100ksearch infection

View previous topic View next topic Go down

100ksearch infection

Post by DmanA on 30th July 2011, 3:54 pm

Same as others, redirects all search engine queries to a phishing site.
reinstalled full version of Symantec, it picks up multiple trojans and deletes them every time without effect.
Mallware bytes, aswell as everything else i tried failed to detect with the exception of the following.
ran aswMBR:
aswMBR version 0.9.8.978 Copyright(c) 2011 AVAST Software
Run date: 2011-07-30 10:35:13
-----------------------------
10:35:13.941 OS Version: Windows x64 6.1.7600
10:35:13.941 Number of processors: 8 586 0x2A07
10:35:13.942 ComputerName: WINTERFELL UserName: Dexter
10:37:02.811 Initialze error C000010E - driver not loaded
10:40:07.933 AVAST engine defs: 11073000
10:41:57.286 Service scanning
10:42:04.954 Modules scanning
10:42:04.955 Disk 0 trace - called modules:
10:42:04.956
10:44:17.326 AVAST engine scan C:\Windows
10:46:37.851 AVAST engine scan C:\Windows\system32
10:46:53.320 File: C:\Windows\system32\consrv.dll **INFECTED** Win32:Malware-gen
10:51:26.970 AVAST engine scan C:\Windows\system32\drivers
10:53:10.286 AVAST engine scan C:\Users\Dexter
10:55:49.233 The log file has been saved successfully to "C:\Users\Dexter\Desktop\aswMBR.txt"
11:23:08.121 AVAST engine scan C:\ProgramData
11:26:26.365 Scan finished successfully
11:49:00.385 The log file has been saved successfully to "C:\Users\Dexter\Desktop\aswMBR.txt"



DmanA
Beginner
Beginner

Posts Posts : 1
Joined Joined : 2011-07-30
OS OS : Windows 7 Ultimate 64-bit
Points Points : 19583
# Likes # Likes : 0

View user profile

Back to top Go down

Re: 100ksearch infection

Post by Sneakyone on 31st July 2011, 4:05 am

Hi,

Please download ComboFix from [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]


Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found [You must be registered and logged in to see this link.]
  • Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56104
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum