Redirecting to Directory Sites

[quietman]

I have an issue when browsing in Google. When selecting results, I often get redirected to Ask.com or a directory site.

Norton is running, I have cleared all browsing history but stll this problem persits. It seems there is some sort of malware running that redirects my IE pages which is not being picked up by my AV software.

What about re-installing ie8?

Any soltions?

 

[Desslok]

Do you have multiple search providers?

 

[quietman]

Do you have multiple search providers?

No just using Google with ie8

 

[karlsnooks]

I have an issue when browsing in Google. When selecting results, I often get redirected to Ask.com or a directory site.

Norton is running, I have cleared all browsing history but stll this problem persits. It seems there is some sort of malware running that redirects my IE pages which is not being picked up by my AV software.

What about re-installing ie8?

Any soltions?

And what does you list of search providers show? What is the priority order of the search engines?

 

[quietman]

I have an issue when browsing in Google. When selecting results, I often get redirected to Ask.com or a directory site.

Norton is running, I have cleared all browsing history but stll this problem persits. It seems there is some sort of malware running that redirects my IE pages which is not being picked up by my AV software.

What about re-installing ie8?

Any soltions?

And what does you list of search providers show? What is the priority order of the search engines?

Not sure what you mean?
When I search for let's say "synth vst" (i'm into music creation) i will get what I expect. Then I might choose the first result and soon as I click this I will not be directed to the site I wat but a ramdom site which looks like a directory provider or often ask.com being a common one.

 

[Product FRED]

Ah, by directory provider, you mean a bogus site that comes up when a site no longer exists? Like this? oembios.com

 

[quietman]

Ah, by directory provider, you mean a bogus site that comes up when a site no longer exists? Like this? oembios.com

Yes something like that. To be honest I close the site as soon as possible just in case...

 

[Product FRED]

That just means a site doesn't exist at that domain anymore. But it's fishy if this is happening a lot. Does it only come up for certain search terms or everything? And have you changed anything recently in your internet setup?

 

[quietman]

That just means a site doesn't exist at that domain anymore. But it's fishy if this is happening a lot. Does it only come up for certain search terms or everything? And have you changed anything recently in your internet setup?

Not that i'm aware of...

since the last post (trumpet....?) I have run a Norton scan and i found a few nasties. Why it didn't pick these up before I'm not sure? A few cookies were removed and a rar file which it reckoned was suspicious.

Unfortunately, I download lots of zip/rar files with vst synths etc on them then place them (the .dll's) into my DAW (Digital Audio Workstation).

So far I haven't had the re-occurence of redirection so maybe......

 

[Product FRED]

Yeah, it was probably a hijacker. These things work by injecting code into the LSP (Layered Service Provider):

A Layered Service Provider is a DLL that uses Winsock APIs to insert itself into the TCP/IP stack. Once in the stack, a Layered Service Provider can intercept and modify inbound and outbound Internet traffic

 

[quietman]

Yeah, it was probably a hijacker. These things work by injecting code into the LSP (Layered Service Provider):

A Layered Service Provider is a DLL that uses Winsock APIs to insert itself into the TCP/IP stack. Once in the stack, a Layered Service Provider can intercept and modify inbound and outbound Internet traffic

it's still happening... just had a redirect with an Oops! Link appears to be broken screen with the text "controller dsx null" inserted

 

[Product FRED]

Disconnect your internet and scan with Malwarebytes

It may be a persistent one, downloading more code from the internet. It also might be reinstalling itself from a location on your drive. Malwarbytes' should find it/them.