Results 1 to 2 of 2

Thread: Google Re-directs

  1. #1
    Member
    Join Date
    May 2008
    Posts
    60

    Exclamation Google Re-directs

    I own an HP Compaq computer which uses Windows Vista and I use Firefox as my primary browser. On Monday 6 August 2012 I was searching the internet and was directed to a spam site, it happened several more times (taking me to different websites than the one I intended to visit). On Tuesday 7 August 2012 I ran spybot which found nothing, but a Malware Bytes scan found several trojans.

    After Malware Bytes initially found the problem, I thought that it was removed but when I used Google it happened again, so I ran Malware Bytes which on the second run found nothing at all.

    I did an online search (using Bing) and learned of something called the Google re-direct virus, I don't know if that particular bug is what I encountered but I need help with this problem.

    I'm pasting a copy of my INITIAL Malware Bytes report which has information about the trojan:

    Malwarebytes Anti-Malware 1.62.0.1300
    www.malwarebytes.org

    Database version: v2012.08.07.04

    Windows Vista Service Pack 2 x86 NTFS
    Internet Explorer 9.0.8112.16421
    Martin Family :: MARTINFAMILY-PC [administrator]

    8/7/2012 8:04:32 AM
    mbam-log-2012-08-07 (08-04-32).txt

    Scan type: Full scan (C:\|D:\|E:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 675837
    Time elapsed: 4 hour(s), 33 minute(s), 38 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 1
    C:\Users\Martin Family\AppData\Local\Apple Computer\Apple\bknzynz.dll (Trojan.RedirRdll3.Gen) -> Delete on reboot.

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 1
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Apple (Trojan.RedirRdll3.Gen) -> Data: rundll32.exe "C:\Users\Martin Family\AppData\Local\Apple Computer\Apple\bknzynz.dll",CreateInstance -> Quarantined and deleted successfully.

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 1
    C:\Users\Martin Family\AppData\Local\Apple Computer\Apple\bknzynz.dll (Trojan.RedirRdll3.Gen) -> Delete on reboot.

    (end)

    It's 12:08 AM and too late to run another scan but I wanted to post this information lest it be lost when I turn of my computer.

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,471

    Default

    Hello computer_user,

    Please refer to the forum sticky again and the instructions in post #2 on how to provide preliminary DDS and aswMBR logs used for analysis.
    http://forums.spybot.info/showthread.php?t=288

    Then start a new topic providing the logs as shown in that FAQ with a link back to this thread and a volunteer analyst will advise you when available.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •