Lately Firefox has began denying me entry to anti-virus sites or Microsoft.com. It redirects to a spammy search site. I can, however, view these sites using AOL VR. From what I've read, it seems I have Virut. Here is a Malwarebytes log:
Malwarebytes' Anti-Malware 1.40 Database version: 2692 Windows 5.1.2600 Service Pack 3 25/08/2009 16:58:16 mbam-log-2009-08-25 (16-58-14).txt Scan type: Full Scan (C:\|) Objects scanned: 132739 Time elapsed: 26 minute(s), 26 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 4 Registry Values Infected: 1 Registry Data Items Infected: 3 Folders Infected: 1 Files Infected: 6 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> No action taken. Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.FakeAlert) -> Data: c:\windows\system32\sdra64.exe -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.FakeAlert) -> Data: system32\sdra64.exe -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,) Good: (Userinit.exe) -> No action taken. Folders Infected: C:\WINDOWS\system32\lowsec (Stolen.data) -> No action taken. Files Infected: C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> No action taken. C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> No action taken. C:\WINDOWS\system32\7.tmp (Trojan.Agent) -> No action taken. C:\WINDOWS\system32\8.tmp (Trojan.Agent) -> No action taken. C:\WINDOWS\system32\A.tmp (Trojan.Agent) -> No action taken. C:\WINDOWS\system32\sdra64.exe (Trojan.FakeAlert) -> No action taken.
I saw a video recommending that I download Dr. Watt's CleanIt and scan CD, however when I try to download these, in AOL, they load for about two minutes then show an error message. I am running Windows XP.
Thanks