Hi there, wondering if anyone can help... My browser gets redirected only at two sites I know of so far. When I attempt to goto www.weightwatchers.com I get redirected to www.comcast.net. When I try to goto www.oaklandcoliseum.com I get redirected to http://www.ezpharmacy.com/?a=OAKLANDCOLISEUM.COM I can't for the life of me figure out what is going on!! I have run McAfee virus scan with the latest updates, many times and I have no viruses found. I have run SpyBot search and destroy and fixed everything it found. I have run CWShredder and Ad-Aware 6.0 and fixed everything those programs found. I did ping on those two web sites and when I use the ip address for the particular web sites I can get to weightwatchers and oaklandcoliseum using IE. I have uninstalled IE6 and reinstalled it and no luck ... Wonder if anyone has any ideas.

Paul: The creation new threats (malware) always exceeds the the capabilities of even the most recently updated utilities (Spybot, Bazooka, Ad-Aware, et al). Things slip through the cracks. There are online scanning services (do a Google search) which may find something the popular utilities might not. It takes work, but often, an examination of the registry can clue you in to hidden malware. Another place to check is Task Manager for bogus processes. Beer, Barbeque, Best movies in South Tampa

If you don't make out, post a HiJackThis log of your system so we can see what's causing the problem. MrC HiJackThis and Instructions

Thanks for the replies. As requested here is my hijackthis log. If anyone sees anything suspect in it please let me know. Thanks Paul ============================ Hi there, wondering if anyone can help... My browser gets redirected only at two sites I know of so far. When I attempt to goto www.weightwatchers.com I get redirected to www.comcast.net. When I try to goto www.oaklandcoliseum.com I get redirected to http://www.ezpharmacy.com/?a=OAKLANDCOLISEUM.COM I can't for the life of me figure out what is going on!! I have run McAfee virus scan with the latest updates, many times and I have no viruses found. I have run SpyBot search and destroy and fixed everything it found. I have run CWShredder and Ad-Aware 6.0 and fixed everything those programs found. I did ping on those two web sites and when I use the ip address for the particular web sites I can get to weightwatchers and oaklandcoliseum using IE. I have uninstalled IE6 and reinstalled it and no luck ... Wonder if anyone can find anything in my HiJackThis log: Logfile of HijackThis v1.97.7 Scan saved at 4:09:19 PM, on 4/2/04 Platform: Windows 98 Gold (Win9x 4.10.1998) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.exe C:\WINDOWS\SYSTEM\MPREXE.exe C:\WINDOWS\SYSTEM\WINMODEM.101\wmexe.exe C:\WINDOWS\SYSTEM\MSTASK.exe C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.exe C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\DDHELP.exe C:\WINDOWS\EXPLORER.exe C:\WINDOWS\SYSTEM\PSTORES.exe C:\ACS495\MIXGHOST.exe C:\WINDOWS\SYSTEM\MSWHEEL.exe C:\PROGRAM FILES\VOYETRA\AUDIOSTATION 32\VTRAY.exe C:\WINDOWS\TASKMON.exe C:\WINDOWS\SYSTEM\SYSTRAY.exe C:\WINDOWS\SYSTEM\HPZTSB06.exe C:\WINDOWS\SYSTEM\SPOOL32.exe C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.exe C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.exe C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.exe C:\PROGRAM FILES\LOGITECH\WINGMAN PROFILER\LWPEVNTM.exe C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.exe C:\VSTASCAN\VSACCESS.exe C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSFTSN.exe C:\PROGRAM FILES\MCAFEE.COM\SHARED\MGHTML.exe C:\PROGRAM FILES\MCAFEE.COM\VSO\MCMNHDLR.exe C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.exe C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.exe C:\WINDOWS\DESKTOP\HIJACKTHIS.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_2_3_0.DLL O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_2_3_0.DLL O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [POINTER] C:\PROGRA~1\MSHARD~1\point32.exe O4 - HKLM\..\Run: [Mixghost] C:\ACS495\MixGhost.exe O4 - HKLM\..\Run: [VoyetraTray] C:\PROGRAM FILES\VOYETRA\AUDIOSTATION 32\VTRAY.exe /s O4 - HKLM\..\Run: [ComcastSUPPORT] C:\Program Files\Support.com\bin\tgkill.exe /cleaneahtioga /start O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.exe O4 - HKLM\..\Run: [VsEcomrEXE] C:\Program Files\Network Associates\McAfee VirusScan\vsecomr.exe O4 - HKLM\..\Run: [Lwinst Run Profiler] C:\PROGRA~1\LOGITECH\WINGMA~1\Lwinst.exe -d -l "C:\PROGRA~1\LOGITECH\WINGMA~1\Lwpevntm.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb06.exe O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] C:\PROGRA~1\MCAFEE.COM\VSO\MCVSSHLD.exe O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.exe O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup O4 - HKLM\..\RunServices: [winmodem] WINMODEM.101\wmexe.exe O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [McVsRte] C:\PROGRA~1\MCAFEE.COM\VSO\MCVSRTE.exe /embedding O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - Startup: UMAX VistaAccess.lnk = C:\VSTASCAN\vsaccess.exe O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM) O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtw32.dll O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O18 - Protocol: pcn - {D540F040-F3D9-11D0-95BE-00C04FD93CA5} - C:\PROGRAM FILES\ENCOMPASS\V1MK.DLL Thanks in advance for any help. Paul

every time i try to download a file usually a .exe, i get re-directed to http://best-search.info/ any ideas?

help help i am having smae problem.... every time i try to download a file usually a .exe, i get re-directed to http://best-search.info/ any ideas?

I'm having the same problem as well with the best-search website appearing everytime i restart internet explorer. I have found a lot of help at the website: http://www.spywareinfo.com/articles/hijacked/#removal but I can't seem to completely get rid of it. any other ideas would be greatly appreciated.