google/mozilla redirects me to random sites

June 8, 2009 at 06:45:14
Specs: Windows XP
how do i correct, my AVG suite does not fix it.

See More: google/mozilla redirects me to random sites

Report •

June 8, 2009 at 16:07:45

1) Install, update database and run full scan with Malwarebytes' Anti-Malware. Attach malwarebyte full scan log.

2) Scan with SuperAntispyware : . Fix what it detects and post summary scan log.


Report •

June 10, 2009 at 04:00:20
I cannot get mbam to run on my pc

Report •

June 10, 2009 at 06:10:50
Try: Download and run Kaspersky AVP tool:
Once you download and start the tool:
# Check below options:

    * Select all the objects/places to be scanned. 
    * Settings > Customize > Heuristic analyzer > Enable deep rootkit search

# Click Scan
# Fix what it detects
# Attach Scan log/Summary to your next message.

Illustrated tutorial:

If I'm helping you and I don't reply within 24 hours send me a PM.

Report •

Related Solutions

June 11, 2009 at 17:17:41
I ran the kaspersky tool and it found No threats. There was no log to attach. I, also downloaded and ran Spyware doctor which said it found 9 threats. But I cannot fix them unless I buy the tool.


Report •

June 11, 2009 at 17:40:19

Report •

June 11, 2009 at 18:29:59
Yes, in IE as well. i just finished a quick scan using super anti spyware which corrected (?) 53 threats. However, I still am being redirected with every search. I am going to run a full scan and see if that helps. Please let me know what, you suggest. I am able to access all pages that I try to open which I could not do before.

Report •

June 11, 2009 at 18:35:53
Here is the log from the quick scan:
SUPERAntiSpyware Scan Log

Generated 06/11/2009 at 09:08 PM

Application Version : 4.26.1004

Core Rules Database Version : 3936
Trace Rules Database Version: 1879

Scan type : Quick Scan
Total Scan Time : 00:22:28

Memory items scanned : 554
Memory threats detected : 0
Registry items scanned : 458
Registry threats detected : 33
File items scanned : 8011
File threats detected : 20

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE7C3CF0-4B15-11D1-ABED-709549C10000}

Adware.Tracking Cookie
C:\Documents and Settings\USER 1\Cookies\user_1@at.atwola[2].txt
C:\Documents and Settings\USER 1\Cookies\user_1@2o7[2].txt
C:\Documents and Settings\USER 1\Cookies\user_1@atdmt[1].txt
C:\Documents and Settings\USER 1\Cookies\user_1@tacoda[2].txt
C:\Documents and Settings\USER 1\Cookies\user_1@www.stopzilla[1].txt
C:\Documents and Settings\USER 1\Cookies\user_1@advertising[1].txt
C:\Documents and Settings\USER 1\Cookies\user_1@xiti[1].txt
C:\Documents and Settings\USER 1\Cookies\user_1@smartadserver[2].txt
C:\Documents and Settings\USER 1\Cookies\user_1@statcounter[2].txt
C:\Documents and Settings\USER 1\Cookies\user_1@stopzilla[2].txt
C:\Documents and Settings\USER 1\Cookies\user_1@ad.yieldmanager[2].txt
C:\Documents and Settings\USER 1\Cookies\user_1@revsci[2].txt
C:\Documents and Settings\USER 1\Cookies\user_1@macombcountymi[1].txt
C:\Documents and Settings\USER 1\Cookies\user_1@msnservices.112.2o7[1].txt
C:\Documents and Settings\USER 1\Cookies\user_1@msnportal.112.2o7[1].txt
C:\Documents and Settings\USER 1\Cookies\user_1@tribalfusion[1].txt
C:\Documents and Settings\USER 1\Cookies\user_1@yadro[2].txt
C:\Documents and Settings\USER 1\Cookies\user_1@avgtechnologies.112.2o7[1].txt
C:\Documents and Settings\USER 1\Cookies\user_1@overture[1].txt
C:\Documents and Settings\USER 1\Cookies\user_1@doubleclick[1].txt

Unclassified.Unknown Origin
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad#zip [ {eeff746b-1131-4ce9-9d63-e56820f6adff} ]


Report •

June 11, 2009 at 18:39:27
Note: Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

1) Can you please post your AVZ log:
Note: Run AVZ in windows normal mode. If avz.exe doesn't start, then try to rename the file avz.exe to something else and try to run it again. Make sure you have your web browser open in background before following the steps below.

i) To create the logfile, download AVZ by clicking HERE. Please save this file to your desktop or "My Documents" folder.

ii) Next, unpack the file to a new folder using the Compressed (zipped) folders wizard built into Windows XP/Vista, or a zip utility of your choice.

iii) Once you have unpacked the contents of the zip archive, please launch the file AVZ.exe by double clicking on it or right clicking and selecting Open.
Note: If you are running Windows vista launch AVZ.exe by right clicking and selecting Run as Administrator.

You should now see the main window of the AVZ utility. Please navigate to File->Custom Scripts. Copy the script below by using the keyboard shortcut CTRL+C or the corresponding option via right click.


Paste the script into the execution window by using CTRL+V keyboard shortcut, or the "paste" option via the right click menu. Click on Run to run the script, the PC will reboot. After the reboot the LOG subfolder is created in the folder with AVZ, with a file called inside. Upload that file to and paste the link here.

Image Tutorial

2) Can you also make a new HijackThis log and upload it to HijackThis: Here

If I'm helping you and I don't reply within 24 hours send me a PM.

Report •

June 11, 2009 at 20:50:21
I downloaded AVZ but the tabs only have numbers on them and not words. All the gui labels are numbers.

Report •

June 11, 2009 at 21:02:48
Just follow Image tutorial and see if you can generate a log.

If I'm helping you and I don't reply within 24 hours send me a PM.

Report •

June 11, 2009 at 22:50:07
1. Download Link: Click here to download file
MD5: 3B767D21C2204057C65F3066FE0EE8E3

1. Download Link: Click here to download file
MD5: 8CD716CB41E7A733129DA433BD7638BC

Report •

June 12, 2009 at 05:21:14
Seems like Superantispyware took care of most of the rootkit. Run Superantispyware again fix what it detects and reboot into safe mode with networking redownload, install and run Response Number 3.

If I'm helping you and I don't reply within 24 hours send me a PM.

Report •

June 12, 2009 at 08:57:05
Superspyware found no errors. I ran mbam.exe and got the following results: I did nothing based on the results waiting on your response.

1. Download Link: Click here to download file
MD5: 85246731A6EEFF5000C41BF360F30811

Report •

Ask Question