Google redirect virus please help

Status
Not open for further replies.
hi i have somthing that redirects me when i search in google i dowloaded ccleaner and superantispyware and malwarebytes and they all found stuff and now tell me my computer is clean! but i still have the problem i have tried to follow the 8 steps as best i could (most of this stuff goes over my head i will put the origanal logs here and attach the hijack this and most recent logs as well. thank you for taking a look any and all help would be greatly appreciated thank you.

these were the results of the first twoo scans.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/11/2009 at 08:04 PM

Application Version : 4.31.1000

Core Rules Database Version : 4360
Trace Rules Database Version: 2204

Scan type : Complete Scan
Total Scan Time : 02:14:28

Memory items scanned : 876
Memory threats detected : 0
Registry items scanned : 6601
Registry threats detected : 1
File items scanned : 36070
File threats detected : 0

Trojan.Agent/Gen
HKU\S-1-5-21-3775297378-1307702850-244003435-1000\Software\Margotte

Malwarebytes' Anti-Malware 1.42
Database version: 3340
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865

10/12/2009 21:21:48
mbam-log-2009-12-10 (21-21-48).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|L:\|)
Objects scanned: 437146
Time elapsed: 1 hour(s), 29 minute(s), 39 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 9

Memory Processes Infected:
C:\Users\drewster\AppData\Local\Temp\b.exe (Trojan.Dropper) -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\NeoChronos (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\neochronos (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\Pcsx2\plugins\PadSSSPSX.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\drewster\AppData\Local\Temp\89596.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\drewster\AppData\Roaming\Microsoft\Windows\update8123.cmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\drewster\Desktop\Programs & appS\YAAI_2.0.3.488\YAAI_2.0.3.488\YAAI.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\drewster\AppData\Local\Temp\b.exe (Trojan.Dropper) -> Delete on reboot.
C:\Users\drewster\AppData\Local\Temp\d.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\drewster\AppData\Local\Temp\f.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
 
hi there i now your probably very busy but i wondered have i put this in the right place?
as i have told the kids they cant use the computer till its fixed as i think they may have caused this! thanks again for the help.
 
uh oh i just turned on the pc this morning and got an unknow limited connectivity message and cant accses the internet now im really starting to panic help me pleease!
 
Status
Not open for further replies.
Back