I just started getting webpages blocked by Avast. A little research told me this is the ISPrime virus. I downloaded ATS and ran a scan but I’m not sure how to post the results. Any help would be appreciated.
Thanks
Hey, figured it out.
downlod mbam from here:
http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html
update and do a full scan.
remove whatever it finds by hiting remove selected.
after removal,a log will be generated post it here on next reply.
THEN
Start OTS. Copy/Paste the information in the quotebox below into the panel where it says “Paste fix here” and then click the Run Fix button.
[Unregister Dlls]
[Registry - Safe List]
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
YN->HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
YN->HKEY_CURRENT_USER\: "ProxyOverride" -> *.local ->
YN->network.proxy.type -> 0 ->
< HOSTS File > ([2011/03/12 00:29:50 | 000,000,734 | ---- | M] - 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts ->
YN->Reset Hosts
YN->127.0.0.1 localhost
[Files - No Company Name]
NY-> C:\WINDOWS\System32\1787931640
[Custom Items]
:Files
ipconfig /flushdns /c
:end
[Empty Temp Folders]
[EmptyFlash]
[CreateRestorePoint]
THIS IS WILL KILL THE PROBLEM MOST PROBABLY REBOOT THE PC IF ASKED TO REBOOT.
Actually that will not touch the problem at all
Com155 until you know what you are doing please desist
Start OTS. Copy/Paste the information in the quotebox below into the panel where it says “Paste fix here” and then click the Run Fix button.
[Unregister Dlls]
[Registry - Safe List]
< Internet Explorer Settings [HKEY_CURRENT_USER\] > ->
YN -> HKEY_CURRENT_USER\: Main\\"XMLHTTP_UUID_Default" -> C9 97 BC 17 8E AE 22 4A 9D 94 0B 50 11 82 13 AF [binary data]
YN -> HKEY_CURRENT_USER\: URLSearchHooks\\"{472734EA-242A-422b-ADF8-83D1E48CC825}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< FireFox Extensions [User Folders] > ->
YY -> XUL Cache -> C:\Documents and Settings\Ellery Bardos\Application Data\Mozilla\Firefox\Profiles\7nud7j5e.default\extensions\{02d4402e-9046-4682-a687-b3113e2e8c53}
[Files/Folders - Modified Within 30 Days]
NY -> 1787931640 -> C:\WINDOWS\System32\1787931640
[Custom Items]
:Files
ipconfig /flushdns /c
:end
[Empty Temp Folders]
[EmptyFlash]
[CreateRestorePoint]
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here
I will review the information when it comes back in.
Depending on what the fix contains, this process may take some time and your desktop icons might disappear or other uncommon behavior may occur.
This is no sign of malfunction, do not panic!
It appears to have worked as my Google searches are not getting re-directed anymore. Many thanks, Essexboy. It seems to have hit all at once and I reviewed my browser history for the last week and didn’t see anything suspicious. But since Avast and MalawareBytes shields didn’t seem to stop it from landing on me, anyone have suggestions for next time?
Thanks
HKEY_CURRENT_USER\: Main\\"XMLHTTP_UUID_Default" -> C9 97 BC 17 8E AE 22 4A 9D 94 0B 50 11 82 13 AF [binary data]This is the bad boy - it is not in an area that that cleaning programmes look at under IE settings - yet
Could you run for a day and if all is well I will remove my tools, tidy up and give some recommendations
Just recently picked up the same issue. Websites are redirecting and im getting the same IP address error from avast…
64.111.211.172
I have tried all the posts fixes listed on the forum sites. I need help…
I have created a New Topic for you, http://forum.avast.com/index.php?topic=82093.0, follow the instructions there and we will try to help in your own topic.
Clean for a day and a half. Appears solved. Thanks again.
Subject to no further problems 
I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems
Now the best part of the day ----- Your log now appears clean 
A good workman always cleans up after himself so…The following will implement some cleanup procedures as well as reset System Restore points:
Start OTS. Copy/Paste the information in the quotebox below into the panel where it says “Paste fix here” and then click the Run Fix button.
[Unregister Dlls]
[Custom Items]
:Files
ipconfig /flushdns /c
:end
[Empty Temp Folders]
[EmptyFlash]
[CreateRestorePoint]
Run OTS and hit the cleanup button. It will remove all the programmes we have used plus itself.
We will now confirm that your hidden files are set to that, as some of the tools I use will change that
[*]Click Start.
[*]Open My Computer.
[*]Select the Tools menu and click Folder Options.
[*]Select the View Tab.
[*]Under the Hidden files and folders heading select Do not show hidden files and folders.
[]Click Yes to confirm.
[]Click OK.
http://users.telenet.be/bluepatchy/miekiemoes/images/javaicon.gif
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application.
Upgrading Java:
[] Go to this site and click Do I have Java
[] It will check your current version and then offer to update to the latest version
SPRING CLEAN
Download and run Puran Disc Defragmenter
For the first run I would recommend a boot defrag and disk check
http://i1224.photobucket.com/albums/ee362/Essexboy3/Puran-1.gif
Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
http://img233.imageshack.us/img233/7729/mbamicontw5.gif
Malwarebytes. Update and run weekly to keep your system clean
Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link
It is critical to have both a firewall and anti virus to protect your system and to keep them updated.
To keep your operating system up to date visit
[*]Microsoft Windows Update
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe 