Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Fake Windows Security leading to google redirects etc


  • Please log in to reply
1 reply to this topic

#1 Paul Weatherley

Paul Weatherley

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:25 PM

Posted 23 May 2010 - 08:13 PM

Hi,

I'm hoping someone can help as earlier today we got a pop up on the bottom right icons about a security issue and then it started running. It looked like the windows security at first then it started showing all these infected files wanting us to purchase the full version. We didn't and powered down the computer as we couldn't quit out of it.

We rebooted the PC and it loaded again. We then went to msconfig and removed startup item wexjsfts which was running a file called uxrxfutssd.exe in AppData\local\aikqaopyc\ directory. This seems to have stopped this software running.

We ran Malware bytes and removed about 4 Trojans etc that it found.

Problem however wasn't solved as we could not longer access servers with some of our business software we use. It turned out it had put a proxy in the settings. We removed this also which resolved this issue.

Thinking everything was ok now we carried on using the PC but we soon found out that we are stuck with Google redirects and also the odd page loading in a separate tab. When it goes to a "redirect" page it has a curly type image next to the URL.

Any help much appreciated as this is the machine we run our family business on so it is extremely important to us.

Many thanks in advance.
Paul

BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:25 PM

Posted 28 May 2010 - 07:10 PM

Please run another scan with Malwarebytes and post the log.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users