddhism - Cached

I am then redirected to
http://www.meditations-uk.com/main/learn_meditation_machines.html

And yet on doing this on an old PC, I click on the Yahoo listing and
go to:
http://www.bbc.co.uk/religion/religions/buddhism/

Have I got a virus or something nasty on my PC?

I have done umpteen scans using AVG and Avast! and both report there
are no viruses.

It is suggested to run only (1) 'real-time' AV application on an operating
system.

1.Clear the (IE) temporary Internet files and the history cache.
Click 'Start' and then click 'Run'... then type (or copy/paste)
"inetcpl.cpl" (w/out quotation marks) into the box, then click the 'OK'
button.
In Internet Properties panel 'General' tab, under 'Browsing history', click
'Delete...'button, in 'Delete Browsing History' panel, click the 'Delete
all...' button then place a checkmark into the box beside 'Also delete
files and settings stored by add-ons', Click 'Yes' and exit the Internet
Properties panel by clicking the 'OK' button.

2.Clean HDD
Click 'Start' and then click 'Run...' then type (or copy/paste) "cleanmgr"
(w/out quotation marks into the box, then click the 'OK' button. Select
your drive
(presumably WinXP (C:) and click OK.

3.Download/execute:
Malwarebytes© Corporation - Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
--and--
SuperAntispyware - Free
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE

4.Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis

Please, do not post HJT logs to this newsgroup.
Fora where you can get expert advice for HiJack This! (HJT) logs.

http://www.thespykiller.co.uk/index.php?board=3.0
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.tomcoyote.org/index.php?showforum=27
http://www.bleepingcomputer.com/forums/forum22.html
http://www.malwarebytes.org/forums/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://www.theeldergeek.com/forum/index.php?s=2e9ea4e19d3289dd877ab75a8220bff6&showforum=29

NOTE:
Registration is required in any of the above mentioned fora before posting
a HJT log and read the 'stickies' (instructions/guidelines) for the
respective HJT forum.

5.Routinely practice Safe-Hex.
http://www.claymania.com/safe-hex.html

Additional references:

GMER - is an application that detects and removes rootkits.
http://www.gmer.net/index.php

For additional assistance in relation GMER scan results consult either
http://antirootkit.com/forums/index.php?sid=9e746bb696ac0bb38781ffe4361c3a17
--or--
http://www.thespykiller.co.uk/index.php?board=3.0

CCleaner - Free
Cleans temporary internet files, cookies, history, recent urls, application
MRUs, etc. ... (*Tune out the registry scanning/fixing option!*)
http://www.ccleaner.com/download/builds/downloading-slim
If Windows Defender is utilized go to Applications, under Utilities uncheck
"Windows Defender" (so it won't delete the history of WD).
If you wish, click 'Options' button the 'Settings' [check] 'Run CCleaner
when the computer starts'.
Setup CCleaner to Automatically Run Each Night in Vista or XP
http://www.howtogeek.com/howto/windows-vista/setup-ccleaner-to-automatically-run-each-night-in-vista-or-xp/

Got SP3 yet?
Why Service Packs are Better Than Patches.
http://www.microsoft.com/technet/archive/community/columns/security/essays/srvpatch.mspx?mfr=true

Good luck :)
.