Internet Security flags and redirects

[Harvestthebrain]

Hi there,
So I had a bunch of Internet Security flags popping up all over the place and I wasn't allowed to download anything because of a message saying that the file I was downloading was infected with a virus and deleted, after visiting a fairly shady site. I have highjack this and dds, ran scans, and found and deleted internet security from registry. Now my search results are all redirects, and I still cant download anything. I did read the sticky on posting, and I tried downloading otl and aswmbr but like I said, my downloads are being canceled which is making it hard to be rid of this bug. I already had dds and HJT so those are the logs I have. I'll post them for review with your permission If you can gather some info from them.
Any help appreciated

 

[TwinHeadedEagle]

Hi, do you have access to USB flash and another computer so we can download required tools on it?

 

[Harvestthebrain]

Yes I have access to another pc

 

[TwinHeadedEagle]

Ok, we will use an USB to run the tool on infected computer

Please download Farbar Recovery Scan Tool and save it to USB.

Note: You need to run the version compatibale with your system. Your system is 64-bit.

• Put the USB in infected computer, and open it.
• Double-click FRST64 to run it. When the tool opens click Yes to disclaimer.
• Under Optional Scan ensure "List BCD" and "Driver MD5" are ticked.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

[Harvestthebrain]

great, here they are.

Ok, we will use an USB to run the tool on infected computer

Please download Farbar Recovery Scan Tool and save it to USB.

Note: You need to run the version compatibale with your system. Your system is 64-bit.

• Put the USB in infected computer, and open it.
• Double-click FRST64 to run it. When the tool opens click Yes to disclaimer.
• Under Optional Scan ensure "List BCD" and "Driver MD5" are ticked.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

[TwinHeadedEagle]

Download attached file, and copy it to USB
[attachment=5949]

Insert USB to infected computer, run FRST, and click Fix.

Attach the report when the fix is complete. Log will be located at your USB under the name fixlog.txt

 

[Harvestthebrain]

Here we go

 

[Harvestthebrain]

Checked the search results, no more redirects. I can also download things now...seems to be running smoothly.

 

[TwinHeadedEagle]

Ok, great to hear everything is good

But we're not done yet. We still need to repair the damage that malware has done. From now, we will work from infected machine, you do not need to use other comput now.



Step 1.

Download fresh FRST from link above, Scan and attach the fresh log.



Step 2.

We need to repair the services that virus damaged.

• Download ESET Services repair tool and save it to your desktop.
  ESET Services repair tool
  
• Double-click the services repair tool (ServicesRepair.exe) that you downloaded in the previous step.
• If security notifications appear, click Continue or Run and then click Yes when asked if you want to proceed.
• Once the tool has finished, you will be prompted to restart your computer. Click Yes to restart.

Step 3.

• Download Farbar Service Scanner
  Farbar Service Scanner
  
• Open FSS.exe, check all fields, and click Scan
• When the scanning is finished, you will find FSS.txt on the Desktop. Attach that report