Google search results are randomly redirected

[flucloxacillin]

Hi please help with this

All my browsers Chrome, IE and Firefox will randomly redirect google search results to advertising sites. I have followed the 8 steps by Julio and attach the logs. Is my system now clean? I notice my C drive has a folder called avenger with the iamfamous.dll in it which was identified as malware by Malwarebytes' Antimalware should I zap that?. My problems started a couple of days ago when my virus checker identified autorun.inf virus. I removed this by starting safemode with command prompt and deleting from every single drive. Type autorun.inf in dos showed that it referred a folder called resycled so I deleted that as well

 

[rf6647]

Welcome to TS.

Jiffy response: iamfamous.dll (Trojan.Agent) -> Delete on reboot

Restart the computer.

Repeat MBAM scan (quick). Save log. Restart IF indicated in log.

Repeat this until clean or the infections are not further removed.

Full scan using MBAM (this goes to files/folders), repeat SAS, then HJT.

Post logs. The history may be needed from the logs.

DNSchanger will require other tools after this round of scrubbing.

 

[flucloxacillin]

New logs

Hi
Thanks very much for your help.
I deleted iamfamous.dll and ran scans as suggested all appear clean now, logs attached

 

[rf6647]

replyvb5774

Things look clear from this perspective. How is the performance?

Next, ComboFix is called in to get a confirming scan and information to zap remnants of the infections.

Brief view of the steps
Restart
Run ComboFix
Run HJT
Post logs

ComboFix Script and cleanup come afterwards.

Use this for ComboFix instructions courtesy of Blind Dragon

 

[flucloxacillin]

More Logs

Hi
Thanks again. Logs for ComboFix and HJT attached.
Performance now seems back to normal and i am getting no more redirections from my google searches.
Regards

 

[rf6647]

I realize this is not a timely reply.

Your last status indicated you resumed normal activities. Great.

The review of the ComboFix log was just completed. The other tools were thorough in removing remants of the infection.

Here are some clean-up instructions courtesy of Blind Dragon. Ignore the personal reminder appearing above the divider (====).
Begin with "Uninstall ComboFix".

When it comes to Internet Security, I suggest you decide on the suite or combination of products for protecting the computer. Over-protection slows the computer unnecessarily.

The listing of processes is from the HJT log. The filename gives the appearance it offers some part of protection. The clean-up instructions touch on this matter.

C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe

C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe

C:\Program Files\Virgin Broadband\PCguard\Fws.exe
C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe
C:\Program Files\Virgin Broadband\PCguard\RPS.exe
C:\Program Files\Virgin Broadband\PCguard\rpsupdaterR.exe

C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.vista.exe

 

[flucloxacillin]

Thanks

Thanks for your help, I think everything is sorted now.