Home > Hijackthis Log > HijackThis Log - Google Redirect Malware

HijackThis Log - Google Redirect Malware

If you use an email programme on your computer to send and receive messages, install spam filtering software. Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. C:\WINDOWS\system32\MPK\Help\English\file.htm (Refog.Keylogger) -> Quarantined and deleted successfully. Consistently helpful members with best answers are invited to staff. http://exomatik.net/hijackthis-log/hijackthis-log-please-help-diagnose-google-redirect.php

C:\WINDOWS\system32\MPK\Help\Spanish\filters.htm (Refog.Keylogger) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\MPK\3\S0000 (Refog.Keylogger) -> Quarantined and deleted successfully. ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. C:\WINDOWS\system32\MPK\Help\Spanish\clipboard.htm (Refog.Keylogger) -> Quarantined and deleted successfully.

Please post the "C:\Combo-Fix.txt" for further review.**Note: Do not mouseclick combo-fix's window while it's running. com/images/iwon/games/playfirst/ddfotg.1.0.0.33.cabO16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe. Go to the Start menu. BLEEPINGCOMPUTER NEEDS YOUR HELP!

C:\WINDOWS\system32\MPK\Help\Spanish\screenshot.htm (Refog.Keylogger) -> Quarantined and deleted successfully. fixed the two lines you suggested. C:\WINDOWS\system32\MPK\Help\English\alarms.htm (Refog.Keylogger) -> Quarantined and deleted successfully. Click here to Register a free account now!

Group Policy processing aborted. Then post it here. 0 #5 Dadnlad Posted 06 November 2009 - 11:03 AM Dadnlad New Member Topic Starter Member 5 posts alright, that virus scanner ran all night lol.. Sign In Create Account Body Background skin color theme reset What the Tech Search Advanced Search section: Google This topic Forums Members Help Files Downloads Unreplied Topics View New Content If they are not, please tick them and click on the Save button: Spyware, Adware, Dialers, and other potentially dangerous programs Archives Mail databasesClick on My Computer under Scan.Once the scan

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully. C:\WINDOWS\system32\MPK\Romanian.lng (Refog.Keylogger) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{58696980-c6b3-4ad2-ab53-718f1c3c57ca} (Trojan.BHO) -> Quarantined and deleted successfully. C:\WINDOWS\system32\MPK\French.lng (Refog.Keylogger) -> Quarantined and deleted successfully.

Open notepad and copy/paste the text in the quotebox below into it:File::c:\windows\system32\sys_drv.datDDS::IE: {{C5428486-50A0-4a02-9D20-520B59A9F9B2} - {C9CCBB35-D123-4a31-AFFC-9B2933132116} - c:\program files\ShoppingReport\Bin\2.5.0\ShoppingReport.dllIE: {{C5428486-50A0-4a02-9D20-520B59A9F9B3} - {A16AD1E9-F69A-45af-9462-B1C286708842} - c:\program files\ShoppingReport\Bin\2.5.0\ShoppingReport.dllFolder::Registry::Driver::Save this as CFScript.txt, in the same location heres what I've got now: Malwarebytes' Anti-Malware 1.41 Database version: 3107 Windows 5.1.2600 Service Pack 2 11/5/2009 6:24:27 PM mbam-log-2009-11-05 (18-24-27).txt Scan type: Quick Scan Objects scanned: 128425 Time elapsed: 8 EastofNowhere Born Posts: 4 3+ Months Ago Can't afford to start from scratch. C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Zinaps2008\Uninstall Zinaps Anti-Spyware 2008.lnk (Rogue.Zinaps) -> Quarantined and deleted successfully.

You enjoy a clean, safe computer. have a peek at these guys Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dllO3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dllO3 - Toolbar: MSN Toolbar or read our Welcome Guide to learn how to use this site.

Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future. First, use anti-spyware software to detect and remove malware from your computer The following programmes can remove the most common malware. RegisterWhy Register? http://exomatik.net/hijackthis-log/hijackthis-log-redirect-bug-on-google-search-results.php HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.ShopperReports) -> Quarantined and deleted successfully.

The scan wont take long. C:\Documents and Settings\HP_Administrator\Application Data\Zinaps2008\settings.ini (Rogue.Zinaps) -> Quarantined and deleted successfully. After using HijackThis, run anti-spyware programmes again, such as the ones listed above, to see if additional malware shows up.

Toolbar "Yahoo!

HKEY_CLASSES_ROOT\Interface\{1d2cc793-b043-4dd2-a52c-3d9ade61bbbd} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully. Sign Up All Content All Content Advanced Search Browse Forums Guidelines Staff Online Users Members More Activity All Activity My Activity Streams Unread Content Content I Started Search More Malwarebytes.com Malwarebytes A must if you do a lot of Googling Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories.

Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Do not Attach logs Tell me about any problems that have occurred during the http://exomatik.net/hijackthis-log/hijackthis-log-firefox-ie-google-redirect-madness.php In this article, we've provided some recommendations on how you can prevent and remove malware. (Note that Google isn't affiliated with any of the programmes that we suggest in this article

Google redirect virus, (HiJackThis Log included) [Solved] Started by Dadnlad , Nov 05 2009 09:01 AM This topic is locked #1 Dadnlad Posted 05 November 2009 - 09:01 AM Dadnlad New Don't click on links that you don't know the destination of. Sign inMy AccountSearchMapsYouTubePlayNewsGmailDriveCalendarGoogle+TranslatePhotosMoreShoppingWalletFinanceDocsBooksBloggerContactsHangoutsEven more from GoogleGoogle appsMain menuPolicies HelpPolicies HelpPolicies Privacy TroubleshooterWhat's the general area of your concern?I have a privacy question or concern about a specific Google product.Please select the Virus cleanup?

Click the red Moveit! I've tried spybot and malwarebytes, but neither worked. It should only take a few minutes.A log will appear when it is finished, it will also be saved in the same location as LockSearch, which should be on your desktop. Group Policy processing aborted.

Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. Glad we could help. Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? Uncheck the rest.

HKEY_CLASSES_ROOT\CLSID\{a1789eb6-b263-4bd6-8830-d3daaf78949a} (Trojan.BHO) -> Quarantined and deleted successfully. HesabımAramaHaritalarYouTubePlayHaberlerGmailDriveTakvimGoogle+ÇeviriFotoğraflarDaha fazlasıDokümanlarBloggerKişilerHangoutsGoogle'a ait daha da fazla uygulamaOturum açınGizli alanlarGrupları veya mesajları ara Please click here if you are not redirected within a few seconds. Choose Yes.Your using an old version of Adobe Acrobat Reader, this can leave your pc open to vulnerabilities, you can update it here :http://www.adobe.com.../readstep2.htmlBelow I have included a number of recommendations This article is full of good information on alternatives for home backup solutions.

ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files.