Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Whattoseek redirect through Google search


  • Please log in to reply
No replies to this topic

#1 dilemma25

dilemma25

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 28 June 2010 - 03:04 PM

Hi guys, i'm having this redirect through google search promlem. Before i downloaded Malwarebytes, SAS, and ATF Cleaner, every other page was getting redirected. Since i've downloaded, its been reduced to a couple of times but the browser feels slow. I've tried some suggestions from this site, but can't seem to get rid of it altogher. Please help.

Here are my logs.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/28/2010 at 12:49 PM

Application Version : 4.39.1002

Core Rules Database Version : 5127
Trace Rules Database Version: 2939

Scan type : Complete Scan
Total Scan Time : 00:30:28

Memory items scanned : 335
Memory threats detected : 0
Registry items scanned : 11394
Registry threats detected : 0
File items scanned : 87817
File threats detected : 90

Adware.Flash Tracking Cookie
C:\Users\jdalima\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\AA3SKJ6U\CLOUDFRONT.MEDIAMATTERS.ORG
C:\Users\jdalima\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\AA3SKJ6U\MEDIA.CNBC.COM
C:\Users\jdalima\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\AA3SKJ6U\MEDIA.ONSUGAR.COM
C:\Users\jdalima\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\AA3SKJ6U\MEDIA1.BREAK.COM
C:\Users\jdalima\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\AA3SKJ6U\MSNBCMEDIA.MSN.COM
C:\Users\jdalima\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\AA3SKJ6U\OBJECTS.TREMORMEDIA.COM
C:\Users\jdalima\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\AA3SKJ6U\VITAMINE.NETWORLDMEDIA.NET
C:\Users\jdalima\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\AA3SKJ6U\INDIECLICK.3JANECDN.COM
C:\Users\jdalima\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\AA3SKJ6U\S0.2MDN.NET
C:\Users\jdalima\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\AA3SKJ6U\SECURE-US.IMRWORLDWIDE.COM

Adware.Tracking Cookie
C:\Users\administrator\AppData\Roaming\Microsoft\Windows\Cookies\administrator@atdmt[2].txt
C:\Users\administrator\AppData\Roaming\Microsoft\Windows\Cookies\administrator@doubleclick[2].txt
C:\Users\administrator\AppData\Roaming\Microsoft\Windows\Cookies\administrator@msnportal.112.2o7[1].txt
C:\Users\administrator\AppData\Roaming\Microsoft\Windows\Cookies\administrator@stat.onestat[2].txt
cdn.insights.gravity.com [ C:\Users\jdalima\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AA3SKJ6U ]
cdn4.specificclick.net [ C:\Users\jdalima\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AA3SKJ6U ]
cloudfront.mediamatters.org [ C:\Users\jdalima\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AA3SKJ6U ]
core.insightexpressai.com [ C:\Users\jdalima\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AA3SKJ6U ]
indieclick.3janecdn.com [ C:\Users\jdalima\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AA3SKJ6U ]
input.insights.gravity.com [ C:\Users\jdalima\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AA3SKJ6U ]
media.cnbc.com [ C:\Users\jdalima\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AA3SKJ6U ]
media.mtvnservices.com [ C:\Users\jdalima\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AA3SKJ6U ]
media.onsugar.com [ C:\Users\jdalima\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AA3SKJ6U ]
media.scanscout.com [ C:\Users\jdalima\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AA3SKJ6U ]
media1.break.com [ C:\Users\jdalima\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AA3SKJ6U ]
msnbcmedia.msn.com [ C:\Users\jdalima\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AA3SKJ6U ]
objects.tremormedia.com [ C:\Users\jdalima\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AA3SKJ6U ]
s0.2mdn.net [ C:\Users\jdalima\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AA3SKJ6U ]
sas-origin.onstreammedia.com [ C:\Users\jdalima\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AA3SKJ6U ]
secure-us.imrworldwide.com [ C:\Users\jdalima\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AA3SKJ6U ]
vitamine.networldmedia.net [ C:\Users\jdalima\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AA3SKJ6U ]
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@247realmedia[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@ad.wsod[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@ad.yieldmanager[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@adcentriconline[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@adecn[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@ads.bleepingcomputer[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@ads.cnn[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@ads.networldmedia[3].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@ads.vegas[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@adserver.adtechus[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@bellglobemediapublishing.122.2o7[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@burstbeacon[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@chitika[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@citi.bridgetrack[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@collective-media[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@counter2.hitslink[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@creatives.commindo-media[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@data.coremetrics[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@entrepreneur.122.2o7[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@entrepreneur[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@fastclick[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@findarticles[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@intermundomedia[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@kanoodle[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@liveperson[4].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@liveperson[5].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@liveperson[6].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@liveperson[7].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@liveperson[8].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@media.photobucket[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@mediaplex[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@network-ca.247realmedia[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@networldmedia[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@nhl.112.2o7[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@oasn04.247realmedia[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@openx.wholesalemediaguide[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@overture[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@pointroll[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@questionmarket[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@rbc.bridgetrack[3].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@revsci[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@richmedia.yahoo[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@rogersmedia.122.2o7[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@serving-sys[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@specificclick[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@stats.techie-buzz[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@statse.webtrendslive[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@statse.webtrendslive[3].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@statse.webtrendslive[4].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@tacoda[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@tns-counter[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@torstardigital.122.2o7[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@tracking.foxnews[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@vitamine.networldmedia[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@workopolis.122.2o7[1].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@www.burstbeacon[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@www.burstnet[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@yieldmanager[2].txt
C:\Users\jdalima\AppData\Roaming\Microsoft\Windows\Cookies\jdalima@zedo[1].txt


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4250

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

06/28/2010 12:05:24 PM
mbam-log-2010-06-28 (12-05-24).txt

Scan type: Quick scan
Objects scanned: 152106
Time elapsed: 7 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\D (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

ANY HELP WOULD BE MUCH APPRECIATED. THANKS.

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users