Random redirect problem

Status
Not open for further replies.
P

pktchspt

Looks like I became a victim of the Random Redirect virus/malware/evildoer. A couple of days ago I (accidentially?) opened my laptop to the attack of the 'Internet Security 2010' trojan horse. Previously, I didn't run any virus scan software or firewall on my laptop (yeah, I liked living dangerously). After my laptop was infected, I downloaded and tried a few free virus scan/removal tools and it appears that most of the IS2010 has been removed. The only apparent problem remains is the annoying 'random redirect' behavior.

I use IE8, Firefox, and Chrome. They all exhibit the same problem. RED HERRING WARNING: I haven't confirmed this yet, it appears to me that after I reboot the system, if I start Chrome first and use it, everything is fine in Chrome. However, if I start IE8 later, the redirect happens pretty much right away, and Chrome in turn started behaving badly as well.

I just finished the 'UPDATED 8-step Viruses/Spyware/Malware Preliminary Removal Instructions'. Attached are the log files.

Currently I have AVG Free and ZoneAlarm Free running.

thanks in advance

PK
 

Attachments

  • hijackthis.log
    17.5 KB · Views: 2
  • mbam-log-2010-01-28 (00-42-03).txt
    1.8 KB · Views: 2
  • SUPERAntiSpyware Scan Log - 01-28-2010 - 02-13-15.log
    4.7 KB · Views: 2
here is the combofix log

Ran the combofix and here is the log.

btw, updates on what I did before I ran combofix:

- RED HERRING confirmed - after rebooting, I was able to reproduce the random redirect problem in Chrome without launching IE8 or Firefox first.

- After surfing the web a bit more, I ran into some links mentioned that Hitman Pro might fix the problem. I downloaded Hitman Pro and it detected that atapi.sys is a 'rootkit' virus. Since I don't have an activation key, I just exited from Hitman Pro (which does not (or is not supposed to) correct problems without an activation key).

- I downloaded combofix and ran it. Had some problem with installing recovery console but finally got it installed the system was rebooted. When the system came back on, Hitman Pro started running (it was configured to run on reboot). This time it didn't report any virus.

- I ran combofix to finally get to the point where the report was generated (and attached here).

- I tried to reproduce the 'random redirect' issue in the browers. Now I *cannot* reproduce it in IE8, firefox, or chrome after clicking about a dozen google search results in each of the browsers.

Did the malware go hiding (that's one smart virus)? Did Hitman Pro do something (even though it said it wouldn't do anything until an activation key is provided)? Did ComboFix do something?

very weird...

thanks

PK
 

Attachments

  • ComboFix.txt
    19.8 KB · Views: 5
Status
Not open for further replies.

Similar threads

midian182
Microsoft accused of malware-like tactics, again, in attempt to push users onto Bing
Replies
24
Views
780
Hotlynx16
H
I
  • Locked
Inactive Virus or rootkit on Windows and Linux
Replies
9
Views
2K
Broni
Broni
Cal Jeffrey
Hackers used Ars Technica and Vimeo to deliver malware using obfuscated binary instructions...
Replies
0
Views
134
Cal Jeffrey
Cal Jeffrey

Latest posts

Back