Hijacked Browser (did sticky already)

You guys helped me once, please try again. I use IE. When I access my home page (google) it redirects to a Yahoo labeled search engine. Any try to google and it times out or can't find. I went through all steps in sticky thread all the way to TrojanScan. However, I could not update SpywareBlaster, "internet connection could not be found". I also could not run about:Buster.
Don't know what I have or how to get rid of it. Appreciate any suggestions.
Ragan

 

- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

- Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

- Run HijackThis and save your log file.

- Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).

 

Thanks for the quick reply.
Here is the log.

 

Download
- Pocket Killbox

Download HOSTER and then follow the below steps.

• Unzip Hoster to a convenient folder such as C:\Hoster
• Run Hoster.exe, click Restore Original Hosts and then click OK.
• Click the X to exit the program

From Add or Remove Programs in the Control Panel unistall the following:

Next In HJT Choose Open the Misc Tools Section choose Process Manager, Highlight:

Choose Kill Process

Now scan and have HJT Fix the following:

Now run Pocket Killbox:
Choose Tools > Delete Temp Files and click OK.

Run Killbox.exe. Paste the below filenames into KILL BOX one at a time. Check mark the box that says "Delete on Reboot" and checkmark the box "Unregister DLL" (If available) Click the RED X and it will ask you to confirm the file for deletion…say YES and when the next box opens prompting you to reboot now...click NO...and proceed with the next file. Once you get to the last one click YES and it will reboot. Note many of the file list below may not exist but we need to check for them anyway.

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Open Windows Explorer navigate to and DELETE the following:

Reboot post a new HJT log.

 

-Could not find Weather bug in Add/Remove
-Could not find ShowWnd.exe
-could not find spoolsub.exe

I was successful in all other instructuions.
Here is the new HJT log.

Thanks!

 

Your log is clean.

How is your system performing, any other issues we need to address?

 

Mr. Dude,

I appreciate you hanging in there with me on this challange. I still have the problem.

Typicaly when first boot and I try to go to google it works fine. Then when I try again later as I always have I am either re-directed to the site below, or I get a "can not find" message.

http://search.yahoo.com/search?p=www.google.com&fr=ieas-dns

Also, when I go to other sites it frequently gets hung up and I get the same message. I am on InsightBB broadband connection.

Another thing that I recently noticed is that when I first turn on the computer I get a warning message that my anti-virus software (norton's) is not enabled. By the time I click on the icon it shows as enabled. Logs show as updated w/ scan histories.

We have three computers in the house. All seem to be doing the same thing.

Finaly, in the past MajorGeeks has been pretty fast loading. With this problem it takes a full minute to refresh screens or navigate around the site.

Thanks!

 

Have HJT fix this line:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp_adbe/defaults/sb/*http://www.yahoo.com/search/ie.html