[Inactive] Google Search Redirect - Followed 8 Steps (Logs Attached)

Status
Not open for further replies.
Hello,

I am a first time visitor to the site and found everything really helpful.

The other day I had the fake XP Antivirus 2010 thing on my computer, and I followed some instructions I found online and cleaned it up. Everything was great with my browser (Firefox) and then yesterday, it came back. I removed it again, but now my browser keeps redirecting me when I try to search in Google. Not all the time, but occasionally. Both times that I've received the false XP Antivuris messages, I have been in my web browser and it froze up.

I don't run any file sharing programs on my computer. My computer has been giving me error messages a lot more frequently. They are "svchost.exe" error, "Data Execution Prevention" error, and an error when I try and shut down. It says a "Breakpoint" has been reached. It has all happened suddenly, following the XP Antivirus 2010 incident.

I've attached my logs.
 

Attachments

  • hijackthis.log
    10.1 KB · Views: 1
  • mbam-log-2010-03-17 (00-49-03).txt
    866 bytes · Views: 1
  • SUPERAntiSpyware Scan Log - 03-17-2010 - 02-20-26.log
    13 KB · Views: 1
Welcome to TechSpot, zad089. Okay, there are a couple of things I'd like you to do before we continue:

1. Disable TeaTimer:
  • Right click the TeaTimer icon in the system Tray
    MHoTT005.gif
  • Then click Exit Spybot-S&D Resident
  • (One you are clean you can restart TeaTimer by going to C:\Program Files\Spybot - Search & Destroy, and double clicking on TeaTimer.exe
2. Please take CCleaner off of the startup menu:
Start> Run> type in msconfig> enter> Selective Startup> Uncheck any processes for CCleaner> Apply> OK.
(you may be able to do this by opening CCleaner and unchecking 'run on startup.')
(Note: the first time you reboot after making this change, a nag message will come up. You can ignore it and close it after checking 'don''t show this message again.' Stay in Selective Startup.

3. You have the Adware.ZangoSearch. If you check the line in Superantispyware to remove what is found, then all or most of these files will have been removed. If you did not check for removal, please rescan with SAS, check for removal.
In an article dated April 20, 2009, we are told that 'Zango closed it's doors' following a fine of $3 million by the Federal Trade Commission in 2006 for sneaking software on people's PCs. But I can tell you by what I see in logs that the Zango adware is still trashing systems!

So let's check further: Please download ComboFix HERE:
  • With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.

    Important! Save the renamed download to your desktop.
  • Please disable all security programs, such as antiviruses, antispywares, and firewalls.
  • Double click on the setup file on the desktop to run
  • If prompted to download and install the Recovery Console, please do so.
    (Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.)
  • If prompted to update, please allow.
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a log.Please include the C:\ComboFix.txt in your next reply.
Notes:

  • 1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    2. ComboFix may reset a number of Internet Explorer's settings.
    3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security.
    4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run.
.
Follow with Run Eset NOD32 Online AntiVirus Scanner HERE
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the Active X control to install
  • Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
  • Click Start
  • Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
  • Click Scan
  • Wait for the scan to finish
  • Re-enable your Antivirus software.
  • A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

Leave the Combofix report and the Eset log on your next reply.
 
Status
Not open for further replies.
Back