Inactive Search Redirection Malware

Status
Not open for further replies.
P

Piecake

Posts: 53   +0
I seem to be plagued by some form of malware that is redirecting me to web pages during searches. EX: When I search on google, and click a result, I am then turned to some random malicious page.

I know this happened because for the first time in years, I left my computer unprotected. This is a brand new machine, just installed a week ago. Avast wasn't running correctly, so I kept putting off fixing it. Now I seem to be infected... -sigh-

Avast is now working, however. I've follow the 8-step instructions and obtained logs.
The problem isn't solved after following the 8-step, but I did nail a few nasties in the process.

Thanks for your time.
 

Attachments

  • hijackthis.log
    5 KB · Views: 2
  • mbam-log-2010-03-30 (23-24-46).txt
    1.5 KB · Views: 3
  • SUPERAntiSpyware Scan Log - 03-30-2010 - 23-41-43.log
    2.4 KB · Views: 2
Good Morning Piecake ( couldn't decide whether you liked pie or cake better, right?). I'll help with the malware.

Not having an antivirus running cost you! You picked up some nasty Trojans! Brand new machine- what were you thinking?! I'd like you to do an online AV scan first- not the usual order of things, but we can find any other processes you may have picked up:

Please not the instruction NOT to check for removal in Eset. I'll handle that.
Run Eset NOD32 Online AntiVirus Scanner HERE
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the Active X control to install
  • Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
  • Click Start
  • Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
  • Click Scan
  • Wait for the scan to finish
  • Re-enable your Antivirus software.
  • A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

I'd like to see that log first before going further so paste it into your next reply.
 
Ran ESET online scanner, found nothing.

I am suddenly having random BSODs on bootup now as well.

And yes, I am the best of both worlds. A pie and a cake. :D
 

Attachments

  • log.txt
    76 bytes · Views: 3
You can run Combofix frst, then rescan with Eset:

Please download ComboFix HERE:
  • With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.
    Important! Save the renamed download to your desktop.
  • Please disable all security programs, such as antiviruses, antispywares, and firewalls.
  • Double click on the setup file on the desktop to run
  • If prompted to download and install the Recovery Console, please do so.
    (Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.)
  • If prompted to update, please allow.
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a log.Please include the C:\ComboFix.txt in your next reply.
Notes:

  • 1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    2. ComboFix may reset a number of Internet Explorer's settings.
    3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security.
    4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run.
.
The repeat the Est scan. save both Combofix and Eset log in next reply.

There's no log for Eset.- just shows registration.
 
Eset just isn't giving me anything in the way of log files. It found and removed one trojan this time.

Combofix also removed a rootkit.
 

Attachments

  • ComboFix.txt
    633 bytes · Views: 2
Forgot to attach the Eset log. Renamed to log2 because i can't upload it twice.

Edit: Nevermind, it just won't let me attach it at all. The log contains the same exact info as the last log.
 
Eset just isn't giving me anything in the way of log files. It found and removed one trojan this time.
Click to expand...
The Eset directions are:
Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
Click to expand...
So whatever it found should not have been removed. And even if it was removed, it will still show in the log.

Where is the rest of the Combofix report?
Unless I get the results of the programs I ask you to run, I have nothing to work with.

Please delete this Combofix exe file on the desktop and run Combofix again. Attach or paste in the entire log- not just the first line.

When finish, Open
Kaspersky Online Scanner in Internet Explorer

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
  • Click Accept and the web scanner will begin to load
  • If a yellow warning bar appears at the top of the browser, click it and choose Install ActiveX Control
  • You will be prompted to install an ActiveX component from Kaspersky, click Install
  • If you are prompted about another ActiveX control called Kaspersky Online Scanner GUI part then allow it to be installed also.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT and then Scan Settings
  • In the scan settings make that the following are selected:
    [o] Scan using the following Anti-Virus database> Extended (if available otherwise Standard)
    [o] Scan Options: Scan Archives> Scan Mail Bases
  • Click OK
  • Now under select a target to scan:
    [o] Select My Computer
  • The program will start to scan your system.
  • Once the scan is complete, click on the Save as Text button and save the file to your desktop
Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the license, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license is accepted, reset to 100%.

This scan will have a log. Please include it in your next reply.

You're running Windows 7, 32 bit- is that correct? I rechecked the HijackThis log- it doesn't look complete either.
 
Status
Not open for further replies.

Similar threads

midian182
Google's AI-powered search can recommend malicious sites, including scams and malware
Replies
6
Views
109
James Ryan
J
midian182
Malware discovered in 60 Android apps with over 100 million downloads
Replies
14
Views
1K
Hotlynx16
H
J
PSA: Discord and Slack links are being used by hackers to distribute malware
Replies
2
Views
1K
QuaZulu
QuaZulu

Latest posts

Back