having browser redirect issues

[griven1]

If I posted in the wrong place please move it. I will find it, but here is my issue.

I am having massive browser redirect issues and cannot seem to get this issue solved. Programs that I have ran to fix this are:

Malwarebytes
Gooredfix
adaware
ccleaner
s&d
MS security essentials

and cannot seem to figure this problem out. I have checked my host file which is normal. Can somebody please help as I need this fixed for work. I have also noted that my pc is kind of sluggish as well.

Win XP home sp3

Thank you

P.S. I should have added that this seems to only happen when I click google links.

[Broni]

Please, download DDS from one of the 2 mirrors and save it to your desktop.

Mirror 1
Mirror 2

* Disable any script blocking protection (if present)
* Double click the dds icon to run the tool.
* When done, DDS will open two logs:
1. DDS.txt
2. Attach.txt
* Save both reports to your desktop by clicking File>Save As in each log.

Include the contents of both logs in your new topic. The scan will instruct you to post Attach.txt as an attachment. No need for that though ..... just post it's contents as you would any other log.

===============================================================

STEP 1. Download Malwarebytes' Anti-Malware: http://www.malwarebytes.org/mbam.php to your desktop.
(Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Quick Scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

RESTART COMPUTER!

STEP 2. Download GMER: http://www.gmer.net/files.php, by clicking on Download EXE button.
Alternative downloads:
- http://majorgeeks.com/GMER_d5198.html
- http://www.softpedia.com/get/Interne...ers/GMER.shtml
Double click on downloaded .exe file, select Rootkit tab and click the Scan button.
Do NOT use the computer while GMER is running!
When scan is completed, click Save button, and save the results as gmer.log
Warning ! Please, do not select the "Show all" checkbox during the scan.
Post the log to your next reply.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.



DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

[griven1]

I did find the problem broni. Thank you though. It was a rootkit. Unfortunately I didn't get the specifics of it for future help with others.
Between seeing this consistently showing up in HJT "hxxp://red.clientapps.yahoo.com" Plus a entry that gave an address of my own loopback on port 5577 kind of gave me a clue. I ran OTR which helped give me more ideas and then running GMER and replacing my afd.sys file all is well again on the frontier.

Thank you. I'm going to run for a couple days and check it out but I'm sure it's fine.

Carpe Diem

[Broni]

No problem