browser hijacked, norton not working

Hi there and welcome. I am currently reviewing your logs and will get back to you with a set of instructions in the next post I make to you.

 

On second thoughts, is this another customer of yours? I am not saying I am going to refuse you help but how would you feel about giving your customers our web address so that they can come here and go through malware removal processes?

 

Download and run OTM.

Download OTM by Old Timer and save it to your Desktop.

• Right-click OTM.exe And select " Run as administrator " to run it.
• Paste the following code under the http://farm3.static.flickr.com/2455/4173556815_a721a91733_o.png area. Do not include the word Code.

Code:

:files
C:\Users\Wood\Local Settings\TEMP\29A2.tmp
C:\Users\Wood\Local Settings\TEMP\4AE5.dir
C:\Users\Wood\Local Settings\TEMP\4AE5.tmp

:Commands
[emptytemp]
[Reboot]

• Return to OTM, right click in the Paste List of Files/Folders to Move window (under the yellow bar) and choose Paste.
• Push the large http://farm3.static.flickr.com/2782/4174320048_f01c448b32_o.png button.
• OTM may ask to reboot the machine. Please do so if asked.
• Copy everything in the Results window (under the green bar), and paste it into notepad, save it as something appropriate and attach it into your next reply.

NOTE: If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and attach the contents of that document back here in your next post.

TDSSKiller is not designed for 64 bit systems but it will run in a reduced functionality mode and we have seen it find and fix things before now.

Go to TDSSKiller and Download TDSSKiller.zip to your Desktop

• Extract its contents to your Desktop so that you have TDSSKiller.exe directly on your Desktop and not in any subfolder of the Desktop.
• Now double click the TDSSkiller.exe file to run it ( if using Vista or Windows 7 do not double click on it but rather, right click and select Run As Administrartor.
• Allow the application to run and a window will open showing that it is TDSSkiller from Kaspersky
• Click Start scan
• It will run rather quickly and will notify you of whether anything is found or not.
• Follow the instructions to delete/quarantine if asks you what to do when if finds something.

Whether an infection is found or not, a log file should be created on your C: drive ( or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run. Please attach this log to your next reply. (See: HOW TO: Attach Items To Your Post )

Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this.

 

You're welcome.
Try this -
GMER - running with a random name

 

I am not seeing any malware in your logs. Perhaps you should try doing a system restore. Then re-run SAS and MBAM to make sure there is no malware in the restore point.

 

You are most welcome. Perhaps all you need to do is a repair install. Try that first before you consider a fresh install.