BleepingComputer.com: search engine redirect

Jump to content

Forum Rules

When posting your problem, do not run and post a ComboFix log. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.

If you have not received help after three days, please post a link to your topic HERE.
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

search engine redirect

#1 User is offline   jtheteacher 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 1
  • Joined: 31-May 11

Posted 01 June 2011 - 12:19 AM

Please help. XP Home, SP3. After searching for a site in IE and Firefox, I click on the link and it takes me to a bogus site.
I ran malwarebytes antimalware and got this log...thanks

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6729

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

6/1/2011 8:20:51 AM
mbam-log-2011-06-01 (08-20-51).txt

Scan type: Full scan (C:\|)
Objects scanned: 713615
Time elapsed: 3 hour(s), 36 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallPaper (PUM.Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDesktop (PUM.Hidden.Desktop) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\C\documents and settings\jennifer\local settings\application data\xee(2).exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\C\documents and settings\jennifer\local settings\application data\xee(3).exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\C\documents and settings\jennifer\local settings\application data\xee.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{67fb539d-8bd5-46bc-a11b-489b5d592db5}\RP107\A0014441.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{67fb539d-8bd5-46bc-a11b-489b5d592db5}\RP107\A0014442.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\system volume information\_restore{67fb539d-8bd5-46bc-a11b-489b5d592db5}\RP107\A0014443.sys (Rootkit.TDSS) -> Quarantined and deleted successfully.

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users