when i go to google site, appears a message of a malware.. what should i do?

hxxp://71.119.200.96/images/cardreader.jar\Inicio.class

the malware tries to redirect me from google to that url, a virus.
and it also disable programs like google earth.
please, if anyone could help me…

Well the detection on the redirected page appears correct, based on you are being redirected there there (hopefully to infect you) there might be other undetected/hidden malware on your system.

If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode and report the findings (it should product a log file).

  1. SUPERantispyware On-Demand only in free version.
  2. Also MalwareBytes Anti-Malware freeware version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/27/2008 at 10:16 PM

Application Version : 4.21.1004

Core Rules Database Version : 3581
Trace Rules Database Version: 1569

Scan type : Quick Scan
Total Scan Time : 00:11:57

Memory items scanned : 630
Memory threats detected : 0
Registry items scanned : 388
Registry threats detected : 0
File items scanned : 12784
File threats detected : 9

Adware.Tracking Cookie
C:\Users\Meus Documentos\AppData\Roaming\Microsoft\Windows\Cookies\meus_documentos@moads.valuead[2].txt
C:\Users\Meus Documentos\AppData\Roaming\Microsoft\Windows\Cookies\meus_documentos@serving-sys[2].txt
C:\Users\Meus Documentos\AppData\Roaming\Microsoft\Windows\Cookies\meus_documentos@bs.serving-sys[2].txt
C:\Users\Meus Documentos\AppData\Roaming\Microsoft\Windows\Cookies\meus_documentos@ads.pointroll[1].txt
C:\Users\Meus Documentos\AppData\Roaming\Microsoft\Windows\Cookies\meus_documentos@2o7[2].txt
C:\Users\Meus Documentos\AppData\Roaming\Microsoft\Windows\Cookies\meus_documentos@atdmt[2].txt
C:\Users\Meus Documentos\AppData\Roaming\Microsoft\Windows\Cookies\meus_documentos@ad.adnetwork.com[2].txt

Trojan.Dropper/Gen
C:\USERS\MEUS DOCUMENTOS\APPDATA\LOCAL\TEMP\RARSFX0\ACTIVATOR.EXE
C:\USERS\MEUS DOCUMENTOS\APPDATA\LOCAL\TEMP\RARSFX0\PID\PID.EXE


Malwarebytes’ Anti-Malware 1.28
Versão do banco de dados: 1216
Windows 6.0.6000

9/27/2008 10:04:02 PM
mbam-log-2008-09-27 (22-03-58).txt

Tipo de Verificação: Completa (C:|)
Objetos verificados: 98747
Tempo decorrido: 48 minute(s), 51 second(s)

Processos da Memória infectados: 0
Módulos de Memória Infectados: 0
Chaves do Registro infectadas: 0
Valores do Registro infectados: 0
Ítens do Registro infectados: 0
Pastas infectadas: 0
Arquivos infectados: 1

Processos da Memória infectados:
(Nenhum ítem malicioso foi detectado)

Módulos de Memória Infectados:
(Nenhum ítem malicioso foi detectado)

Chaves do Registro infectadas:
(Nenhum ítem malicioso foi detectado)

Valores do Registro infectados:
(Nenhum ítem malicioso foi detectado)

Ítens do Registro infectados:
(Nenhum ítem malicioso foi detectado)

Pastas infectadas:
(Nenhum ítem malicioso foi detectado)

Arquivos infectados:
C:\Windows\Downloaded Program Files\uni.gpc (Trojan.Agent) → No action taken.

Even tough they are all in quarentine, I still hava problem with malware when i try to acess google.com

Arquivos infectados: C:\Windows\Downloaded Program Files\uni.gpc (Trojan.Agent) -> No action taken.
This would say that you didn't quarantine that file.

you have to put a check mark next to the baddie and then click REMOVE SELECTED a backup will be made

http://www.siteadvisor.jp/sites/unibanco.com.br/downloads/13070649/
for info only do not run any fixit tools found via google unless instructed

http://www.greatis.com/appdata/d/g/gbpdist.dll.htm

definately a baddie

rerun MBAM
run ROGUE REMOVER FREE while at the Malware Bytes site

rt click the avast ball and update>programs (just in case)
open avast and schedule a BOOTTIME SCAN reboot

see teh stickie at the top of this forum and post a HJT after the above