google redirect - ran pre-screening to no avail

karlkarlson · Oct 23, 2010

hello all,

i am holding onto a particularly brutal google redirect virus.

it appears to happen in both firefox and chrome. i have run everything in the "read & run me first" thread. it's still happening.

it IS happening even in safe mode.

here are the first four logs

thanks for any help!

karlk

karlkarlson · Oct 23, 2010

here's the second message. with the final log file. what do you guys, think?

thanks,

TimW · Oct 24, 2010

Why am I not seeing any Anti-virus software on this machine?

Did you create this --> C:\Antimal

Do you have your OS CD? We will need to replace your winlogon.exe.

In the meantime, use windows explorer to find and delete:
c:\documents and settings\Owner\Application Data\36041.bat
c:\documents and settings\Owner\Application Data\16745.bat
c:\documents and settings\Owner\Application Data\44225.bat

If you have your cd, get into your bios and change the boot order to cd-rom as first boot device. Put your cd in the drive and reboot. After you boot to the Recovery Console, do this:

Once you are back to the C:\Windows> prompt of the Recovery Console, input the below commands one at a time each followed by the enter key.

cd system32
copy D:\i386\winlogon.ex_ winlogon.exe
exit

Where D is the drive letter of your cd-rom. Change it if it isn't.

After a reboot into normal mode, re-run Combofix and attach that log.

Log in or Sign up

google redirect - ran pre-screening to no avail

karlkarlson Private E-2

Attached Files:

ComboFix.txt

mbam-log-2010-10-23 (14-21-56).txt

MGlogs.zip

root_repeal_report.txt

karlkarlson Private E-2

Attached Files:

SUPERAntiSpyware Scan Log - 10-23-2010 - 14-10-38.log

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member