betel23 Posted May 20, 2013 Posted May 20, 2013 Hi folks.. For the last couple of weeks I have been getting the following problems:- Click back button and it jumps back more than one page.. Click on a link in favourites or url bar and a totally different page comes up.. Appreciate input please. Regards betel23 Op Win7 pro i7 Cpu IE 9 Quote
KenB Posted May 20, 2013 Posted May 20, 2013 Hi If you are getting re-directed this could possibly be malware. Download MBAM from here; click here You want the FREE version. Install > Update > Run It will produce a log in Notepad. Copy this and post it here please. Please make sure that you tick the box and delete anything that it finds after the scan. Quote There is an email going around offering processed pork - gelatin - and salt in a can ......this is simply SPAM !! MiniToolBoxNetwork TestWireless Test
betel23 Posted May 28, 2013 Author Posted May 28, 2013 Here you go Ken!! Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Database version: v2013.05.28.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Robert :: ROBERT-PC [administrator] Protection: Enabled 28/05/2013 11:24:36 MBAM-log-2013-05-28 (12-32-39).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | FileSystem | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 461891 Time elapsed: 58 minute(s), 40 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 8 C:\Users\Robert\Desktop\Apps\WinRar401\WinRar401.zip(PUP.RiskwareTool.CK) -> No action taken. C:\Users\Robert\Desktop\Apps\WinRar401\WinRar401\Keygen.rar(PUP.RiskwareTool.CK) -> No action taken. C:\Users\Robert\Desktop\Burner\dvrgenpr12001211preavtd.rar(Backdoor.Agent.SACGen) -> No action taken. C:\Users\Robert\Desktop\Burner\dvrgenpr12001211preavtd\drvgenpro_preactivated_sHaRewbb.exe(Backdoor.Agent.SACGen) -> No action taken. C:\Users\Robert\Desktop\Driver\dvrgenpr12001211preavtd\drvgenpro_preactivated_sHaRewbb.exe(Backdoor.Agent.SACGen) -> No action taken. C:\Users\Robert\Desktop\Games\Newfolder\Music.MP3.Downloader.5.4.2.2.rar (PUP.Hacktool.Patcher) -> No actiontaken. C:\Users\Robert\Desktop\Games\New folder\Patch_by_JCVO.rar(PUP.Hacktool.Patcher) -> No action taken. C:\Users\Robert\Desktop\Games\New folder(2)\google.earth.plus.6.0.2.2074-mpt.rar (PUP.Hacktool.Patcher) -> No actiontaken. (end) Quote
KenB Posted May 28, 2013 Posted May 28, 2013 Hi Run MBAM again and when it has finished make sure that you select all that it finds and then "Remove Selected" Your log is showing "no action taken" Please re-post the latest log and I will ask one of our security experts to advise you further. Even if MBAM "removes" the problem you will still need further advice. The log is stored in "Logs" which shows in the toolbar. Quote There is an email going around offering processed pork - gelatin - and salt in a can ......this is simply SPAM !! MiniToolBoxNetwork TestWireless Test
Starbuck Posted May 28, 2013 Posted May 28, 2013 Backdoor. Agents have the ability to steal passwords. It is known that these trojans can communicate with remote computers, download and run code, send emails and redirect browser requests. Unfortunately we cannot be sure about what they have done. If you do any banking or other financial transactions on the PC or it if it contains any other sensitive information, please get to a known clean computer and change all passwords where applicable and it would be wise to contact those same financial institutions to apprise them of your situation. Though the Trojans have been identified there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of Trojan, the best course of action would be a reformat and reinstall of the OS. Should you decide not to follow that advice, we will of course do our best to clean the computer of any infections that we can see but, as I already stated, we can in no way guarantee it to be trustworthy again. Let us know what you want to do. Quote Member of:UNITE
betel23 Posted May 28, 2013 Author Posted May 28, 2013 Hi Run MBAM again and when it has finished make sure that you select all that it finds and then "Remove Selected" Your log is showing "no action taken" Please re-post the latest log and I will ask one of our security experts to advise you further. Even if MBAM "removes" the problem you will still need further advice. The log is stored in "Logs" which shows in the toolbar. Hi...I cut and pasted the above message :)then I removed all selected finds However I will do it again.. Quote
KenB Posted May 28, 2013 Posted May 28, 2013 Please read post #5 by starbuck - you have a serious problem. Quote There is an email going around offering processed pork - gelatin - and salt in a can ......this is simply SPAM !! MiniToolBoxNetwork TestWireless Test
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.