ShadowPuterDude Posted October 29, 2009 Report Share Posted October 29, 2009 Close all windows then double click on AVZ.exe Click File > Custom scripts Copy & paste the contents of the following codebox in the box in the programbegin SetAVZGuardStatus(True); SearchRootkit(true, true); QuarantineFile('C:\WINDOWS\system32\MsSip3.dll',''); QuarantineFile('C:\WINDOWS\system32\MsSip2.dll',''); QuarantineFile('C:\WINDOWS\system32\MsSip1.dll',''); DeleteFile('C:\WINDOWS\system32\MsSip1.dll'); DeleteFile('C:\WINDOWS\system32\MsSip2.dll'); DeleteFile('C:\WINDOWS\system32\MsSip3.dll'); BC_ImportDeletedList; ExecuteSysClean; BC_Activate; RebootWindows(true); end. Note: When you run the script, your PC will be restarted Click Run Restart your PC if it doesn't do it automatically, and post back with a new HijackThis log. ----------------------------------------------------------- Download -->> OTL <<-- to your desktop. Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted. When the window appears, underneath Output at the top change it to Minimal Output. Check the boxes beside LOP Check and Purity Check. Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.Note: These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically. Attach both logs with your next reply. Link to comment Share on other sites More sharing options...
ArT87 Posted November 1, 2009 Author Report Share Posted November 1, 2009 I'm sorry about the delay, but I didn't see the second page until now. Here are the OTL logs: Link to comment Share on other sites More sharing options...
ShadowPuterDude Posted November 1, 2009 Report Share Posted November 1, 2009 Close all windows then double click on AVZ.exe Click File > Custom scripts Copy & paste the contents of the following codebox in the box in the programbegin SetAVZGuardStatus(True); SearchRootkit(true, true); DeleteFile('pujadoli.dll'); BC_ImportDeletedList; ExecuteSysClean; RebootWindows(true); end. Note: When you run the script, your PC will be restarted Click Run Restart your PC if it doesn't do it automatically, and post back with a new HijackThis log. ----------------------------------------------------------- Attach fresh logs for: a-squared Free/Anti-Malware ISeeYouXP HiJackFree Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now! Link to comment Share on other sites More sharing options...
ArT87 Posted November 2, 2009 Author Report Share Posted November 2, 2009 I'm sorry but I'm having trouble copying and pasting that message into AVZ. For some reason it's not letting me- I can't drag it in, right-click and paste, or paste with ctrl+v. What should I do? Link to comment Share on other sites More sharing options...
ShadowPuterDude Posted November 2, 2009 Report Share Posted November 2, 2009 You should be able to paste to the custom scripts box. The log box at the bottom of the main window won't allow you to paste to the text box. Link to comment Share on other sites More sharing options...
ArT87 Posted November 3, 2009 Author Report Share Posted November 3, 2009 AVZ is giving me an error ('.' expected at position 9:1) when I attempt to run the custom script. Link to comment Share on other sites More sharing options...
ShadowPuterDude Posted November 4, 2009 Report Share Posted November 4, 2009 AVZ is giving me an error ('.' expected at position 9:1) when I attempt to run the custom script. Corrected script in previous instructions. Link to comment Share on other sites More sharing options...
ArT87 Posted November 4, 2009 Author Report Share Posted November 4, 2009 Here are the new logs. I'm still having the same problem with google (links are misdirecting me to popup ads/advertisement sites). Link to comment Share on other sites More sharing options...
ShadowPuterDude Posted November 5, 2009 Report Share Posted November 5, 2009 Your logs aren't showing anything that would explain why you are still getting redirects. You have Malwarebytes' Anti-Malware installed, update and then run a quick scan and attach the resulting log. Link to comment Share on other sites More sharing options...
ArT87 Posted November 5, 2009 Author Report Share Posted November 5, 2009 Here's the Malwarebytes log: Link to comment Share on other sites More sharing options...
ShadowPuterDude Posted November 5, 2009 Report Share Posted November 5, 2009 Please download DDS by sUBs from one of the following links and save it to your desktop. DDS.scr DDS.pif [*]Disable any script blocking protection [*]Double click DDS icon to run the tool (may take up to 3 minutes to run) [*]When done, DDS.txt will open. [*]After a few moments, attach.txt will open in a second window. [*]Save both reports to your desktop. --------------------------------------------------- Attach the DDS.txt report in your next reply Attach the Attach.txt report to your reply Link to comment Share on other sites More sharing options...
ArT87 Posted November 6, 2009 Author Report Share Posted November 6, 2009 Here are the new logs. I'm still having that redirecting problem with google. Thanks again for your help! Link to comment Share on other sites More sharing options...
ShadowPuterDude Posted November 6, 2009 Report Share Posted November 6, 2009 Your logs show nothing that would explain the Google redirects. You should consider performing a "Clean Install" of the Operating System. Link to comment Share on other sites More sharing options...
ArT87 Posted November 9, 2009 Author Report Share Posted November 9, 2009 Oh well, thank you for your help! Link to comment Share on other sites More sharing options...
Recommended Posts