Google search hijacked

By tday37
Nov 1, 2009
Topic Status:
Not open for further replies.
  1. Here's my situation:

    1. My PC was infected by some kind of spyware/adware at an unknown time in the last week
    2. I have Symantec Corporate Edition running, it doesn't detect a problem. But my PC keeps saying auto-protect is disabled (although Symantec says it is enabled).
    3. I ran ad-aware - it found some spyware I deleted it.
    4. I ran Avg - it found some stuff and I deleted it
    5. I ran spybot - it found some more stuff and I deleted it.
    6. The problem still persists.

    One other note: I cannot start my PC in safe mode, I get a flash of the blue screen of death and reboot. Booting normally does not have this problem.

    I've attached my HJT log and if anyone can help, I would be extremely grateful.

    Thanks!
  2. Tmagic650

    Tmagic650 TS Ambassador Posts: 20,673   +152

    Try doing the 8-Step Virus & Malware Removal instructions listed in this forum
  3. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    Welcome to TechSpot. you'll find the steps HERE

    You'll need a new HijackThis scan after Malwatebytes and Superantispyware.

    When you finish those three programs, do the following:
    Please download ComboFix HERE:
    • With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.
    • Please disable all security programs, such as antiviruses, antispywares, and firewalls. Also disable your internet connection.
    • Run Combo-Fix.exe and follow the prompts.
      (Understand that things like your system clock changing and your desktop disappearing might happen. Do not worry, because all will be restored later.)
    • Wait for the scan to be completed.
    • If it requires a reboot, please do it.
    • After the scan has completed entirely, please post the log here. The log will be located at C:\ComboFix(.txt)

    Notes:

    • 1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
      2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
      3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
      4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

    Handling logs:

    The only log that needs to be pasted in the reply is the HijackThis log.

    All other logs and reports can be attached unless your helper asks otherwise.

    Your system is badly infected and I'm going to tell you right up front: you have WAY too many processes starting on boot! Do you not know that you can open a program manually when you want to run it? that you don't need to have everyting running in the background? As long as you have so many active processes, you are going to continue to get "stuff".
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.