Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

mozilla/IE redirect


  • Please log in to reply
1 reply to this topic

#1 pcrak

pcrak

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 29 September 2010 - 07:55 PM

I had virus a couple weeks back, thought i cleared it, but apparently didn't. i'll periodically get redirected to "consumernews.com" or something like that. i ran SAS and MBAM in safe mode. Here are both of those logs....
I also tried to run ESET Online scanner, but i got redirected. i've also run Ccleaner and ATF cleaner (in safe mode).


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4717

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

9/29/2010 2:20:16 PM
mbam-log-2010-09-29 (14-20-16).txt

Scan type: Full scan (C:\|)
Objects scanned: 235815
Time elapsed: 47 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\nofolderoptions (Hijack.FolderOptions) -> Delete on reboot.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Edited by hamluis, 29 September 2010 - 08:17 PM.
Moved from XP forum to Am I Infected ~ Hamluis.


BC AdBot (Login to Remove)

 


#2 pcrak

pcrak
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 29 September 2010 - 07:58 PM

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/29/2010 at 03:53 PM

Application Version : 4.42.1000

Core Rules Database Version : 5604
Trace Rules Database Version: 3416

Scan type : Complete Scan
Total Scan Time : 01:31:41

Memory items scanned : 274
Memory threats detected : 0
Registry items scanned : 5942
Registry threats detected : 1
File items scanned : 78306
File threats detected : 42

Malware.Trace
HKU\S-1-5-21-527237240-2077806209-682003330-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER#NOFOLDEROPTIONS

Adware.Tracking Cookie
.2o7.net [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.usatoday1.112.2o7.net [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.questionmarket.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.questionmarket.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.doubleclick.net [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.apmebf.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.tribalfusion.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Brandyn\Application Data\Mozilla\Firefox\Profiles\9y8i4b60.default\cookies.sqlite ]




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users