#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2011
    Posts
    9
    Rep Power
    0

    Something causing annoying site redirects


    Whenever i do a Google search I get redirected either to random websites or search results pages. Both of which are highly annoying. I can copy the website URL from Google and then directly go to the page but sometimes with shortened URLs even that doesn't work.

    I'm sure its some random script somewhere thats causing all the trouble, i just dont have the knowledge to find it.

    I've ran all the scans except BitDefender (which wont run for some reason) and didn't seem to find much of anything.
  2. #2
  3. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2011
    Posts
    9
    Rep Power
    0

    Scan Results 1


    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org


    Database version: 5873

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    2011-02-24 4:39:59 PM
    mbam-log-2011-02-24 (16-39-59).txt

    Scan type: Quick scan
    Objects scanned: 159444
    Time elapsed: 3 minute(s), 0 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2011
    Posts
    9
    Rep Power
    0

    Scan Results 2


    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com


    Generated 02/24/2011 at 05:49 PM

    Application Version : 4.49.1000

    Core Rules Database Version : 6281
    Trace Rules Database Version: 4093

    Scan type : Quick Scan
    Total Scan Time : 00:12:59

    Memory items scanned : 398
    Memory threats detected : 0
    Registry items scanned : 1977
    Registry threats detected : 0
    File items scanned : 7388
    File threats detected : 47

    Adware.Tracking Cookie
    .media6degrees.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .media6degrees.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .media6degrees.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .myaccounts.navyfcu.org [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .media6degrees.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .media6degrees.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .media6degrees.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    www.icityfind.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    www.plomedia.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    www.findstuff.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .legolas-media.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .legolas-media.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .dmtracker.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .revsci.net [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .revsci.net [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .revsci.net [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .elitefitness.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .elitefitness.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .elitefitness.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .elitefitness.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .revsci.net [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .revsci.net [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .revsci.net [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .skinmedica.122.2o7.net [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .2o7.net [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    www.trackimizer.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    stats.supergreenhosting.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    stats.justhost.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    tracking.hostgator.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .indianfriendfinder.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .indianfriendfinder.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .indianfriendfinder.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .indianfriendfinder.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .indianfriendfinder.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .indianfriendfinder.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .germanfriendfinder.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .germanfriendfinder.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .germanfriendfinder.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .germanfriendfinder.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .germanfriendfinder.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .germanfriendfinder.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .bizzclick.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .media6degrees.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .newyorkandcompany.112.2o7.net [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .pcstats.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .pcstats.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
    .pcstats.com [ C:\Documents and Settings\Heather\Application Data\Mozilla\Firefox\Profiles\urlxmsu0.default\cookies.sqlite ]
  6. #4
  7. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2011
    Posts
    9
    Rep Power
    0

    Scan Results 3


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 5:57:27 PM, on 2011-02-24
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal


    Running processes:
    C:\windows\System32\smss.exe
    C:\windows\system32\winlogon.exe
    C:\windows\system32\services.exe
    C:\windows\system32\lsass.exe
    C:\windows\System32\Ati2evxx.exe
    C:\windows\system32\svchost.exe
    C:\windows\System32\svchost.exe
    C:\windows\Explorer.EXE
    C:\windows\system32\spoolsv.exe
    C:\windows\system32\rundll32.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\windows\ehome\ehSched.exe
    C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
    C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\windows\System32\svchost.exe
    C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
    C:\windows\system32\wscntfy.exe
    C:\windows\System32\svchost.exe
    C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\windows\system32\ctfmon.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
    O2 - BHO: (no name) - {E85C18E7-C293-4424-9DD0-B31D8DB27013} - (no file)
    O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\RunOnce: [SWHelper] "C:\windows\system32\Macromed\Shockwave 10\PostUpdate.exe" 1014020 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [SWHelper] "C:\windows\system32\Macromed\Shockwave 10\PostUpdate.exe" 1014020 (User 'Default user')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - http://photos.walmart.com/WalmartActivia.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - (no file)
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\windows\System32\Ati2evxx.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: MotoConnect Service - Unknown owner - C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
    O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
  8. #5
  9. They're coming to take me away

    Join Date
    Jan 2005
    Location
    Florida
    Posts
    5,105
    Rep Power
    5049
    Run Hijackthis again and fix these lines:

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
    After that, open Internet Explorer:
    Tools --> Internet Options --> Connections --> LAN Settings
    Make sure that "Automatically detect settings" is checked.. and nothing else. Proxy server should NOT be selected.
    "I don't need to get a life. I'm a gamer. I have lots of lives!"
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Regular (2000 - 2499 posts)

    Join Date
    May 2004
    Location
    surfing the interwebz
    Posts
    2,410
    Rep Power
    2005
    Just a quick word of advice, a lot of these redirect viruses are infecting the master boot record (MBR) as well. When you're done and all scans come up clean, if you're still getting a redirect issue, try replacing the MBR. You won't lose any data, just do a quick google search based on your OS and you'll be good.
  12. #7
  13. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2011
    Posts
    9
    Rep Power
    0
    Originally Posted by hiker
    Run Hijackthis again and fix these lines:
    After that, open Internet Explorer:
    Tools --> Internet Options --> Connections --> LAN Settings
    Make sure that "Automatically detect settings" is checked.. and nothing else. Proxy server should NOT be selected.
    I ran Hijackthis and fixed those lines.
    The settings in IE were correct.
    The redirect problem continues

    Originally Posted by seack79
    Just a quick word of advice, a lot of these redirect viruses are infecting the master boot record (MBR) as well. When you're done and all scans come up clean, if you're still getting a redirect issue, try replacing the MBR. You won't lose any data, just do a quick google search based on your OS and you'll be good.
    I found instructions on this
    Boot with the CD and using the
    fixmbr
    command when prompted.

    However, I dont think i have the boot disks. I'm ruining XP on a dell is there anyway around that?

IMN logo majestic logo threadwatch logo seochat tools logo