computer_user
2012-08-08, 08:10
I own an HP Compaq computer which uses Windows Vista and I use Firefox as my primary browser. On Monday 6 August 2012 I was searching the internet and was directed to a spam site, it happened several more times (taking me to different websites than the one I intended to visit). On Tuesday 7 August 2012 I ran spybot which found nothing, but a Malware Bytes scan found several trojans.
After Malware Bytes initially found the problem, I thought that it was removed but when I used Google it happened again, so I ran Malware Bytes which on the second run found nothing at all.
I did an online search (using Bing) and learned of something called the Google re-direct virus, I don't know if that particular bug is what I encountered but I need help with this problem.
I'm pasting a copy of my INITIAL Malware Bytes report which has information about the trojan:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Database version: v2012.08.07.04
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Martin Family :: MARTINFAMILY-PC [administrator]
8/7/2012 8:04:32 AM
mbam-log-2012-08-07 (08-04-32).txt
Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 675837
Time elapsed: 4 hour(s), 33 minute(s), 38 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 1
C:\Users\Martin Family\AppData\Local\Apple Computer\Apple\bknzynz.dll (Trojan.RedirRdll3.Gen) -> Delete on reboot.
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Apple (Trojan.RedirRdll3.Gen) -> Data: rundll32.exe "C:\Users\Martin Family\AppData\Local\Apple Computer\Apple\bknzynz.dll",CreateInstance -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Martin Family\AppData\Local\Apple Computer\Apple\bknzynz.dll (Trojan.RedirRdll3.Gen) -> Delete on reboot.
(end)
It's 12:08 AM and too late to run another scan but I wanted to post this information lest it be lost when I turn of my computer.
After Malware Bytes initially found the problem, I thought that it was removed but when I used Google it happened again, so I ran Malware Bytes which on the second run found nothing at all.
I did an online search (using Bing) and learned of something called the Google re-direct virus, I don't know if that particular bug is what I encountered but I need help with this problem.
I'm pasting a copy of my INITIAL Malware Bytes report which has information about the trojan:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Database version: v2012.08.07.04
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Martin Family :: MARTINFAMILY-PC [administrator]
8/7/2012 8:04:32 AM
mbam-log-2012-08-07 (08-04-32).txt
Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 675837
Time elapsed: 4 hour(s), 33 minute(s), 38 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 1
C:\Users\Martin Family\AppData\Local\Apple Computer\Apple\bknzynz.dll (Trojan.RedirRdll3.Gen) -> Delete on reboot.
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Apple (Trojan.RedirRdll3.Gen) -> Data: rundll32.exe "C:\Users\Martin Family\AppData\Local\Apple Computer\Apple\bknzynz.dll",CreateInstance -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Martin Family\AppData\Local\Apple Computer\Apple\bknzynz.dll (Trojan.RedirRdll3.Gen) -> Delete on reboot.
(end)
It's 12:08 AM and too late to run another scan but I wanted to post this information lest it be lost when I turn of my computer.