Inactive Firefox redirector from antimalware doctor

Status
Not open for further replies.

JillH

Posts: 7   +0
I got rid of the antimalware doctor, and combofix replaced a corrupted disk.sys but STILL have the browser redirector. When I use CCleaner to get rid of temp files I can browse for a length of time without a problem but it always comes back. Please help.
Here's all my log files.
 

Attachments

  • Attach.txt
    15.1 KB · Views: 0
  • ComboFix.txt
    84.9 KB · Views: 1
  • DDS.txt
    16.8 KB · Views: 1
  • gmer.log
    1.8 KB · Views: 1
  • mbam-log-2010-08-22 (11-12-35).txt
    895 bytes · Views: 1
Welcome aboard
yahooo.gif


Never run Combofix on your own.

I don't see any AV program running on your computer.

Download and install ONE of these:
- Avast! free antivirus: http://www.avast.com/eng/download-avast-home.html
- Avira free antivirus: http://www.free-av.com/en/download/1/avira_antivir_personal__free_antivirus.html
After installation, run full scan.
Report on any findings.

When done...

Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.
 
Thanks for the quick response. I was disconnected from the Internet and had just uninstalled Avast before going back to AVG when I ran the utilities. I've never been without antivirus and last night's scan showed no virus.
Here is the MBR log.
 

Attachments

  • MBRCheck_08.22.10_12.29.05.txt
    9.2 KB · Views: 3
I apologize for a huge delay.
Somehow, email notification missed me :)

Can you post fresh Combofix log?
 
new combofix log

No problem, Broni. Here's a new combofix log.
 

Attachments

  • ComboFix.txt
    25 KB · Views: 1
Combofix looks clean.

Still redirecting?
If so, can you check, if IE experiences redirection as well?

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:



netsvcs
drivers32 /all
%SYSTEMDRIVE%\*.*
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\system32\*.wt
%systemroot%\system32\*.ruy
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\system32\spool\prtprocs\w32x86\*.tmp
%systemroot%\*. /mp /s
/md5start
/md5stop
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\user32.dll /md5
%systemroot%\system32\ws2_32.dll /md5
%systemroot%\system32\ws2help.dll /md5
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs



* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
Hi Broni,

It doesn't appear that IE is redirecting, just Firefox. The log files are too many characters for me to paste so I'm sending them as file attachments.
 

Attachments

  • OTL.Txt
    111.8 KB · Views: 2
  • Extras.Txt
    53.3 KB · Views: 1
Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).
 
GooredFix keeps crashing. I tried it in Safe Mode, downloaded another copy of it, and ran it from different folders. As soon as it gets to a folder with AVIs it crashes. Any other suggestions?
 
Close Firefox. Go Start>All Programs>Mozilla Firefox, click on Mozilla Firefox (safe mode). Redirected?
 
That means, some of your addons is causing this issue.

I suspect Zynga Toolbar.
See, if it's listed in Add\Remove, or/and Firefox>Tools>Add-ons.
If it's there, uninstall it.
If not, let me know.
 
OK. You'll have to investigate then.

Start Firefox normally.
Disable ALL add-ons.
Restart FF.
No redirection?
If so, re-enable 1 add-on.
Restart FF.
No redirection?
Enable next add-on....and so on until you find the culprit.
 
Status
Not open for further replies.
Back