Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I don't know what is infected my machine


  • Please log in to reply
3 replies to this topic

#1 captmilmo

captmilmo

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:20 AM

Posted 21 December 2009 - 05:52 AM

Hi,

After clicking on google search results I get redirected to sites such as "britannia search" "the click checker" "know seach" etc etc. Sometimes this happens on the first search result and sometimes on the second or third search result.

I currently am using Firefox (which I removed and reinstalled when this happened), but it also occurred when I switched back to IE.


I have Norton 360 installed but it can't pick anything up
I have scanned to no avail with malwarebytes, sophos anti rootkit, super antispyware, hijack this

but the redirection still occurs.

Any ideas as to what is causing this, where it came from, and what I can do about this?



Thanks in advance,

Barry

BC AdBot (Login to Remove)

 


#2 MATTSPCHELP

MATTSPCHELP

  • Members
  • 196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Leicester, United kingdom
  • Local time:05:20 PM

Posted 21 December 2009 - 07:27 AM

This sounds like either a bit of malware or a simple hosts file issue , please download and install malwarebytes free edition
Microsoft Certified Desktop Support Technician

#3 captmilmo

captmilmo
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:20 AM

Posted 22 December 2009 - 06:00 AM

Thanks Matt,


I tried Malwarebytes a few days ago, and I updated it through your link before trying it again.

It came up with a few trojans and about twenty worms that hadn't been on it Sunday.

Unfortunately, the problem hasn't gone away and I was redirected to the same sites after clicking on my third google result this morning.




Regards

Barry

#4 captmilmo

captmilmo
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:20 AM

Posted 23 December 2009 - 07:50 AM

Hi Matt,

I don't know if this helps. It is the log from my last scan from Malwarbytes. The redirection problem remains unfortunately!


thanks,

Barry

Malwarebytes' Anti-Malware 1.42
Database version: 3402
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

22/12/2009 05:37:35
mbam-log-2009-12-22 (05-37-35).txt

Scan type: Full Scan (C:\|)
Objects scanned: 298334
Time elapsed: 2 hour(s), 32 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 24

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\WINDOWS\system32\SysWoW32 (Worm.Archive) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\Siobhan\My Documents\Downloads\Keygen.Mindjet.MindManager.v8.0.217.45042.exe (Trojan.Vilsel) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\d3dx9_2732.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi1176674986v4 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi1176674986v4.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi1176674986v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi1176674986v5.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi1176674986v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi1176674986v6.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\mi1176674986v7.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu1176674986v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu1176674986v0.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu1176674986v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu1176674986v1.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu1176674986v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu1176674986v2.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu1176674986v3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\wu1176674986v3.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_i1176674986v5 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_i1176674986v6 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_i1176674986v7 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_u1176674986v0 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_u1176674986v1 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_u1176674986v2 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SysWoW32\_u1176674986v3 (Worm.Archive) -> Quarantined and deleted successfully.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users