Cannot Access Any Search Engine

Status
Not open for further replies.
T

top_model_guy

Posts: 79   +0
I have completed the 8-step process prescribe yet I am still unable to facilitate a search using either google or yahoo. Whenever I try to search using either search engine (whether through the site itself or each's toolbar) I am shown a page saying I cannot access the internet. I can still the yahoo home page itself, however I am unable to even reach the google home page. Additionally, this problem persists in both Internet Explorer and Firefox.I have attached the 3 logs asked for. Thanks for any help in solving this problem.
 

Attachments

  • hijackthis.log
    12.4 KB · Views: 3
  • mbam-log-2010-01-14 (09-47-40).txt
    127.3 KB · Views: 2
  • SUPERAntiSpyware Scan Log - 01-14-2010 - 11-28-33.log
    3.4 KB · Views: 3
Considering the amount of malware on the system, I'm surprised you can do anything! And if this is an example of how well the Verizon Security Suite protects you, you need to get rid of it and get some good security programs! It looks like you are paying them at least $6 a month. Their program name is VISS and it's suppose to have everything you need for security!

You have a lot of ' Rogue' security programs. One of them is WindowsPCDefender. I don't know whether you installed them and they brought the malware or whether they installed themselves with the malware! Mbam has removed a lot, but it is amazing how many files are infected.

Let's see if we can clean any more of it out:
Please download ComboFix HERE:
  • With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.
  • Please disable all security programs, such as antiviruses, antispywares, and firewalls. Also disable your internet connection.

Important! Save the renamed download to your desktop.
  • Double click on the setup file on the desktop to run
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console.
  • When prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    (Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.)
  • Query- Recovery Console image
    RcAuto1.gif

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
    whatnext.png

  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a log.Please include the C:\ComboFix.txt in your next reply.
Notes:

  • 1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
    3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
    4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Then run this online scan:

Run Eset NOD32 Online AntiVirus Scanner HERE

Note: You will need to use Internet Explorer for this scan.
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the Active X control to install
  • Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
  • Click Start
  • Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
  • Click Scan
  • Wait for the scan to finish
  • Re-enable your Antivirus software.
  • A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

The rescan with HijackThis.
Attach the following to your next reply:
Combofix report
Eset scan log
New HijackThis log.

We'll go from there.
 
Thanks Bobbye for all the help. Yeah, this computer is a mess--it's my sister's and I'm trying to help get her back up and running efficiently. I have followed each of your precedures and my google and yahoo search engines are now back up and runner. I have attached the requested logs...thanks for any further improvement.
 

Attachments

  • ComboFix.txt
    20.6 KB · Views: 1
  • hijackthis (1-15-09).log
    12 KB · Views: 1
  • Eset log.txt
    1 KB · Views: 3
Please download OTMovit by Old Timer and save to your desktop.
  • Double-click OTMoveIt3.exe to run it. (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator")
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    Code: 
    :Processes	

:Services

:Reg

:Files  
C:\Program Files\Mozilla Firefox\plugins\NPZoneSB.dll	
C:\Program Files\ZoneAlarmSB\bar\1.bin\NPZONESB.DLL	

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
  • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window and choose Paste.
  • Click the red Moveit! button.
  • A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
  • Close OTMoveIt3
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
---------------------------------------
Download the Norton Removal Tool and save it to the desktop. Don't run yet.


Boot into Safe Mode
  • Restart your computer and start pressing the F8 key on your keyboard.
  • Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.
Double click on the Norton Tool to run. Follow onscreen prompts. (Note: you do not need a license key to uninstall)
-------------------------------------
Did you run Smitfraud at some point?

Please upload the following file to VirSCAN.org.for identification

c:\windows\system32\VCCLSID.exe

Attach report to your next reply.
 
Sorry- forgot a few entries in the HijackThis log: These are all optional removal. However it is recommended they be removed as Foistware:

You have Viewpoint Media Player installed on your system. This program is not malware but it is foistware in that it is usually installed without the user's knowledge or approval, and for this reason I recommend you remove it. If you actually use this program, I recommend you try using safe and free alternatives such as VLC Media Player:

To remove, find and remove Viewpoint Media Player

Boot into Safe Mode
  • Restart your computer and start pressing the F8 key on your keyboard.
  • Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.
  • Click on Start > Run and type: services.msc> OK
  • Click the "Extended tab".
  • Scroll down the list and find the service called "Viewpoint Manager Service"
  • When you find the service, double-click on it.
  • In the Properties Window > General Tab that opens, click the "Stop" button.
  • From the drop-down menu next to "Startup Type", click on "Disabled".
  • Now click "Apply", then "OK" and close any open windows.
  • Click on Start > Settings > Control Panel >Add/Remove Programs
  • Highlight and remove all references to Viewpoint - i.e. Viewpoint, Viewpoint Manager, Viewpoint Media Player.

Finally, delete the following folders if they still exist: Open Windows Explorer> Programs:
C:\Program Files\ViewManager\ <-- and delete this folder
C:\Program Files\Viewpoint\ <-- and delete this folder

Empty the Recycle Bin


You have the ZoneAlarm Spywareblocker installed. This comes pre-checked on the AskToolbar and/or with the ask,com search: Comments:
ZoneAlarm SpyBlocker comes in the form of the Ask Toolbar. ZoneAlarm Spy Blocker Toolbar, now installed as an optional with Zonealarm. Uses the Ask.com searchengine.

Ask yourself why ZoneAlarm hid the fact that it was the Ask Toolbar that was being installed. Here's the most likely answer -- pay per install. Yes, I suspect that ZoneAlarm is being paid by Ask or their affiliates for each and every install of their nefarious toolbar.
ZA's FAQ seems to say that they use it to track your surfing.
Click to expand...
You have the Ask Toolbar installed, I would recommend you uninstall it - decide after taking a look at this article:
http://www.benedelman.org/spyware/ask-toolbars/

If you choose to remove it, uninstall it and delete this folder C:\Program Files\AskPBar

Uninstall on Windows XP:

You can easily uninstall the Toolbar using the instructions below for Windows Vista:

1. Close all open Web browsers
2. From the "Start" menu in Windows, select "Control Panel"
3. Under the "Programs" icon, select "Uninstall a program"
4. Select the program with the Ask logo and the text "Ask Toolbar" (or our partner’s brand for a custom Toolbar)
5. Click "Uninstall" and then "Continue" to remove the Toolbar


If you reopen your Web browser and still see the Toolbar, you may need to restart your computer for the uninstall process to be completed.

After handling this and the scans in my other reply, please include a new log from rescan with HJT also.
 
Status
Not open for further replies.

Similar threads

Shawn Knight
Google fully discontinues cache links in Search
Replies
9
Views
529
Tinderbox
Tinderbox
Daniel Sims
AI-powered Google search can now generate images and text drafts
Replies
1
Views
247
WhoCaresAnymore
WhoCaresAnymore
midian182
Google Maps update shields user location data from law enforcement requests
Replies
9
Views
376
Thatsdisgusting
T

Latest posts

Back