Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect-Unable to Connect


  • Please log in to reply
12 replies to this topic

#1 overit

overit

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:34 PM

Posted 14 June 2011 - 11:26 AM

Greetings and thank you for this site.
Lately google searches result in
Problem loading
Unable to connect
Firefox can't establish a connection to the server at track.freenewgifts.com.
and the site given is not the site I was searching.
Do I have a virus?
Running WindowsXP and browser is Firefox 3.6.17
I ran Malwarebytes and it came back clean.
Thank you in advance.

BC AdBot (Login to Remove)

 


#2 invision

invision

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 14 June 2011 - 12:34 PM

Please follow this guide http://www.bleepingcomputer.com/virus-removal/remove-tdss-tdl3-alureon-rootkit-using-tdsskiller

Report back

#3 overit

overit
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:34 PM

Posted 16 June 2011 - 10:42 AM

Thank you for your help.
I ran the DSSkill and after scanning, no infections or problems were located.

#4 invision

invision

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 16 June 2011 - 11:11 AM

Please download MiniToolBox, save it to your desktop and run it.

Checkmark following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Minidump Files
.



Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

#5 overit

overit
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:34 PM

Posted 16 June 2011 - 11:53 AM

MiniToolBox by Farbar
Ran by (administrator) on 16-06-2011 at 12:42:46
Microsoft Windows XP Service Pack 3 (X86)

***************************************************************************


================= Flush DNS: ==============================================
Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.
================= End of Flush DNS ========================================

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= End of IE Proxy Settings ========================

"Reset IE Proxy Settings": Proxy Settings were reset.

Hosts file not detected in the default diroctory
================= IP Configuration: =======================================

# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration Host Name . . . . . . . . . . . . : DB7ZYY91 Primary

Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP

Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS

Suffix Search List. . . . . . : domain.invalidEthernet adapter Local Area Connection:

Connection-specific DNS Suffix . : domain.invalid Description . . . . . . . . . . .

: Intel® PRO/100 VE Network Connection Physical Address. . . . . . . . . :

00-16-76-5C-0A-0C Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration

Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.254.2 Subnet

Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . :

192.168.254.254 DHCP Server . . . . . . . . . . . : 192.168.254.254 DNS

Servers . . . . . . . . . . . : 192.168.254.254

192.168.254.254 Lease Obtained. . . . . . . . . . : Thursday, June 16, 2011 8:22:22

AM Lease Expires . . . . . . . . . . : Monday, January 18, 2038 11:14:07 PMDNS

request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.254.254

DNS request timed out.
timeout was 2 seconds.
Name: google.com
Addresses: 74.125.93.99, 74.125.93.103, 74.125.93.104, 74.125.93.105
74.125.93.106, 74.125.93.147

Pinging google.com [74.125.93.147] with 32 bytes of data:Reply from 74.125.93.147: bytes=32

time=54ms TTL=52Reply from 74.125.93.147: bytes=32 time=44ms TTL=52Ping statistics for

74.125.93.147: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip

times in milli-seconds: Minimum = 44ms, Maximum = 54ms, Average = 49msDNS request timed

out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.254.254

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 72.30.2.43, 98.137.149.56, 209.191.122.70, 67.195.160.76
69.147.125.65

Pinging yahoo.com [69.147.125.65] with 32 bytes of data:Reply from 69.147.125.65: bytes=32

time=45ms TTL=54Reply from 69.147.125.65: bytes=32 time=44ms TTL=54Ping statistics for

69.147.125.65: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip

times in milli-seconds: Minimum = 44ms, Maximum = 45ms, Average = 44msPinging 127.0.0.1

with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1:

bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2,

Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum

= 0ms, Average =

0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 16 76 5c 0a 0c ......

Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.254.254 192.168.254.2 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.254.0 255.255.255.0 192.168.254.2 192.168.254.2 20
192.168.254.2 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.254.255 255.255.255.255 192.168.254.2 192.168.254.2 20
224.0.0.0 240.0.0.0 192.168.254.2 192.168.254.2 20
255.255.255.255 255.255.255.255 192.168.254.2 192.168.254.2 1
Default Gateway: 192.168.254.254
===========================================================================
Persistent Routes:
None

================= End of IP Configuration =================================

=========================== Minidump Files ====================

No minidump file found

=========================== End oF Minidump Files =============

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,590 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:34 PM

Posted 16 June 2011 - 01:55 PM

Please post the results of your last MBAM scan for review (even if nothing was found).

To retrieve the Malwarebytes Anti-Malware scan log information, launch MBAM.
  • Click the Logs Tab at the top.
  • The log will be named by the date of scan in the following format: mbam-log-date(time).txt
    -- If you have previously used MBAM, there may be several logs showing in the list.
  • Click on the log name to highlight it.
  • Go to the bottom and click on Open.
  • The log should automatically open in notepad as a text file.
  • Go to Edit and choose Select all.
  • Go back to Edit and choose Copy or right-click on the highlighted text and choose Copy from there.
  • Come back to this thread, click Add Reply, then right-click and choose Paste.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
Logs are saved to the following locations:
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd
-- Vista, Windows 7, 2008: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd



Please download SUPERAntiSpyware Free and follow these instructions for performing a scan.

  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • Be sure to update the definitions before scanning by selecting "Check for Updates".
    If you encounter any problems while downloading the updates, manually download them from here.
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
  • Click Close to exit the program.
  • Please copy and paste the Scan Log results in your next reply.
-- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 overit

overit
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:34 PM

Posted 16 June 2011 - 04:31 PM

Thank you!
From MBAM 1.51.0.1200
06.16.2011
08:22:46 (null) MESSAGE Protection started successfully
08:22:53 User MESSAGE IP Protection started successfully
10:36:59 User IP-BLOCK 67.29.139.153 (Type: outgoing)
10:37:02 User IP-BLOCK 67.29.139.153 (Type: outgoing)
10:37:08 User IP-BLOCK 67.29.139.153 (Type: outgoing)
17:20:12 User MESSAGE Protection started successfully
17:20:50 User MESSAGE IP Protection started successfully

From Super Anti-Spyware
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/16/2011 at 05:15 PM

Application Version : 4.54.1000

Core Rules Database Version : 7277
Trace Rules Database Version: 5089

Scan type : Quick Scan
Total Scan Time : 00:27:04

Memory items scanned : 438
Memory threats detected : 0
Registry items scanned : 2279
Registry threats detected : 15
File items scanned : 12107
File threats detected : 96

Adware.Tracking Cookie
C:\Documents and Settings\User\Cookies\User@2o7[1].txt
C:\Documents and Settings\User\Cookies\User@macromedia[2].txt
C:\Documents and Settings\User\Cookies\User@questionmarket[2].txt
C:\Documents and Settings\User\Cookies\User@avgtechnologies.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\User@atdmt[1].txt
C:\Documents and Settings\User\Cookies\User@yieldmanager[1].txt
C:\Documents and Settings\User\Cookies\User@doubleclick[2].txt
C:\Documents and Settings\User\Cookies\User@ad.yieldmanager[2].txt
C:\Documents and Settings\User\Cookies\User@ad.wsod[2].txt
C:\Documents and Settings\User\Cookies\User@advertising[1].txt
.bs.serving-sys.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.adxpose.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.doubleclick.net [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.yieldmanager.net [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.burstnet.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
www.burstnet.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.apmebf.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.tribalfusion.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.smartadserver.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.smartadserver.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.smartadserver.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.smartadserver.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.smartadserver.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.xiti.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.www.burstnet.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
www.ontoplist.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\Administrator.DB7ZYY91.000\Application Data\Mozilla\Firefox\Profiles\apnoyhxw.default\cookies.sqlite ]
bigcountryhomepage.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
convoad.technoratimedia.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
countdownpage.createyourcountdown.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
ia.media-imdb.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
media.nbcnewyork.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
media.scanscout.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
media.scrippsnewspapers.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
media1.break.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
media2.myfoxatlanta.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
media2.myfoxorlando.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
mi.adinterax.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
msnbcmedia.msn.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
objects.tremormedia.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
s0.2mdn.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
secure-uk.imrworldwide.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
secure-us.imrworldwide.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
serving-sys.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
spe.atdmt.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
static.discoverymedia.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
www.clickondetroit.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]
www.clickorlando.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\F26KMF8R ]

Browser Hijacker.Tubby
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#NoModify
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#NoRepair
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayIcon
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayVersion
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#URLInfoAbout
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#Publisher
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#EstimatedSize

Rogue.SystemTool
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\System Tool2011
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\System Tool2011#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\System Tool2011#ShortcutPath
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\System Tool2011#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\System Tool2011#DisplayIcon

Thank you again!

#8 overit

overit
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:34 PM

Posted 16 June 2011 - 04:39 PM

Unfortunately, google.com is still redirecting and not performing searches as directed.

#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,590 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:34 PM

Posted 16 June 2011 - 05:21 PM

You posted the MBAM IP Protection log. I need to see the scanning log (mbam-log-yyyy-mm-dd) as instructed in my previous post.

Before doing anything further, if you have not already done so, you should back up all your important documents, personal data files and photos to a CD or DVD drive as some infections may render your computer unbootable during or before the disinfection process. If that occurs there may be no option but to reformat and reinstall the OS or perform a full system recovery. The safest practice is not to backup any files with the following file extensions: exe, .scr, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.
Please download and scan with the Kaspersky Virus Removal Tool from one of the links provided below and save it to your desktop.
Link 1
Link 2Be sure to print out and read the instructions provided in:How to Install Kaspersky Virus Removal Tool
How to use the Kaspersky Virus Removal Tool to automatically remove viruses
  • Double-click the setup file (i.e. setup_9.0.0.722_22.01.2010_10-04.exe) to select your language and install the utility.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If you receive a UAC prompt asking if you would like to continue running the program, you should press the Continue button.
  • At the 'Setup page', click Next, check the box 'I accept the license agreement' and click Next twice more to extract the required files.
  • Setup may recommend to scan the computer in Safe Mode. Click Ok.
  • A window will open with a tab that says Autoscan and one for Manual disinfection.
  • Click the green Start scan button on the Autoscan tab in the main window.
  • If malware is detected, you will see the Scan Alert screen.
  • Place a checkmark in the Apply to all box, and click Disinfect if the button is active.
  • After the scan finishes, if any threats are left unneutralized in the Scan window (Red exclamation point), click the Neutralize all button.
  • Place a checkmark in the Apply to all box, and click Disinfect if the button is active.
  • If advised that a special disinfection procedure is required which demands system reboot, click the Ok button to close the window.
  • In the Scan window click the Reports button, choose Critical events and select Save to save the results to a file (name it avptool.txt).
  • Copy and paste the report results of any threats detected. Do not include the longer list marked Events.
  • When finished, follow these instructions on How to uninstall Kaspersky Virus Removal Tool 2010.
-- If you cannot run this tool in normal mode, then try using it in "safe mode".
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 overit

overit
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:34 PM

Posted 16 June 2011 - 05:30 PM

Oops. sorry about that.
Here is the last MBAM.
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6851

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

6/14/2011 10:32:47 AM
mbam-log-2011-06-14 (10-32-47).txt

Scan type: Full scan (A:\|C:\|D:\|E:\|)
Objects scanned: 82418
Time elapsed: 33 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,590 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:34 PM

Posted 16 June 2011 - 05:32 PM

Ok...please continue with the next scan.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 overit

overit
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:34 PM

Posted 16 June 2011 - 06:56 PM

I don't seem to have a backup utility on my system.
I checked in the control panel, system tools...nothing.

#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,590 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:34 PM

Posted 16 June 2011 - 08:28 PM

How to Backup data in Windows XP Home - How to install the Backup utility
How to Backup Data in Windows XP Pro and Vista
How to Back Up Data from Hard Drive(s) to External Media

Edited by quietman7, 16 June 2011 - 08:48 PM.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users