8 Step search result hijack help

Well as presumed ... Nothing

Run IE Reset Fixit Tool:

Or manually from here http://www.techspot.com/vb/post682762-2.html
Then restart Internet Explorer, go through the standard settings, I usually turn off everything I can

Then run a free online scan with Eset: http://www.eset.com/onlinescan/
That'll take some time But is required at this point

Why can there be one program that scans and finds everything... why is there a dozen things you have to scan with?

So far the eset found 3: win32/bagle.gen.zip.worm

lol

Good point

If I made a Malware scanner, I'd be making one that does everything
It might take 4 hours to scan, but who cares !!!

Well it went all night and cleaned 4 items.

ok, next step? Still not fixed. This is ridiculous...

I have done a bit of research, this will do it

• Download The Avenger by Swandog46 from HERE.
• Unzip/extract it to a folder on your desktop.
• Double click on avenger.exe to run The Avenger.
• Click OK.
• Make sure that the box next to Scan for rootkits has a tick in it and that the box next to Automatically disable any rootkits found does not have a tick in it.
• Copy all of the text in the below code box to the clipboard by highlighting it and then pressing Ctrl+C.

• In the avenger window, click the Paste Script from Clipboard, button.
• You will be asked Are you sure you want to execute the current script?.
• Click Yes.
• You will now be asked First step completed --- The Avenger has been successfully set up to run on next boot. Reboot now?.
• Click Yes.
• Your PC will now be rebooted.
• Note: If the above script contains Drivers to delete: or Drivers to disable:, then The Avenger will require two reboots to complete its operation.
• After your PC has completed the necessary reboots, a log should automatically open. If it does not automatically open, then the log can be found at %systemdrive%\avenger.txt (typically C:\avenger.txt).
• Please attach this log, along with a new HijackThis log in your next reply.

EDIT: This is for Vista only

after i get the are you sure you want to execute the current script and click yes, i get a box that says "Error: Invalid script. A valid script must begin with a command directive. Aborting execution!"

You need to copy both lines
Including the "Files to move: "

oooooooooooooooooops

sorry, one moment

As you can see, I am not Eric. This is his wife Krissy. He is at work having do all of this stuff! Sorry, im messing it all up!

What the hell

I gave you Vista command, god knows why, must have gone dumb for a sec
C:\WINDOWS\ServicePackFiles\i386 That's where atapi.sys lives

But we need to check something first:

Start > Run > cmd /c start /min cmd /c "PEV -l %systemdrive%\atapi.sys >Log.txt&Log.txt&del Log.txt"
Wait about 30 secs for this log to show. Please post this log file to a new reply

here it is

Look no matter how that turns out, just do the following: (I'm really confident now )

Lets try another option to remove this infection

Download MBR.exe and save it to your c:\ root directory, so its at c:\mbr.exe

Click on Start > Run and type in cmd and click OK.

Type in: c:\mbr.exe -f and then press the Enter key

Restart

whats next?

My wifes at home doing this stuff, and im here at work, i can thank you enough for helping us through this. It doesnt seem that bad like id have to reformat the comp just bad enough to be annoying, and no programs were removing it. Thank you.

I wouldn't try using the -f command without seeing the output of -t first.

I've safely done the f command before

Is it still redirecting?

yes it is.

kritius its beyond me

HELP

Unless its Erunt doing it?