Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google search results takes me to random sites


  • Please log in to reply
5 replies to this topic

#1 ProblemWithXp

ProblemWithXp

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:41 PM

Posted 14 March 2011 - 07:35 PM

OS: Win XP Professional
Bowser: Firefox 3.6.6

When I open Google search results in a new tab or window, it takes me to a random site. Some times, the results takes me to correct site but not all the time. I performed the quick scan using MBAM and it found this infection and deleted it.
Files Infected:
c:\documents and settings\administrator\my documents\downloads\flvplayersetup.exe (Adware.Agent) -> Quarantined and deleted successfully.
MBAM full scan did not find any infections.

McAfee found the below infections and removed it.

3/13/2011 1:44:18 AM Deleted Administrator c:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\15\11eb9a0f-25e9b600\xmlparser.class Exploit-CVE2010-0840(Trojan)
3/13/2011 1:44:50 AM Deleted Administrator c:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\28\74cf7d5c-3efdc3e1\xmlparser.class Exploit-CVE2010-0840(Trojan)
3/13/2011 1:46:20 AM Deleted Administrator c:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\7\41610307-560572f7\b.class Exploit-ByteVerify(Trojan)
3/13/2011 1:46:20 AM Deleted Administrator c:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\7\41610307-560572f7\KAVS.class Exploit-ByteVerify(Trojan)

But the problem still exist even after I restart the system. Any one please help me about this??

Thank you for looking into it

BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:41 PM

Posted 14 March 2011 - 07:44 PM

Try this:

http://www.bleepingcomputer.com/virus-removal/remove-tdss-tdl3-alureon-rootkit-using-tdsskiller
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 ProblemWithXp

ProblemWithXp
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:41 PM

Posted 14 March 2011 - 07:59 PM

Thank you. I ran TDSSKiller but nothing found

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:41 PM

Posted 14 March 2011 - 08:03 PM

Do you use a router? If so try resetting it as the DNS setting may have been changed by the malware.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 ProblemWithXp

ProblemWithXp
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:41 PM

Posted 15 March 2011 - 07:20 PM

Yes. I use router. I did a reset and it seems to work for some time. But ran into same issue again

#6 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:41 PM

Posted 15 March 2011 - 07:28 PM

Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users