search hijack

Welcome to Major Geeks!

Please follow the instructions in the below link and attach the requested logs when you finish these instructions.

READ & RUN ME FIRST. Malware Removal Guide

 

Please attach the logs!




Uninstall NetMeter 1.1.3 After uninstalling this some items below may not be found. Just ignore and continue.

Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [C:\Program Files\NetMeter\NetMeter.exe] C:\Program Files\NetMeter\NetMeter.exe

After clicking Fix, exit HJT.

Now we need to use ComboFix to remove a bunch of malware files.

• Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
  • If it is not on your Desktop, the below will not work.
• Open Notepad and copy/paste the text in the below quote box into it:

• Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
• At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
• You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
• Now use your mouse to drag CFscript.txt on top of ComboFix.exe
• Follow the prompts.
• When it finishes, a log will be produced named c:\combofix.txt
• I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.


Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.


Now run Ccleaner!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it.

Then attach the below logs:

• C:\ComboFix.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

It is not a recommended utility. See the below:
http://www.castlecops.com/s2440-NetMeter.html
http://www.bleepingcomputer.com/startups/NetMeter.exe-3644.html
http://www.tasklist.org/task_NetMeter_exe_2221.html
http://www.2-spyware.com/file-netmeter-exe.html

Yes it could be that your ISP is mapping unknown searches there. You may want to check with them. You could also try flushing your DNS cache.

Do you have your DNS settings configured to "Obtain DNS automatically" ?

 

No! It is probably part of your ISPs equipment, like a cable or DSL modem. The 192 addresses are on your side of the network only.

Do you have any other PCs? If so, do they have the same issues?

Try the below browser.

Opera

Do you see the same problem using Opera?


Go to Start > Run and type in cmd

• Click OK.
• This will open a command prompt.
• Type or copy and paste the following line in the command window:
  ipconfig /flushdns
• Hit Enter
• Exit the command window

Do you still have the same results with all browsers?

 

Did you try Opera?

Did you flush the DNS cache?

You could try the below.

Download Registry Search (see the link titled RegSearch Download Link)

* Extract the files from Regsearch.zip into a folder.
* Doubleclick regsearch.exe to start the program.
* Enter domainparkltd in the top area of the form and then click "OK".
* Notepad will be opened with text in it (the file named RegSearch.txt will be saved in the program's folder as well). Attach this file to your next reply.

 

Third time I'll ask this! Did you try Opera?

If yes and it did not work, try the Software or Hardware Forum or format as you suggested if tired or trying. Your problems appear to be hardware or driver related.

 

Okay! Good luck.