Being redirected to unwanted sites from search engine

We still need the log from running C:\MGTools.exe --> C:\MGLogs.zip.

 

It is a very bad idea to allow all users to have Admin. privileges!! You will need to run both SAS and MBAM on each user account. ( Attach any logs that show malware and name them with the user name of the account. )

Now download The Avenger by Swandog469, and save it to your Desktop.

* Extract+ avenger.exe from the Zip file and save it to your desktop

Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

After clicking Fix, exit HJT.

Now copy just the bold text below to notepad (Do not include any space above the word REGEDIT). Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

* Run avenger.exe by double-clicking on it.
* -Do not change any check box options!!
* Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

* Now click the Execute button.
* Click Yes to the prompt to confirm you want to execute.
* Click Yes to the Reboot now? question that will appear when Avenger finishes running.
* Your PC should reboot, if not, reboot it yourself.
* A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

Now run Ccleaner to clean out only temp files and nothing else!

Now rename ComboFix to abc.com and see if you can get it to run, attach the log if it does.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:
* C:\ComboFix.txt
* C:\Avenger.txt
* C:\MGlogs.zip

Make sure you tell me how things are working now!

 

Do you have your xp cd? We will need to use it to replace those two files.

 

Then see what was done to restore these 2 files in message # 9 in this link:Following instructions - still having trouble