Malicious Page Redirects from Google searches [Solved]

here is my log again. I disabled Comodo for sure in the system tray, and the process ended too. I'm not really sure why the combofix log says "enabled". I'm pretty sure it is not running though.

ComboFix 09-05-09.05 - Hans 05/10/2009 17:40.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2530 [GMT -4:00]
Running from: c:\documents and settings\Hans\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090509-0] *On-access scanning disabled* (Updated)
FW: COMODO Firewall *enabled*
.

((((((((((((((((((((((((( Files Created from 2009-04-10 to 2009-05-10 )))))))))))))))))))))))))))))))
.

2009-05-10 19:28 . 2009-05-10 20:56 -------- d-----w c:\documents and settings\Hans\Local Settings\Application Data\FullTiltPoker
2009-05-06 21:21 . 2009-05-06 21:21 -------- d-----w C:\_OTListIt
2009-05-05 22:04 . 2009-05-09 21:29 -------- d-----w C:\Lop SD
2009-05-05 21:46 . 2009-05-05 21:46 -------- d--h--w c:\windows\PIF
2009-05-04 20:56 . 2008-06-19 20:24 28544 ----a-w c:\windows\system32\drivers\pavboot.sys
2009-05-04 20:55 . 2009-05-04 20:55 -------- d-----w c:\program files\Panda Security
2009-05-04 17:07 . 2009-05-04 17:07 -------- d-----w C:\Rooter$
2009-05-04 16:59 . 2009-05-04 17:00 -------- d-----w c:\program files\ERUNT
2009-05-04 07:53 . 2009-05-04 07:53 -------- d-----w c:\program files\Alwil Software
2009-05-04 07:07 . 2009-05-04 13:45 -------- d-----w c:\documents and settings\All Users\Application Data\Comodo
2009-05-04 07:07 . 2009-05-04 07:07 155384 ----a-w c:\windows\system32\guard32.dll
2009-05-04 07:07 . 2009-05-04 07:07 110992 ----a-w c:\windows\system32\drivers\cmdguard.sys
2009-05-04 07:07 . 2009-05-04 07:07 24336 ----a-w c:\windows\system32\drivers\cmdhlp.sys
2009-05-04 07:07 . 2009-05-04 07:07 -------- d-----w c:\program files\COMODO
2009-05-04 06:58 . 2009-05-06 01:29 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-05-04 06:58 . 2009-05-04 07:01 -------- d-----w c:\program files\SpywareBlaster
2009-05-04 06:28 . 2009-05-04 06:28 -------- d-----w c:\windows\system32\scripting
2009-05-04 06:28 . 2009-05-04 06:28 -------- d-----w c:\windows\l2schemas
2009-05-04 06:28 . 2009-05-04 06:28 -------- d-----w c:\windows\system32\en
2009-05-04 06:28 . 2009-05-04 06:28 -------- d-----w c:\windows\system32\bits
2009-05-04 06:27 . 2009-05-04 06:28 -------- d-----w c:\windows\ServicePackFiles
2009-05-04 04:31 . 2009-05-04 04:31 -------- d-----w c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-05-04 04:19 . 2009-05-04 04:19 -------- d-----w c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-05-04 04:19 . 2009-05-04 04:19 -------- d-----w c:\program files\SUPERAntiSpyware
2009-05-04 04:19 . 2009-05-04 04:19 -------- d-----w c:\documents and settings\Hans\Application Data\SUPERAntiSpyware.com
2009-05-04 04:03 . 2009-05-04 04:02 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-03 18:49 . 2009-05-04 06:04 664 ----a-w c:\windows\system32\d3d9caps.dat
2009-05-03 18:43 . 2009-05-03 18:43 -------- d-----w c:\documents and settings\Administrator\Application Data\Media Player Classic
2009-05-03 18:25 . 2009-05-03 18:25 -------- d-----w c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-05-01 21:38 . 2009-05-01 21:38 -------- d-----w c:\windows\system32\NtmsData
2009-05-01 21:12 . 2009-05-01 21:12 -------- d-----w c:\documents and settings\Hans\Application Data\Malwarebytes
2009-05-01 21:12 . 2009-04-06 19:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-01 21:12 . 2009-04-06 19:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-01 21:12 . 2009-05-01 21:12 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-01 21:12 . 2009-05-01 21:12 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-01 21:00 . 2009-05-01 21:00 -------- d-----w C:\VundoFix Backups
2009-05-01 21:00 . 2009-05-01 21:00 -------- d-----w c:\program files\Storm
2009-05-01 20:59 . 2009-05-01 20:59 -------- d-----w c:\program files\Microsoft XNA
2009-05-01 06:24 . 2009-05-03 19:01 -------- dc-h--w c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-04-14 08:18 . 2009-04-14 08:18 25992 ----a-w c:\windows\system32\pgdfgsvc.exe
2009-04-14 02:50 . 2009-04-16 16:00 -------- d-----w c:\program files\Prevx
2009-04-14 02:24 . 2009-04-14 02:24 -------- d-----w c:\program files\Trend Micro
2009-04-14 01:58 . 2009-04-14 01:58 -------- d-----w c:\documents and settings\All Users\Application Data\Uniblue
2009-04-14 00:25 . 2009-04-14 04:53 0 ----a-w c:\windows\Isarafawinaqafo.bin
2009-04-14 00:25 . 2009-04-14 04:57 -------- d-----w c:\documents and settings\Hans\Local Settings\Application Data\{34DD23EC-0F88-40BD-B641-9B944710EB34}(2)
2009-04-14 00:25 . 2009-04-14 02:58 408 ----a-w c:\windows\Kkozu.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-10 20:56 . 2007-10-26 22:47 -------- d-----w c:\program files\Full Tilt Poker
2009-05-06 22:06 . 2007-06-08 17:32 -------- d-----w c:\program files\uTorrent
2009-05-06 21:07 . 2007-06-19 16:47 -------- d-----w c:\program files\Java
2009-05-04 07:21 . 2007-02-10 20:24 115600 ----a-w c:\documents and settings\Hans\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-04 06:29 . 2007-02-01 03:10 86327 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-04 06:09 . 2008-12-24 03:20 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-05-04 04:17 . 2007-05-26 03:09 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-05-03 19:01 . 2007-09-12 13:37 -------- d-----w c:\program files\Lavasoft
2009-04-16 16:00 . 2007-08-24 19:13 -------- d-----w c:\program files\IrfanView
2009-04-14 01:52 . 2008-10-07 04:28 -------- d-----w c:\program files\Uniblue
2009-03-30 05:30 . 2008-08-24 12:00 -------- d-----w c:\program files\Microsoft Silverlight
2009-03-08 09:24 . 2008-10-26 09:16 413696 ----a-w c:\windows\system32\wrap_oal.dll
2009-03-08 09:24 . 2008-10-26 09:16 110592 ----a-w c:\windows\system32\OpenAL32.dll
2009-03-06 14:22 . 2006-02-28 12:00 284160 ----a-w c:\windows\system32\pdh.dll
2009-02-20 08:10 . 2006-02-28 12:00 666112 ----a-w c:\windows\system32\wininet.dll
2009-02-20 08:10 . 2006-02-28 12:00 81920 ----a-w c:\windows\system32\ieencode.dll
2009-02-18 07:10 . 2009-02-18 07:10 25280 ----a-w c:\windows\system32\drivers\hamachi.sys
.

((((((((((((((((((((((((((((( SnapShot@2009-05-05_21.56.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-05-10 18:16 . 2009-05-10 18:16 16384 c:\windows\Temp\Perflib_Perfdata_54c.dat
+ 2009-05-10 18:15 . 2009-05-10 18:15 16384 c:\windows\Temp\Perflib_Perfdata_288.dat
+ 2009-05-09 18:36 . 2009-05-09 18:36 204800 c:\windows\ERDNT\AutoBackup\5-9-2009\Users\00000002\UsrClass.dat
+ 2009-05-09 18:36 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\5-9-2009\ERDNT.EXE
+ 2009-05-07 06:04 . 2009-05-07 06:04 204800 c:\windows\ERDNT\AutoBackup\5-7-2009\Users\00000002\UsrClass.dat
+ 2009-05-07 06:04 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\5-7-2009\ERDNT.EXE
+ 2009-05-06 21:34 . 2009-05-06 21:34 204800 c:\windows\ERDNT\AutoBackup\5-6-2009\Users\00000002\UsrClass.dat
+ 2009-05-06 21:34 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\5-6-2009\ERDNT.EXE
+ 2009-05-09 18:36 . 2009-05-09 18:36 9076736 c:\windows\ERDNT\AutoBackup\5-9-2009\Users\00000001\ntuser.dat
+ 2009-05-07 06:04 . 2009-05-07 06:04 9039872 c:\windows\ERDNT\AutoBackup\5-7-2009\Users\00000001\ntuser.dat
+ 2009-05-06 21:34 . 2009-05-06 21:34 9039872 c:\windows\ERDNT\AutoBackup\5-6-2009\Users\00000001\ntuser.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-12-31 67128]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-04-28 1830128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2006-04-07 135168]
"EasyTuneV"="c:\program files\Gigabyte\ET5\GUI.exe" [2004-06-15 200704]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2006-02-28 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2006-02-28 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-02-28 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-02-28 455168]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]
"UVS11 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-03-03 341488]
"sealmon"="c:\program files\SealedMedia\sealmon.exe" [2007-06-04 296080]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-03-14 233472]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 86016]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-05-04 1851128]
"avast!"="c:\program files\Alwil Software\Avast4\ashDisp.exe" [2009-02-05 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-04 148888]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-05-27 16208384]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-16 2879488]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2008-02-29 76304]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2008-02-29 76304]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-01-15 1657376]

c:\documents and settings\Hans\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
GN-WP01GS Utility.lnk - c:\program files\Gigabyte\Gigabyte WP01GS Wireless PCI Adapter SoftAP\Installer\WINXP\RaUI.exe [2007-1-31 720896]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-12-31 67128]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-12-31 805392]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 16:05 356352 ----a-w c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 07:42 72208 ----a-w c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\SightSpeed\\SightSpeed.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Valve\\Steam\\steamapps\\common\\left 4 dead demo\\left4dead.exe"=
"c:\\Program Files\\Valve\\Steam\\steamapps\\common\\unreal tournament 3\\Binaries\\UT3.exe"=
"c:\\Program Files\\Valve\\Steam\\Steam.exe"=
"c:\\Program Files\\Common Files\\InterVideo\\DeviceService\\DevSvc.exe"=
"c:\\Program Files\\Valve\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [5/4/2009 4:56 PM 28544]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [5/4/2009 3:53 AM 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [5/4/2009 3:07 AM 110992]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [5/4/2009 3:07 AM 24336]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [4/28/2009 11:33 AM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [4/28/2009 11:33 AM 72944]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5/4/2009 3:53 AM 20560]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [4/28/2009 11:33 AM 7408]
S3 LCcfltr;Logitech USB Filter Driver;c:\windows\system32\drivers\LCCFLTR.SYS [2/1/2007 10:21 PM 14095]
S3 PciCon;PciCon;\??\d:\pcicon.sys --> d:\PciCon.sys [?]
S3 V0250Dev;Live! Cam Notebook Pro;c:\windows\system32\drivers\V0250Dev.sys [8/26/2008 6:44 PM 163840]
S3 wind502u;Motorola Wireless USB Adapter WU830G Windows Driver;c:\windows\system32\drivers\wind502u.sys [9/12/2007 8:55 AM 336256]

--- Other Services/Drivers In Memory ---

*Deregistered* - MarkFun_NT
.
Contents of the 'Scheduled Tasks' folder

2009-05-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-01-10 19:42]

2009-04-14 c:\windows\Tasks\Uniblue SpyEraser.job
- c:\program files\Uniblue\SpyEraser\SpyEraser.exe [2008-10-07 13:03]

2009-05-10 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-01 02:18]
.
.
------- Supplementary Scan -------
.
uStart Page =
mStart Page = hxxp://www.yahoo.com
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ptec/defaults/su/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\Hans\Application Data\Mozilla\Firefox\Profiles\ymj6zi6x.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrab&query=
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-10 17:42
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1104)
c:\windows\system32\guard32.dll
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
c:\program files\common files\logitech\bluetooth\LBTServ.dll
c:\program files\Funk Software\Odyssey Client\odLogin.dll
c:\windows\IME\IMJP8_1\Dicts\IMJPCD.DIC

- - - - - - - > 'lsass.exe'(1164)
c:\windows\system32\guard32.dll

- - - - - - - > 'explorer.exe'(396)
c:\windows\system32\guard32.dll
c:\program files\RocketDock\RocketDock.dll
c:\windows\IME\IMJP8_1\Dicts\IMJPCD.DIC
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-05-10 17:43
ComboFix-quarantined-files.txt 2009-05-10 21:43
ComboFix2.txt 2009-05-10 20:58
ComboFix3.txt 2009-05-05 22:00

Pre-Run: 218,070,388,736 bytes free
Post-Run: 218,052,005,888 bytes free

232 --- E O F --- 2009-05-05 07:00

Just found out that those entries are cause by COMODO.

Hey there, Wasuremono!

OK! Well done, your log is clean again!

Time for some housekeeping.

Step 1.
Clean up:

We need to do is to remove all the tools that you have used. This is so that should you ever be re-infected, you will download updated versions. It will also remove the quarantined Malware from your computer.

First:

Click START then RUN
Now type Combofix /u in the runbox and click OK. Note the space between the X and the /u, it needs to be there.

Second:

Double-click OTListIt2.exe to start it.
Click the Clean up button
Click Yes to the reboot.

Now delete any tools/logs that is left over after you ran OTListIt2 CleanUp.

Step 2.
Prevention:

OK, lets carry out a few preventative steps to make sure you reduce the risk of further infections.

First:
Your Adobe Acrobat Reader is out of date. Older versions are vunerable to attack.

Please go to the link below to download an update.

http://www.adobe.com.../readstep2.html

Remove the older versions and install the latest,

Second:
One of the essentials is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats, Microsoft releases security updates that help your computer from becoming vunerable. It is best if you have these set to download automatically.

Automatic Updates for Windows

Click Start.
Select Settings and then Control Panel.
Select Automatic Updates.
Click Automatic (recommended)
Choose a day and a time when you know the computer will be on and connected to the internet.
Click Apply then OK.

Third:
Now lets download some preventative programs that will help to keep the nasties away! We will start with Anti Spyware programs. I would advise getting a couple of them at least, and running each at least once a month.

Anti Spyware

SpywareGuard to catch and block spyware before it can execute. A tutorial can be found here.
IESpy-Ad to block access to malicious websites so you cannot be redirected to them from an infected site or email. A tutorial can be found here

.
Note: If you find your system slows down after installing any of these, just uninstall it, or disable it from running at startup.

Fourth:
Nearly done! If you like to use chat, MSN and Yahoo have vunerabilities that can leave you open to infections. There are however a couple of very good, Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN):

Instant Messengers

Trillian or,
Miranda-IM

Lastly:
It is a good idea to clear out all your temp files every now and again with ATF Cleaner. This will help your computer from bogging down and slowing. It also can assist in getting rid of files that may contain malicious code that could re-infect your computer.

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein.

I will keep this log open for the next couple of days, so if you have any further problems post another reply here.

OK, all the best, and stay safe!

Edited by heir, 11 May 2009 - 05:05 AM.

#31
heir

Posted 10 May 2009 - 03:27 PM

Advertisements

#32
Wasuremono

Posted 10 May 2009 - 04:10 PM

#33
heir

Posted 11 May 2009 - 12:35 AM

#34
Wasuremono

Posted 11 May 2009 - 12:48 AM

#35
heir

Posted 11 May 2009 - 01:16 AM

#36
Wasuremono

Posted 11 May 2009 - 01:34 AM

#37
heir

Posted 11 May 2009 - 02:24 AM

#38
Wasuremono

Posted 13 May 2009 - 01:33 AM

#39
heir

Posted 13 May 2009 - 09:27 AM

#40
heir

Posted 17 May 2009 - 02:56 AM

Advertisements

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Malicious Page Redirects from Google searches [Solved]

#31 heir Posted 10 May 2009 - 03:27 PM

Advertisements

#32 Wasuremono Posted 10 May 2009 - 04:10 PM

#33 heir Posted 11 May 2009 - 12:35 AM

#34 Wasuremono Posted 11 May 2009 - 12:48 AM

#35 heir Posted 11 May 2009 - 01:16 AM

#36 Wasuremono Posted 11 May 2009 - 01:34 AM

#37 heir Posted 11 May 2009 - 02:24 AM

#38 Wasuremono Posted 13 May 2009 - 01:33 AM

#39 heir Posted 13 May 2009 - 09:27 AM

#40 heir Posted 17 May 2009 - 02:56 AM

Advertisements

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#31
heir

Posted 10 May 2009 - 03:27 PM

#32
Wasuremono

Posted 10 May 2009 - 04:10 PM

#33
heir

Posted 11 May 2009 - 12:35 AM

#34
Wasuremono

Posted 11 May 2009 - 12:48 AM

#35
heir

Posted 11 May 2009 - 01:16 AM

#36
Wasuremono

Posted 11 May 2009 - 01:34 AM

#37
heir

Posted 11 May 2009 - 02:24 AM

#38
Wasuremono

Posted 13 May 2009 - 01:33 AM

#39
heir

Posted 13 May 2009 - 09:27 AM

#40
heir

Posted 17 May 2009 - 02:56 AM