The past three days, each time I log on and click internet explorer, I get redirected to "search.yahoo.com/images"..

I cleared cache, did cleanmgr, rebooted and this still won't go away. :confused:

Running XPSP2(upgrades all up to date)
IE6
Spybot is clear.
Panda AV program

Attached is HJT log and CAonline virus scan(which is negative for any virus)

I would greatly appreciate your help..

Thanks in advance

Welcome to the forum, I will be glad to take a look if you will but follow the directions here:
http://forums.spybot.info/showthread.php?t=288

Click that, save the log somewhere, and copy/paste into your own new topic
a) The HJT log
b) The on-line Anti Virus scan log/report

Thanks

Hi PSKelley

I hope I've done this correctly:blush:

Online CA scan and HJT logs noted below:

SOLUTIONS SUPPORT NEWS EVENTS ABOUT CA INVESTORS WORLDWIDE BUY
Product Solutions Services & Education Technology Solutions Industry Solutions Business Solutions Partners ...view all Technical Support Security Advisor CustomerConnect ...view all Press In the News Customer Successes ...view all Overview Management Careers Community ...view all Stock Price Financial News Financial/SEC Reports Board of Directors Events ...view all Australia Brazil Canada China France Germany Italy Japan United Kingdom ...view all Free Seminars Conferences Webcasts CA World ...view all SOLUTIONS SUPPORT NEWS EVENTS ABOUT CA INVESTORS WORLDWIDE BUY






Virus Information Center



eTrust Antivirus Web Scanner

Start Scan


Stop Scan


Cure Files


Delete Files


Reply email address for the file submission:
Scanner Help


Scan Results: Scan Completed. 35506 files scanned. No viruses found.

File Infection Status Path
- No Infections








Search

CA Security Advisor Virus Encyclopedia Vulnerability Encyclopedia Spyware Encyclopedia News and Information



Online Tools
Free Virus Scan
Download Signature Files
Cleaning Utilities
Submit a Virus Sample


CA Security Advisor
Virus Encyclopedia
Vulnerability Information Center
Spyware Information Center
News and Information
Glossary



eTrust Security Management Solutions

eTrust Antivirus
eTrust Internet Security Suite
eTrust Secure Content Manager









How valuable was this information? Not at all Extremely
Submit


Contact Legal Notice Privacy Policy Site Map
Copyright © 2006 CA. All rights reserved.


HJT:

Logfile of HijackThis v1.99.1
Scan saved at 9:47:29 PM, on 9/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\apvxdwin.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
c:\program files\panda software\panda internet security 2007\WebProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\antispyware\HijackThis.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\psimreal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isp.netscape.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1136245399375
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1147738173734
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D32B10E2-F503-4FEF-8105-34B337A34DD1}: NameServer = 207.172.3.8 207.172.3.9
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe


I appreciate your help, and look forward to your reply:)

Thanks for returning your information, this is a clean HJT log except for the fact that Java needs an update:
http://forums.spybot.info/showpost.php?p=12880&postcount=2
C:\Program Files\Java\jre1.5.0_07\ <<< check for an update

Open Internet Explorer > Tools > Internet Options > General tab, and tell me what address in in the Home Page address box.
Let me know about any problems you are still experiencing.

Thanks

OK..

isp.netscape.com

I uninstalled my Yahoo! toolbar thinking this could somehow be part of the problem, reinstalled the updated version, and when I rebooted, and clicked on IE icon to open my browser-- search.yahoo.com/images page came up again!

So I uninstalled the toolbar again..

Any help is greatly appreciated :) (I do need to use the toolbar)

OK, I will have to say I don't know. I could run scans but they are probably not going to pickup on what appears to be a valid item:
http://www.google.com/search?sourceid=navclient&ie=UTF-8&rls=GGLG,GGLG:2006-16,GGLG:en&q=search%2Eyahoo%2Ecom%2Fimages I personally do not allow Yahoo on my computer, they are in bed with the enemy. I suggest you contact them for instructions as to how to remove their junk.

http://dir.yahoo.com/Computers_and_Internet/Technical_Guides_and_Support/

You may find something here to help:
http://www.google.com/search?sourceid=navclient&ie=UTF-8&rls=GGLG,GGLG:2006-16,GGLG:en&q=remove+search%2Eyahoo%2Ecom

Thanks

Thanks so much for the input.. didn't know Yahoo! was that bad:eek:

Will follow your instructions, and won't install the toolbar..

If I can get a valid reply from Yahoo!, I'll post, if that's ok..

Thanks again!

This topic has been closed to prevent others with similar issues posting in it.
If you need it re-opened please send me or your helper a private message (pm) and provide a link to the thread. :)

Applies only to the original topic starter.