My google searches have all been redirecting to advertisements since yesterday the search works fine, but when you click on the links it redirects to some random ad sites. Although it doesn't redirect it 100% of the time. Yahoo is also redirecting occasionally.
So far I've tried the steps from this forum and (based on advice I could find on random forums online) I've also tried Hitman pro 3.5, gooredfix, ad-aware, spybot search and destroy, AVG and spywareblaster. Some of these programs have come up with a couple of infected files and said it fixed them, but nothing has taken care of my redirect problem. I turned off system restore beforehand so the virus wouldn't be saved in a restore point.
I see some people have suggested combofix, but I've also seen a lot of warnings against potentially messing up your computer with combofix, so if someone could walk me through some next steps that would be really appreciated.
I'm attaching all the logs below- the malware bites one is clear, but I ran it yesterday afternoon (before my husband told me about this website) and it deleted the following files:
Files Infected:
C:\Documents and Settings\Arielle\Local Settings\Temp\2D73.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Arielle\Local Settings\Temp\2D76.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Arielle\Local Settings\Temp\CMEY.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Arielle\Local Settings\Temporary Internet Files\Content.IE5\BIFTCJX4\yHfff090eaV03009f35002R6ad7e23f102Tb3fabf45Q000002fd901801F002d000aJ0f000601l0409Kf4bad4d63180[1] (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Arielle\Local Settings\Temporary Internet Files\Content.IE5\L7VL1KIO\eH0972e11eV03f01730002R5b9a9595102T4220cbaeQ000002fc901801F0020000aJ0f000601l0409Kf8f9f9d43180[1] (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Arielle\Local Settings\Temporary Internet Files\Content.IE5\QC4QK6SA\0001134[1].exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\18467.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\2D78.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\2D7A.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
Thanks so much in advance!!
So far I've tried the steps from this forum and (based on advice I could find on random forums online) I've also tried Hitman pro 3.5, gooredfix, ad-aware, spybot search and destroy, AVG and spywareblaster. Some of these programs have come up with a couple of infected files and said it fixed them, but nothing has taken care of my redirect problem. I turned off system restore beforehand so the virus wouldn't be saved in a restore point.
I see some people have suggested combofix, but I've also seen a lot of warnings against potentially messing up your computer with combofix, so if someone could walk me through some next steps that would be really appreciated.
I'm attaching all the logs below- the malware bites one is clear, but I ran it yesterday afternoon (before my husband told me about this website) and it deleted the following files:
Files Infected:
C:\Documents and Settings\Arielle\Local Settings\Temp\2D73.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Arielle\Local Settings\Temp\2D76.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Arielle\Local Settings\Temp\CMEY.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Arielle\Local Settings\Temporary Internet Files\Content.IE5\BIFTCJX4\yHfff090eaV03009f35002R6ad7e23f102Tb3fabf45Q000002fd901801F002d000aJ0f000601l0409Kf4bad4d63180[1] (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Arielle\Local Settings\Temporary Internet Files\Content.IE5\L7VL1KIO\eH0972e11eV03f01730002R5b9a9595102T4220cbaeQ000002fc901801F0020000aJ0f000601l0409Kf8f9f9d43180[1] (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Arielle\Local Settings\Temporary Internet Files\Content.IE5\QC4QK6SA\0001134[1].exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\18467.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\2D78.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\2D7A.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
Thanks so much in advance!!