BleepingComputer.com: What does this mean...

What does it mean when I keep getting directed to pages like these...

http://www.youtube.com/watch?v=CjmxzA-af54

I have scanned for viruses and malware and so on, but the problem isn't resolved.

Can someone tell me what this is and how to stop it?

Hi, what have you scanned with. Are you saying you get redirected to Youtube or any random page?

Watch the youtube video.

Pages like that - blinkx.com - purequery.com, etc.

I've scanned with Norton - Malwarebytes - PC cillin, etc.

Ok, well the film don't play.. regardless you have redirects... Did MalwareBytes remove anything??
Please post that log. I am moving this from XP to Am I Infected for the time being..

The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.


Next run ATF and SAS:

Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".

From your regular user account..
Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..
DO NOT run yet.
Open SUPER from icon and install and Update it
Under Scanner Options make sure the following are checked (leave all others unchecked):
Close browsers before scanning.
Scan for tracking cookies.
Terminate memory threats before quarantining.
Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.

Now reboot into Safe Mode: How to enter safe mode(XP)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode.

Double-click ATF-Cleaner.exe to run the program.
Under Main "Select Files to Delete" choose: Select All.
Click the Empty Selected button.

If you use Firefox or Opera browser click that browser at the top and choose: Select All
Click the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.

NOW Scan with SUPER
Open from the desktop icon or the program Files list
On the left, make sure you check C:\Fixed Drive.
Perform a Complete scan. After scan,Verify they are all checked.
Click OK on the summary screen to quarantine all found items.
If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the removal information after reboot, launch SUPERAntispyware again.
Click Preferences, then click the Statistics/Logs tab.
Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
If there are several logs, click the current dated log and press View log.
A text file will open in your default text editor.
Please copy and paste the Scan Log results in your next reply.
Click Close to exit the program.

Please explain two things...

What are these LOG files?

and...

Which LOG file do you need from Malwarebytes? There are five of them.

Hello Doctor180185

Log files are a record of what if anything was found on your PC.
as far as the Malwarebytes log please refer back to what boopme has said.

If there are several logs, click the current dated log and press View log.
A text file will open in your default text editor.
Please copy and paste the Scan Log results in your next reply.
Click Close to exit the program.

Thank you

D_N_M

This post has been edited by D_N_M: 14 July 2009 - 10:36 AM

Deleted

This post has been edited by Doctor180185: 14 July 2009 - 05:12 PM

Hello Doctor180185

Please post the superantipyware log.

Thank you

D_N_M

Deleted

This post has been edited by Doctor180185: 14 July 2009 - 05:11 PM

Hi let's see if that rootkit is deeper.
Next Please install RootRepeal
Note: Vista users ,, right click on desktop icon and select "Run as Administrator."

Go HERE, and download RootRepeal.zip to your Desktop.
Tutorial with images ,if needed >> L@@K.
Unzip that,(7-zip tool if needed) and then click RootRepeal.exe to open the scanner.
Next click on the Report tab, now click on Scan. A Window will open asking what to include in the scan. Check all of the below and then click OK.

Drivers
Files
Processes
SSDT
Stealth Objects
Hidden Services

Now you'll be asked which drive to scan. Check C: and click OK again and the scan will start. Please be patient as the scan runs. When the scan has finished, click on Save Report.
Name the log RootRepeal.txt and save it to your Documents folder (it should automatically save it there).
Please copy and paste that into your next reply.

Deleted

This post has been edited by Doctor180185: 14 July 2009 - 05:11 PM

Hi, are you going to post it I saw the infection,.??