Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Searches Redirected


  • Please log in to reply
11 replies to this topic

#1 Kon

Kon

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 17 January 2011 - 10:14 PM

Hello, whenever I try to search using google I am always redirected to other sites and I am not able to reach the site I want until I continuously go back and press the link again. I used to be redirected to google.com/webhp, but now it redirects to random sites. Another issue that may be of concern is that my theme changes either for a second or for as long as the computer is on without me authorizing any changes. It often changes to the windows classic theme. Thank you for taking the time to help me with this problem.

Attached Files



BC AdBot (Login to Remove)

 


#2 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 18 January 2011 - 12:35 AM

Download this tool to desktop:

http://www2.gmer.net/mbr/mbr.exe

Double click it & post the log it creates on desktop. (mbr.log)

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#3 Kon

Kon
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 18 January 2011 - 12:41 AM

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: Maxtor_6L080L0 rev.BAJ41G20 -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-3

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
detected disk devices:
\Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskMaxtor_6L080L0__________________________BAJ41G20#324c583150594859202020202020202020202020#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x8A245292
user != kernel MBR !!!
sectors 160086526 (+255): user != kernel
Warning: possible TDL4 rootkit infection !
TDL4 rootkit infection detected ! Use: "mbr.exe -f" to fix.

#4 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 18 January 2011 - 12:47 AM

Firstly, what type of computer that has been infected? Is it Dell, HP, etc?

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#5 Kon

Kon
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 18 January 2011 - 12:57 AM

I'm not really sure. It was built from various parts by my cousin years ago and then reformatted a year ago. Is there any way I could provide you with better information?

#6 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 18 January 2011 - 12:59 AM

It was built from various parts by my cousin years ago and then reformatted a year ago. Is there any way I could provide you with better information?


Nope, I much prefer self-build pc rather than those OEM like Dell or HP, so kudos to your cousin :thumbup2:

Ok.. copy/paste (not cut and paste) the mbr.exe that you saved on the Desktop to C:\WINDOWS folder..

Then, go to Start >> Run >> copy/paste below >> Press Enter

mbr -f

Then a logfile (mbr.log) will be created on your screen (find it at C:\Windows\mbr.log)

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#7 Kon

Kon
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 18 January 2011 - 01:16 AM

There was no logfile created after I followed your directions. When running mbr -f, I was prompted to type in y and press enter and then my computer was restarted.

#8 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 18 January 2011 - 01:22 AM

Ok, please run mbr.exe again from your desktop and post the new log here :)

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#9 Kon

Kon
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 18 January 2011 - 01:23 AM

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: Maxtor_6L080L0 rev.BAJ41G20 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

#10 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 18 January 2011 - 01:25 AM

Great!.. Now try using your computer and tell me if you still got searches redirected issue or any other issues :)

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#11 Kon

Kon
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 18 January 2011 - 01:31 AM

Thank you! I have tried a couple searches and no problems have occurred. Can I still post to this topic in the next few days if anything else comes up?

#12 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 18 January 2011 - 01:37 AM

Yup.. just use the computer for a couple of days and tell me how it goes.. If everything is good, then we'll close the topic :)

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users