Sign in with
Sign up | Sign in
Your question

My internet explorer keeps redirecting to www.esaya-z.com

Last response: in Windows XP
Share
Anonymous
a b 8 Security
November 26, 2011 7:48:21 AM

Hi, there

My Internet Explorer keeps redirecting me to other websites when clicking on a serach link...most common re-direction is to some www.easya-z.com website.
Have tried AVG, Norton, Hitman Pro, AVG Rootkit...nothing seems to solve this.

Can anyone help? :cry: 
a b 8 Security
November 26, 2011 11:40:13 AM

Quote:
Hi, there

My Internet Explorer keeps redirecting me to other websites when clicking on a serach link...most common re-direction is to some www.easya-z.com website.
Have tried AVG, Norton, Hitman Pro, AVG Rootkit...nothing seems to solve this.

Can anyone help? :cry: 



jarjenkins said:
Hello,my system.keeps cumming up this page cannot be displayed



You are dealing with a rootkit virus, and they are very stubborn to remove, and normally require creating various logs from malware utilities and having an expert check them out, and guide you with removal.

Malwarebytes may do you some good with their scanner, and they have excellent malware removal support via forum or email support.
Try safe mode with networking and see if you can download from malwarebytes.org. They will direct you to mirror site like cnet or majorgeeks to complete the download. Run the update, after install, then quick scan.
If infections removed, do same in normal mode.

or here's a link at bleepingcomputer, which mentions your infection along with some others.
http://www.bleepingcomputer.com/forums/topic428918.html
December 7, 2011 3:05:01 PM

We have just managed to get rid of these symptoms - none of the tools we used could find the source.

We found that the redirect was being handled by a file in C:\windows\system32\cfgmgr323.dll

Renaming this file has stopped the redirect. However, it is a hidden system file so you will need to display system files through explorers view menu.


Restart the PC in Safe Mode.
Find the file and change the permissions so that it can be altered.
Rename the file - (I just added ".old" to the end of the file name).

After rebooting the system the redirect no longer seems to be working.

This is not a full fix as I still can't find what was spawning the process but at least I currently don't have the redirect.
!