Jump to content

Recommended Posts

My desktop is infected with a backdoor agent which hijacks my browsers search engine and homage to startpag.com  I have tried adcleaner then Junkware removal tool and then Malwarebytes.  The first two steps are useless as they find nothing and despite MB finding the files they are always back on reboot.  Any help? and thank you.

 

MB log:

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2014.02.06.01

 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Erin :: BOHEMIAN-6BD5A6 [administrator]

 

2/5/2014 6:46:22 PM

mbam-log-2014-02-05 (18-46-22).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 231054

Time elapsed: 16 minute(s), 20 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 1

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BOHEMIAN-6BD5A6 (Backdoor.Agent.Gen) -> Data: C:\Documents and Settings\Erin\Application Data\video.exe -> Quarantined and deleted successfully.

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 1

C:\Documents and Settings\Erin\Application Data\video.exe (Backdoor.Agent.Gen) -> Quarantined and deleted successfully.

 

(end)

Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin..

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.