malware affecting searches

Welcome to Major Geeks, ryangn

Please be patient while I review your logs.

Thanks,
dr.m

 

Hello, ryangn

Are you meaning that a web search gives accurate results/returns... but clicking on any of links you get re-directed to something else? Does this happen with all browsers? Does it happen in Safe Mode?

You used outdated versions of both MGTools and SUPERAntiSpyware. UN-install SAS, delete the MGTools.zip and the MGTools folder.

*Use this link Windows XP Cleaning Procedure to download the updated versions.
*Run CCleaner
*Install and immediately update the definitions for SAS

Please download ATF Cleaner by Atribune. This program does not require an installation. The executable actually runs the program.

NOTE: This program is for Windows XP and Windows 2000 only. ATF Cleaner will remove all files from the items that are checked so if you have some cookies you'd like to save. Please move them to a different directory first.

* Double-click ATF-Cleaner.exe to run the program.
* Under Main choose: Select All
* Click the Empty Selected button.

If you use Firefox browser

* Click Firefox at the top and choose: Select All
* Click the Empty Selected button.
o NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

* Click Opera at the top and choose: Select All
* Click the Empty Selected button.
o NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main ATF Cleaner menu to close the program.

Now run the updated SAS.

Attach new MGlogs.zip & SAS Scan log to your next reply, answer my questions...AND describe how your pc is working now.

Thanks!
dr.m

 

ryangn

Please download and try Mozilla Firefox 3 3.0.5 just to see if you have the same problems.

* Did you have any browser add-on with IE Explorer 6? How are you connected to the internet --- dialup/Cable/DSL? Are you using a router between your cable or DLS modem?

Also - give me this info... right click on the "Welcome to Target link" and select Properties. What does it say for "Address"? Do the same for the "Target: Store Locator" link.

The below fixes are specific to your problem and should only be used for issue(s) on this machine. Also, please do not install any other software while we are still working with you unless instructed. Once we have given you the all clean and final instructions you will be free to install what you want.

Step 1:
Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

After clicking Fix, exit HJT.

Step 2:
Run Ccleaner

Step 3:
Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, use right click and select Run As Administrator).


Then attach the below logs to your next reply:

• C:\MGlogs.zip

Make sure that you answer my questions, tell me if you had any problems running this procedure and give a description of how things are working now!

Thanks!
dr.m

 

Hello, ryangn

Do this: Temporarily bypass your router and connect your pc directly to the cable mode. * Power cycle your cable modem and re-boot the pc after making the connection change. Let me know if this makes any difference.

Thanks!

 

*Glad to hear the good news. A search of your logs show that wdmaud.sys has been removed. Since you're no longer having problems, it is time to do our final steps:

Safe surfing! http://i268.photobucket.com/albums/jj5/drmoriarty/Emoticons/char145.gif