Possible problem with the Google search engine.

[Didz]

I'm at a loss what to do about this annoying problem I have when conducting internet searches.

The symptoms are that I Google a subject (e.g. 'The Experimental Rifle Corps') and I get a list of potential website links to look at as normal. But when I click on one of the links it occassionally takes me somewhere completely different. The locations that come up seem to be either obscure product related web-pages advertising 'left-handed screw drivers' or some similar rubbish, or even more obscure search engine pages which repeat the original subject and invite me to click on their own search button to find suitable sites. Naturally, I am not dumb enough to click on anything on these webpages, and usually clicking 'Back' and selecting the link again takes me to the correct location.

My initial reaction was that this was some freak scheme by Microsoft to try and promote sponsored products or search engines. I have Internet Explore 8 installed and its been a constant pain ever since I was browbeaten into accepting it. Another problem I have is that regardless of my security settings it refuses to remember my usernames and passwords so I have to type them in everytime I visit sites like this one. I've even tried explicitly ordering IE8 to save my cookies for this site but it just ignores me.

However, in a fit of exaperation I decided finally to dump IE8 and switched to Mozilla Firefox (I have Firefox Ver 2.0.0.3 installed on my PC) as my default browser. Unfortunately, on my very first browser search using Firefox exactly the same thing happened. So, I'm beginning to think its not the browser but Google who are responsible for this annoying distraction.

Has anyone else experienced it, and more importantly does anyone know why its happening and how to put a stop to it?

[Squid]

Its more likely you've been infected with a virus.

Moved to the basement.

[Didz]

Actually I've just been reading the Google Support Forum and it looks like it might be a piece of malicious software thats causing the problem. Apparently the latest scam that criminals are trying is to deliberately redirect your internet access to sites that they have done a click to pay deal with. The idea being that you are an idiot and will click on the site or worse still actually buy something advertised. The other obvious scam is to try and get you to enter your personal details into it so that they can collect them for later use.

What annoyed me about the official Google response was that they are taking the line that its up to the customer to avoid and resolve this problem.

I've had similar arguements with my bank who actually had to cheek to try and sell me Identify Protection Insurance. As I pointed out to them, I only let them look after my money because I beleive them when they tell me my money is safe in their hands. If they are now telling me that they can't guarantee to look after my money and that there is a good chance that they might give it away to someone else by accident then why would I even consider letting them look after it. I would rather go to a bank that has better security. What I certainly wasn't prepared to do was give my bank more money to insure myself against their potential incompetence.

Likewise, I use Google because it has a good reputation for finding the informaiton that I want to access. However, if the Google software is so insecure that it allows criminals to redirect my searches to any site they wish why would I continue to use Google as my search engine. I would be better off switching to another supplier whose software has better security against being hacked.

Another anamolgy would be a double-glazing company that fits doors with no locks and then warns customers that they need to buy a dog to chase out the burglars.

[Juvenal]

I presume the problem is at your end.

When I search for The Experimental Rifle Corps, I get a perfectly reasonable set of results.

PS. I followed some of the links, they're all legitimate.

[Simetrical]

Actually I've just been reading the Google Support Forum and it looks like it might be a piece of malicious software thats causing the problem. Apparently the latest scam that criminals are trying is to deliberately redirect your internet access to sites that they have done a click to pay deal with. The idea being that you are an idiot and will click on the site or worse still actually buy something advertised. The other obvious scam is to try and get you to enter your personal details into it so that they can collect them for later use.

Yes, this is almost certainly the cause. Try running some antivirus software to get rid of it.

What annoyed me about the official Google response was that they are taking the line that its up to the customer to avoid and resolve this problem.

They can't resolve the problem. There's a program on your computer, which they don't control, which is altering your traffic. When you click one of these links, Google probably never even gets the request: the software on your computer alters it so that it goes to the other site.

Expecting them to fix it would be like calling someone when your phone's mike is broken and then expecting the person on the other end to find some way to hear you anyway. Or blaming Google because you can't access their sites when you don't have Internet access. It's impossible for anyone but you to fix the problem.

Likewise, I use Google because it has a good reputation for finding the informaiton that I want to access. However, if the Google software is so insecure that it allows criminals to redirect my searches to any site they wish why would I continue to use Google as my search engine. I would be better off switching to another supplier whose software has better security against being hacked.

It's logically impossible for them to defend against this attack. When you visit Google, there are two computers involved: yours and theirs. They can only defend their own computers against attack, not yours. The only way they could defend your computer is if you give them control of it (which, in fact, is more or less what Chrome OS does).

Another anamolgy would be a double-glazing company that fits doors with no locks and then warns customers that they need to buy a dog to chase out the burglars.

This analogy is mistaken. A company that installs doors is capable of installing locks; Google is not capable of wiping viruses from your computer, no matter how high-tech they are. To do so would require hacking your computer, which is illegal.

[Didz]

I presume the problem is at your end. When I search for The Experimental Rifle Corps, I get a perfectly reasonable set of results.

Well that was just an example. It doesn't make any difference what you were searching for the actual website you get is apparently pre-selected by the malicous software which has embedded itself in the Google search engine.

Yes, this is almost certainly the cause. Try running some antivirus software to get rid of it.

I'm actually running the Microsoft Malicous Software Removal Tool in the background as I write.

The problem is of course that as a customer one has to be very careful about downloading your own solutions to the problem as many of the Malicous Software Removal Tools offerred for download on the internet are provided by the very criminals who infected your PC in the first place and include yet more infections albeit with the re-assurance that they will remove your current one.

They can't resolve the problem. There's a program on your computer, which they don't control, which is altering your traffic. When you click one of these links, Google probably never even gets the request: the software on your computer alters it so that it goes to the other site.

I find that hard to believe. The list of links provided as a result of the Google search are by implication known to Google, as they just generated them, therefore, the malicous software must not only be interdicting the Google software in responding to those links, but must also be feeding the browser software with a URL which was not in the list generated by the search. Therefore, Google ought to be able to detect that the URL being accessed does not match the URL that the customer just clicked upon.

But even if it could not do that then at the very least I would have expected Google to provide a malicous software removal tool tailored to remove the malicous software which it knows is attacking its customers.

Expecting them to fix it would be like calling someone when your phone's mike is broken and then expecting the person on the other end to find some way to hear you anyway. Or blaming Google because you can't access their sites when you don't have Internet access. It's impossible for anyone but you to fix the problem.

Not quite, because if my phone mike was broken then it would have an impact on any telephone company providing the service. Whereas in this instance the mic only fails to work when used with Google, so the simple solution would be to change telephone company.

As such this malicous software is deliberately aimed at discrediting Google as a search engine and Google ought to be as concerned to resolve it as I am.

This analogy is mistaken. A company that installs doors is capable of installing locks; Google is not capable of wiping viruses from your computer, no matter how high-tech they are. To do so would require hacking your computer, which is illegal.

Its not a virus, calling it a virus suggests that it has the ability to replicate itself and as far as I know it doesn't. It a piece of malicous software which has embedded itself somewhere in the Google search engine. It is only triggerred by a Google search, therefore it should by definition be Googles problem. As such Anti-Virus software cannot detect it, and its probably masquerading as one of the Google programme functions.

There is clearly a weakness in the Google search system which has allowed this criminal to expliot their software to achieve their aim, that weakness needs to be identified and closed, and it is also in Googles own interests to find a solution on behalf of their customers if they wish to retain their credability as a reliable search engine provider.

In fact, I wouldn't be surprised to discover that this software is actually being financed by one of Googles rivals.

[Simetrical]

It's embedded itself in your computer, not Google. You need to run antivirus software. (See previous post, in case you missed it due to simultaneously posting.)

[Juvenal]

As Sim pointed out it is your browser on your computer that is compromised, nothing to do with Google (although I'm sure they have plenty of other things to be guilty about).

[Didz]

As Sim pointed out it is your browser on your computer that is compromised, nothing to do with Google (although I'm sure they have plenty of other things to be guilty about).

No its not.

As I explained in my opening post this was actually my first assumption which was why I changed my browser from IE8 to Mozilla Firefox. The malware remains a problem regardless of which browser I use, but is only triggerred by a Google search. So, the logical conclusion is that it has embedded itself somewhere in the Google Search engine, or that it has been embedded somewhere which is browser independent and has been specifically tailored to react to a Google search.

Either way one can assume that however produced it has either found a weakness in the Google search engine which he can expliot, or is deliberately targetting Google for malicous reasons. Whatever, methid has been employed by this criminal the bottom line is that it is as much an attack on Googles credability as a search engine provider as it is on my sanity as a Google customer. The simple solution from my point of view would be to switch search engine provider, but as I said in my support request I have been using Google as my search engine since it first came out and I am reluctant to stop using it just because some low life wants me too.

The Good News is that I have just received a much more positive response from Google who are now asking customers to log and report all of the sites that are benefitting from this malware softwares activities and they have also provided a link to a trusted malicous software removal tool which they have recommended to their customers as likely to resolve the problem. Hopefully, they are also looking at ways to block this sort of attack, and will be prosecuting anyone they track down who is benefiting from its activities.

[Juvenal]

No its not.

As I explained in my opening post this was actually my first assumption which was why I changed my browser from IE8 to Mozilla Firefox. The malware remains a problem regardless of which browser I use, but is only triggerred by a Google search. So, the logical conclusion is that it has embedded itself somewhere in the Google Search engine, or that it has been embedded somewhere which is browser independent and has been specifically tailored to react to a Google search.

Either way one can assume that however produced it has either found a weakness in the Google search engine which he can expliot, or is deliberately targetting Google for malicous reasons. Whatever, methid has been employed by this criminal the bottom line is that it is as much an attack on Googles credability as a search engine provider as it is on my sanity as a Google customer. The simple solution from my point of view would be to switch search engine provider, but as I said in my support request I have been using Google as my search engine since it first came out and I am reluctant to stop using it just because some low life wants me too.

Google and its search engine exist entirely on Google's servers, no element of them exists on your machine.

It is possible to have malware that affects browsers directly (such as malicious plug-ins), but this clearly isn't your problem.

The virus on your machine has got itself installed in such a way that intercepts all communication between your browser and the internet. So it doesn't matter which browser you use, the virus gets to act as gate-keeper and presents whatever search results it chooses in response to your Google search queries.

[Didz]

The virus on your machine has got itself installed in such a way that intercepts all communication between your browser and the internet. So it doesn't matter which browser you use, the virus gets to act as gate-keeper and presents whatever search results it chooses in response to your Google search queries.

Well as I keep explaining that is not how its reacting.

It only affects selections made from a search which has been started using the Google search engine. I can click on links from any other webpage I like, and any other search engine I like and it never ever interfers.

This seems to be why Google support are finally taking this threat seriously.

At first Gogles reaction to complaints made on the Google support site were pretty much in line with attitude of Simetrical and yourself, and there are responses from Google support basically repeating exactly the points made above. This is probably a malware infection, nothing that Google can do about, impossible to detect from our end, blah! blah! blah!

Then some of their former customers came back on the site and reported that they had discovered that the problem simply went away if they stopped using Google. They began recommending to other people with the same problem that the simple solution was to switch to this or that rival search engine and assuring them that having done so they no longer had the problem.

This seems to have convinced Google support that what they were dealing with was not some random piece of Malware but a targetted attack on their business, and suddenly their attitude changed. Now they are keen to monitor this activity and for customers to provide them with detailed reports of what happens when it triggers including the sites that the customer gets re-routed to.

They have also provided a trustworthy link to Malwarebytes' Anti-Malware programme, so that customers can safely download a potential solution to their problem.

http://www.google.com/support/websea...en&answer=8091

The four hour scan of my computer by the Microsoft Malicous Software Removel Tool has just finished but found nothing unusual, which doesn't really surprise me as I assume it is concentrating on those threats that attack the windows software rather than Google.

So, I'm about to download Malwarebytes as recommended by Google and see if that finds anything.

Malwarebytes Results

Well I downloaded Malwarebytes from using the link provided by Google Support and within the space of about 10 minutes it scanned my PC and found the following 18 malicous programmes.

Files Infected:
c:\program files\common files\msnmsgr.exe (Backdoor.Bot) -> No action taken.
c:\documents and settings\david hatch\local settings\Temp\temp00003c6f.exe (Backdoor.Bot) -> No action taken.
c:\documents and settings\david hatch\local settings\Temp\temp0000776c.exe (Backdoor.Bot) -> No action taken.
c:\documents and settings\david hatch\local settings\Temp\20101130092924.exe (Backdoor.Bot) -> No action taken.
c:\documents and settings\david hatch\local settings\Temp\20101130171340.exe (Backdoor.Bot) -> No action taken.
c:\documents and settings\david hatch\local settings\Temp\20101201165301.exe (Backdoor.Bot) -> No action taken.
c:\documents and settings\david hatch\local settings\Temp\20101204110129.exe (Backdoor.Bot) -> No action taken.
c:\documents and settings\david hatch\local settings\Temp\20101204170205.exe (Backdoor.Bot) -> No action taken.
c:\documents and settings\david hatch\local settings\Temp\20101205210002.exe (Backdoor.Bot) -> No action taken.
c:\documents and settings\david hatch\local settings\Temp\20101206160918.exe (Backdoor.Bot) -> No action taken.
c:\documents and settings\david hatch\local settings\Temp\20101208111726.exe (Backdoor.Bot) -> No action taken.
c:\documents and settings\david hatch\local settings\Temp\20101208210944.exe (Backdoor.Bot) -> No action taken.
c:\documents and settings\david hatch\application data\microsoft\stor.cfg (Malware.Trace) -> No action taken.
c:\program files\common files\c.reg (Malware.Trace) -> No action taken.
c:\program files\common files\ur.dll (Malware.Trace) -> No action taken.

As you can see one of them was sitting within MSN Messenger itself which may explain why that programme has been unexpectedly crashing out recently. Most of the others seem to be sitting in the Temp files directory. So it remains to be seen if that has cured the problem but it was interesting that the Microsoft Programme gave my PC a clean bill of health and then Malwarebytes found a malicous programme in MSN Messenger.

[Big Boss]

This post boggles my mind. They made you download a virus remover, which means that the virus is still on your machine and has nothing to do with them. It could very well be that you have a very specific virus that only attacks Google, and the reason that this doesn't happen on other search engines is that the other search engines have no where near the market share of Google, so why bother exploiting them.

In the end, the problem is still on your end and Google can still not do anything about it. Their response is the same as those of everyone else in the this thread, that the problem lies in your computer and its not google's fault.

[Didz]

I think your missing the point. The mere fact that this malware programme was designed to limit its attacks to Google Searches means that it is a problem for Google, and they at least seem to have recognised the threat this poses to their business.

The fact, that the malware programme has been embedded on their customers PC's merely complicates the problem in that they have to first of all convince their customers that the problem is not an inherent flaw in their search engine, and secondly they have to rely upon their customers to take to appropriate action to correct the problem.

This whole issue really has to be put in the context of the corresponding TV advertising campaign by one of their rival companies which is basically trying to convince Google customers to change search engine on the very grounds that it is unreliable and frequently comes up with rubbish results.

What this incident does show is that it is possible for Google searches to be targetted specifically by criminals. That rival search engines seem not to be suffering from the same problem obvious creates the impression that they are safer and mmore reliable. That may be a mere illusion, and it may be the deliberate intention of the malware writer but to the ordinary customer who just wants a simple solution its far easier just to switch provider than phaff about downloading dodgy and potentially dangerous malware solutions.

The good news is that since running Googles recommended solution and removing the 18 infected files I have not seen a recurrence of the redirection issue when using the Google search engine. So, (touch wood) it seems that the problem has been resolved for the time being. The issue now remains as too how long it will be before the malware re-establishes itself and the cycle begins again.

Because unless Google can do something to prevent the malware targetting its searches and interdicting its customers selections then I suspect that this is going to be a recurring attack on their credability. And ultimately of course the simple solution for any customer who just wants to search the web in peace is simply to change their search engine.

p.s. I must just repeat yet again that this problem was not caused by a virus. I happen to have any excellent anti-virus programme protecting my PC and I also happen to have an excellent anti-spyware programme guarding my PC. This was a malicous programme, which was clearly designed to target the Google Search engine, the solution recommended by Google was therefore Malwarebytes' Anti-Malware programme not an Anti-Virus Programme.

[Phier]

I think Google will survive this horrible attack on their credibility.

I've had one or two of these in the past on my work computers where my computer illiterate employees go to sites and click on popups no real user would dream of.

Normally spybot or adware got rid of them.

I'm not sure why you would be upset with google over this, they could have targeted any web page you went to, its just the ubiquitous nature of google which makes them the biggest target.

You might have the software but being you were at a loss on what to do, you don't have the experience to use them properly. Consider this a good education and you now will no what to do if it happens again.

[Didz]

I'm not sure why you would be upset with google over this, they could have targeted any web page you went to, its just the ubiquitous nature of google which makes them the biggest target.

I'm not, at least not anymore, their initial reaction was typically dismissive and lacked any concept of customer care. But once they realised that their business was actually under direct attack they responded quite effectively with a solution to the immediate problem and a process for monitoring and addressing future attacks.

As a result i was able to downlad a trustworthy malicous software removal tool which worked, its just a shame that they had to lose so many customers before they changed their attitude.

Your Malwarebytes report indicates that you did have a virus.

You and I have different definitions of a virus. I am still workling with the original classification which identifies a virus as a programme which self-replicates itself to spread randomly. A Trojan by definition is not a virus as it spreads by being deliberately inserted into an otherwise benign programme and using it to disquise itself in order to infect a PC.

The key difference being that Anti-Virus programmes can block the spread of virus infections, but cannot prevent the infection of Trojans as typically the PC owner will authorise their access to his system along with the programme they are hidden in. The other difference between a virus and a trojan is that typically Trojan's are targetted at specific PC users by being embedded in programmes which those users are most likely to download or invoke, whereas a virus tends to be free roaming and indescriminate.

Trojan's tend to be more in favour with corporate hackers who can target them more accurately for the placement of spyware and adware infections and be more certain that they will gain access by embeddng them in official downloads.

The true virus was more common as an academic exercise by computer experts who likened it to creating an artificial life form. They were released on the internet and then the effects monitored to see how successful they were, but once released they are pretty much out of the originators control.

Modern corporate hackers require more control and often expect direct feedback from their programmes.

Since it happened to publicly target Google and appeared to go away when another search site was used, Google felt it was in their interest to direct you to a malware removal tool. However that doesn't make it their fault, it is your virus on your machine and could have targeted any site. Also just changing to another search site doesn't actually do you any good since the malware remains in place doing whatever else it does that you haven't noticed yet.

I never said that it was their fault, all I said was that it clearly highlights that there is a flaw in the Google software which can be explioted by a hacker. The implication being that unless and until Google plug that hole this sort of attack will continue and both they and their customers will be at risk.

I think it also has to be remembered that whilst Google may not be directly responsible for the attack on their service, the average customer who is getting these unreliable and frustrating results is equating them with the TV advertising campaign which describes Google searches as unreliable and poorly targetted. So, for the average customer with little techincal knowledge the poor results ARE seen as Googles fault and this is reinforced by the reports that they go away if you change to a rival search engine. The fault, if any, was that Google failed to respond helpfully to the initial customer reports of this problem. The initial dismissive reaction of their helpdesk staff left their customers with no support or guidance and little option but to change search engine provider. Fortunately that attitude changed dramatically when Google realised that this is a targetted attack on their business. But in truth that should not have been the pre-requisite of providing your customers with support.

Google have taken the first steps to combatting these attacks by providing their customers with a link to a trustworthy lmalware removel tool and setting up a monitoring process for trying to track down the perpetrators. However, the only way they and their customers will be completely safe is if they change their software to either trap, or block, the interdiction of search selections from the list repesented to the customer.

Another option would be to incorporate the anti-malware programme into their existing pack of protection programmes to supplement the existing anti-spyware and anti-virus routines.

[Simetrical]

As I explained in my opening post this was actually my first assumption which was why I changed my browser from IE8 to Mozilla Firefox. The malware remains a problem regardless of which browser I use, but is only triggerred by a Google search. So, the logical conclusion is that it has embedded itself somewhere in the Google Search engine, or that it has been embedded somewhere which is browser independent and has been specifically tailored to react to a Google search.

It's the latter. It probably just intercepts all outgoing HTTP requests and rewrites them using a regular expression or something. Or it modifies both IE and Firefox, since those are the most popular browsers. It doesn't affect other search engines because they don't have the market share, so it doesn't bother targeting them.

Whatever, methid has been employed by this criminal the bottom line is that it is as much an attack on Googles credability as a search engine provider as it is on my sanity as a Google customer. The simple solution from my point of view would be to switch search engine provider, but as I said in my support request I have been using Google as my search engine since it first came out and I am reluctant to stop using it just because some low life wants me too.

This is a valid marketing point, of course. Google can do nothing about it directly, but they'd be smart to try helping users anyway (if it's a large enough problem), since they'll get the blame regardless. But on a technical level, it is not something that Google is any more or less vulnerable to than any other site in existence. In fact, there are similar viruses that replace links on all sites indiscriminately.

Hopefully, they are also looking at ways to block this sort of attack, and will be prosecuting anyone they track down who is benefiting from its activities.

It is impossible for them to block it, because it's on your computer. They cannot prosecute the perpetrators, because the perpetrators will be hiding behind an elaborate string of proxies and are quite possibly living in an uncooperative country like Russia (which often doesn't mind if its large hacker population targets foreigners, since it brings a significant amount of money into the country). Plus it's infeasibly expensive, given the number of hackers out there.

So it remains to be seen if that has cured the problem but it was interesting that the Microsoft Programme gave my PC a clean bill of health and then Malwarebytes found a malicous programme in MSN Messenger.

p.s. I must just repeat yet again that this problem was not caused by a virus. I happen to have any excellent anti-virus programme protecting my PC and I also happen to have an excellent anti-spyware programme guarding my PC. This was a malicous programme, which was clearly designed to target the Google Search engine, the solution recommended by Google was therefore Malwarebytes' Anti-Malware programme not an Anti-Virus Programme.

Antivirus programs rely on heuristics. All of them will let some viruses through, and flag some things that aren't viruses. Just because you have antimalware software installed doesn't mean you don't have malware.

("Antivirus" software might be better called "antimalware", since virus has a more specific definition, but people rarely observe it.)

As a result i was able to downlad a trustworthy malicous software removal tool which worked, its just a shame that they had to lose so many customers before they changed their attitude.

You realize that each user makes Google only pennies per day? And that they have a couple billion users? This one piece of malware is not going to change much of anything. It's unlikely to have hit more than a small number of users by Google's standards.

(This is why Google has such poor customer service. Each customer makes them almost no money, so it's not economical to spend even a small amount catering to individuals.)

I never said that it was their fault, all I said was that it clearly highlights that there is a flaw in the Google software which can be explioted by a hacker. The implication being that unless and until Google plug that hole this sort of attack will continue and both they and their customers will be at risk.

It is not a flaw in the Google software. It is a flaw in the entire PC model of computing, where an untrusted client connects to a trusted server. The only way to fix it is to make clients trusted as well as servers, so that almost no malware can exist. As I observed above, Google's Chrome OS is a step in this direction.

But okay, whatever. I can see this discussion is not progressing very usefully.

[Juvenal]

...
Because unless Google can do something to prevent the malware targetting its searches and interdicting its customers selections then I suspect that this is going to be a recurring attack on their credability. And ultimately of course the simple solution for any customer who just wants to search the web in peace is simply to change their search engine.

p.s. I must just repeat yet again that this problem was not caused by a virus. I happen to have any excellent anti-virus programme protecting my PC and I also happen to have an excellent anti-spyware programme guarding my PC. This was a malicous programme, which was clearly designed to target the Google Search engine, the solution recommended by Google was therefore Malwarebytes' Anti-Malware programme not an Anti-Virus Programme.

Your Malwarebytes report indicates that you did have a virus. The virus program will have been piggybacked into your internet connection processes so that it could intercept and alter communications between your browser and the internet.

It just so happens that the virus chose to serve false result pages when you made google search requests. However you cannot be sure that it wasn't also doing other things. For example it could be examining your activity for account names and passwords and silently sending them off to servers controlled by the bad guys.

Since it happened to publicly target Google and appeared to go away when another search site was used, Google felt it was in their interest to direct you to a malware removal tool. However that doesn't make it their fault, it is your virus on your machine and could have targeted any site. Also just changing to another search site doesn't actually do you any good since the malware remains in place doing whatever else it does that you haven't noticed yet.

Here is some spiel on Backdoor bot.

Backdoor.Bot is a damaging trojan backdoor infection that alters processes in Windows system and obstructs access to msconfig and regedit. Typically Backdoor.Bot spreads through unwanted email, chat rooms, news groups and corrupt freeware downloads. Upon injection, Backdoor.Bot trojan will create corrupt bsqtdeeh.exe, akxjhrf.exe, cmylgkok.exe, mwykrzh.exe files, inactivate security tools and activate irritating pop ups. Backdoor.Bot is a critical trojan threat that can spread to both local and network computer systems!

Common indications of Backdoor.Bot trojan:

• Desktop background picture screen and screen saver hijacked by messages
• Backdoor.Bot is memory resident, re-install itself after manual removal
• Sluggish computer speed, sluggish system start-ups and reboots
• "Blue Screen Of Death" caused by corrupt dll's, registry keys and Windows files
• Pop-up blocker unable to prevent irritating adult bulk pop-up ads
• Search results and browser startpage hijacked by hacker websites
• Unknown Backdoor processes in Windows task manager strange Computer tower error bleep sounds

Backdoor.Bot hijack activities:

• Backdoor tracks and inactivate firewall and antivirus programs and forwards private info such as usernames, passwords to remote servers
• Logs system activity and registry settings, records browsing activity to create matching pop up ads
• Sneaks into the Computer via browser security leaks and infect the system with damaging adware and spyware programs

[webMaster412160]

Good to see its fixed now. Last time I had done a scan o my, I really had to.

[Didz]

The searching seems to be working correctly now, but I have still had to give up on IE8 because for some reason it just won't save my cookies anymore. I've switched to Firefox now which seems to work fine.