100ksearch infection

View previous topic View next topic Go down

100ksearch infection

Post by DmanA on Sun 31 Jul 2011, 2:54 am

Same as others, redirects all search engine queries to a phishing site.
reinstalled full version of Symantec, it picks up multiple trojans and deletes them every time without effect.
Mallware bytes, aswell as everything else i tried failed to detect with the exception of the following.
ran aswMBR:
aswMBR version Copyright(c) 2011 AVAST Software
Run date: 2011-07-30 10:35:13
10:35:13.941 OS Version: Windows x64 6.1.7600
10:35:13.941 Number of processors: 8 586 0x2A07
10:35:13.942 ComputerName: WINTERFELL UserName: Dexter
10:37:02.811 Initialze error C000010E - driver not loaded
10:40:07.933 AVAST engine defs: 11073000
10:41:57.286 Service scanning
10:42:04.954 Modules scanning
10:42:04.955 Disk 0 trace - called modules:
10:44:17.326 AVAST engine scan C:\Windows
10:46:37.851 AVAST engine scan C:\Windows\system32
10:46:53.320 File: C:\Windows\system32\consrv.dll **INFECTED** Win32:Malware-gen
10:51:26.970 AVAST engine scan C:\Windows\system32\drivers
10:53:10.286 AVAST engine scan C:\Users\Dexter
10:55:49.233 The log file has been saved successfully to "C:\Users\Dexter\Desktop\aswMBR.txt"
11:23:08.121 AVAST engine scan C:\ProgramData
11:26:26.365 Scan finished successfully
11:49:00.385 The log file has been saved successfully to "C:\Users\Dexter\Desktop\aswMBR.txt"



Posts : 1
Joined : 2011-07-31
Operating System : Windows 7 Ultimate 64-bit

View user profile

Back to top Go down

Re: 100ksearch infection

Post by Sneakyone on Sun 31 Jul 2011, 3:05 pm


Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com

Alternate link: Forospyware.com

Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  • Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

I'm livin' life in the fast lane.


Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

View previous topic View next topic Back to top

Permissions in this forum:
You cannot reply to topics in this forum