BleepingComputer.com: Google search results takes me to random sites

Jump to content

Forum Rules

When posting your problem, do not run and post a ComboFix log. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.

If you have not received help after three days, please post a link to your topic HERE.
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Google search results takes me to random sites

#1 User is offline   ProblemWithXp 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 9
  • Joined: 14-March 11

Posted 14 March 2011 - 07:35 PM

OS: Win XP Professional
Bowser: Firefox 3.6.6

When I open Google search results in a new tab or window, it takes me to a random site. Some times, the results takes me to correct site but not all the time. I performed the quick scan using MBAM and it found this infection and deleted it.
Files Infected:
c:\documents and settings\administrator\my documents\downloads\flvplayersetup.exe (Adware.Agent) -> Quarantined and deleted successfully.
MBAM full scan did not find any infections.

McAfee found the below infections and removed it.

3/13/2011 1:44:18 AM Deleted Administrator c:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\15\11eb9a0f-25e9b600\xmlparser.class Exploit-CVE2010-0840(Trojan)
3/13/2011 1:44:50 AM Deleted Administrator c:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\28\74cf7d5c-3efdc3e1\xmlparser.class Exploit-CVE2010-0840(Trojan)
3/13/2011 1:46:20 AM Deleted Administrator c:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\7\41610307-560572f7\b.class Exploit-ByteVerify(Trojan)
3/13/2011 1:46:20 AM Deleted Administrator c:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\7\41610307-560572f7\KAVS.class Exploit-ByteVerify(Trojan)

But the problem still exist even after I restart the system. Any one please help me about this??

Thank you for looking into it

#2 User is offline   Budapest 

  • Bleepin' Cynic
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Moderator
  • Posts: 22,235
  • Joined: 11-November 06
  • Gender:Male

Posted 14 March 2011 - 07:44 PM

Try this:

http://www.bleepingcomputer.com/virus-removal/remove-tdss-tdl3-alureon-rootkit-using-tdsskiller
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 User is offline   ProblemWithXp 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 9
  • Joined: 14-March 11

Posted 14 March 2011 - 07:59 PM

Thank you. I ran TDSSKiller but nothing found

#4 User is offline   Budapest 

  • Bleepin' Cynic
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Moderator
  • Posts: 22,235
  • Joined: 11-November 06
  • Gender:Male

Posted 14 March 2011 - 08:03 PM

Do you use a router? If so try resetting it as the DNS setting may have been changed by the malware.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 User is offline   ProblemWithXp 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 9
  • Joined: 14-March 11

Posted 15 March 2011 - 07:20 PM

Yes. I use router. I did a reset and it seems to work for some time. But ran into same issue again

#6 User is offline   Budapest 

  • Bleepin' Cynic
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Moderator
  • Posts: 22,235
  • Joined: 11-November 06
  • Gender:Male

Posted 15 March 2011 - 07:28 PM

Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users