malware affecting IE7 on XP

I seem to have some kind of malware affecting IE7 & Firefox on my PC w/ XP.
Does anyone recopgnize this? I have Avira AntiVir, been updating it every
day and scans don't detect anything.

I am not able to browse to certain sites like avira.com, avg.com, and other
anti-virus sites. With IE7 I get redirected to a Google page and w/ Firefox
a "page load error" screen saying that the browser "failed to connect".

If I type www.avira.com into IE7 I am redirected to a Google search page at
this URL (I don't advise clicking it):

http://www.google.com/search?q=www.avira.com&rls=com.microsoft:en-us&ie=UTF-8&oe=UTF-8&startIndex=&startPage=1

If I click the link to avira.com from that page, it takes me to this URL
(again, I don't advise clicking it):

http://go.google.com/?u=00a3f63266b79fba1460d70932ff%3Dc%3Fphp.kcilc%2F84.822.19.77&bid=0.027225&aid=61&said=v300&mppc=234

Then a page saying that I have security problems pops up, and prompts me to
download security updates, and IE puts up a messsage bar saying that it has
blocked the site from downloading files, as you can see in the screen
capture here (feel free to click this one):

http://productivitymuse.com/screenshot_090117.jpg

The URL of the page in the screen capture is (don't click it):

http://scan.antispyware-pro-scanner.com/243/3/

Does anyone know what could be causing my browser to redirect like this and
how to correct it?

An adjunctive problem is that Spybot S&D won't start. When I click it, I get
an hourglass for a few seconds and then nothing happens. When I go into Task
Manager it does not show Spybot running.

All of this started happening late Wenesday night (possibly after midnight)
after the Windows Security Center popped up and told me that I had the
zafi.b worm. A scan w/ AntiVir made detected and deleted some files and the
zafi.b warnings went away, but obviously I still have something. I installed
AVG as well, and it didn't find anything and wouldn't connect to the update
server.

Thanks for any advice.

Here's some info on the registrant of the site that is trying to download
files to my computer. Notice that the domain was just published on 1/15/09.
The site is also self-hosted, which means that Mr. Mott from Detroit
Michigan 48204 (not Mississippi) can have anything he wants on his server...

Registration Service Provided By: ALVO BUSINESS SOLUTIONS, CORP.
Contact: +1.8662097142

Domain Name: ANTISPYWARE-PRO-SCANNER.COM

Registrant:
N/A
Deron Mott (deronmott@xxxxxxxxx)
Fremont St. 91 21
DETROIT
Mississippi,48204
US
Tel. +131.433437

Creation Date: 15-Jan-2009
Expiration Date: 15-Jan-2010

Domain servers in listed order:
ns4.alvobs.com
ns3.alvobs.com
ns2.alvobs.com
ns1.alvobs.com






.

Relevant Pages

  • Re: malware affecting IE7 on XP
    ... | I seem to have some kind of malware affecting IE7 & Firefox on my PC w/ XP. ... I have Avira AntiVir, been updating it every ... With IE7 I get redirected to a Google page and w/ Firefox ...
    (microsoft.public.security.virus)
  • Re: Mozilla/Firefox 1.5 is excellent!. Much better than IE...
    ... I wasn't unhappy with IE7 Beta. ... 2-3 minutes I need for the download. ... However, with FireFox I'm stumped. ... can't see how to manipulate the permitted Active-X controls. ...
    (microsoft.public.windowsxp.general)
  • Downloaded file disappears...
    ... I use Windows Vista Home Premium. ... Whether I use IE7 or ... Firefox, when I download a file, everything looks good. ...
    (microsoft.public.windows.vista.general)
  • Re: Cant view or open downloaded files
    ... IE7 will save to the last folder you selected/saved to. ... Firefox has a setting for a permanent folder location. ... I FIRST DOWNLOAD A FILE AFTER THE DOWNLOAD IS COMPLETE, ...
    (microsoft.public.windows.vista.general)
  • Re: Rick Fisher Find/replace
    ... officeav.dll crashed both IE7 and firefox, in the past couple of days ... I've had the same thing happen when trying to download a couple of ...
    (microsoft.public.access.gettingstarted)