Yahoo & Google Search Redirects (Part1)

Please keep all of your replies in this thread. Do not make new threads when answering.

Now move Combofix to your desktop where we instructed you to put is as the cleanup procedure will not work on it if you leave it here:
c:\downloaded programs\Major Geeks\ComboFix.exe

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

After clicking Fix, exit HJT.

Click Start > Run and type in cmd

• Click OK.
• This will open a command prompt.
• Type or copy and paste the following line in the command window:
  ipconfig /flushdns
• Hit Enter
• Exit the command window

Now:
Download HostsXpert and then follow the below steps.

• Unzip HostsXpert.zip
• It will create a folder named HostsXpert in whatever folder you extract it to.
• Run HostsXpert.exe by double clicking on it.
• Click the Make Writeable? button. (if you only see a Make Read-Only selection, it is already writeable so skip this button).
• Click Restore Microsoft's Hosts File and then click OK.
• Click the X to exit the program

Now use windows explorer to find and delete:
C:\WINDOWS\system32\settings.sfm
C:\WINDOWS\system32\settin~1.sfm

Now run Ccleaner to clean out only temp files and nothing else!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

* C:\MGlogs.zip

Make sure you tell me how things are working now!

 

I will look at your logs in a few....but first to fix a goober. Please go to your recycle bin and restore those two files:
C:\WINDOWS\system32\settings.sfm
C:\WINDOWS\system32\settin~1.sfm

If you have already cleaned the bin, you will need to reinstall your Creative Labs software. :-o