>Is there a pattern as to which websites you are being redirected?
I AM REDIRECTED TO VARIOUS WEBSITE SEARCH ENGINES BUT I HAVN'T RECORDED THEM ALL; TWO RECENT ONES THAT I REMEMBER ARE "SCOUR" AND "OHTGNOENRIGA" (I MAY HAVE THAT SPELLING INCORRECT). SOMETIMES I AM DIRECTED TO A SITE SIMILAR TO WHAT I'M SEARCHING FOR RATHER THAN TO ANOTHER SEARCH ENGINE.
>Are there any other PCs on the same wireless router as your machine? If so, are they experiencing any redirects?
NO OTHER PCs
>Was the Router administrator password changed when the Router was installed?
I DON"T THINK IT WAS CHANGED. I GOT A NEW ROUTER IN JUNE AS THE OLD ONE WAS GIVING PROBLEMS.
>They actually publish the list of the original, default passwords for each router on the Internet. You >can look it up for your make and model.
>Router Passwords Default List : http://www.phenoelit-us.org/dpl/dpl.html
MY ROUTER IS NOT ON THAT LIST. IT'S A WESTELL, MODEL A90-750020-07, REV. B
>If it is not changed when the router is installed, a ZLOB or other infection can use the default >password and change your router settings, so as to intercept every communication by passing it >through a spyware server. It will definitely produce redirects.
>In that situation, the router has to be re-installed so the malware server address can be removed. >(Then the password can be changed)
HAPPY TO REINSTALL IT IF YOU CAN TELL ME HOW, OR I CAN CONTACT THE ISP AND THEY CAN WALK ME THROUGH IT.
>You do have quite a few extra startups running on the machine, but nothing clearly malicious.
WHAT SHOULD I REMOVE? ...AND HOW?
NOTE: THIS MORNING I TRIED VARIOUS KEYWORD SEARCHES TO SEE WHERE I WAS BEING RE-DIRECTED AND I WAS *NOT REDIRECTED* AT ALL! COULD WHATEVER WE HAVE DONE SO FAR HAVE FIXED THE THE PROBLEM? I WILL TRY MORE KEYWORD SEARCHES TONITE AND SEE IF I HAVE ANY PROBLEMS.
ANOTHER NOTE: A COUPLE WEEKS AGO I LOOKED AT A HELP SCREEN ON FIREFOX ON REDIRECTS AND IT SAID TO TYPE "ABOUT:CONFIG" IN THE ADDRESS BAR, THEN "KEYWORD." WHEN I DID SO, IT SHOWED FOR "KEYWORD.URL" -- UNDER 'STATUS': USERSET; UNDER 'TYPE': STRING; AND UNDER 'VALUE': hxxp://mystart.incredimail.com/?loc=ff_ ... ar&search= .
IS THIS WHAT IT IS SUPPOSED TO BE, OR IS IT A PROBLEM?
Thanks
bmw3034