Suspected Trojan, iexplorer opens in background plus search redirect?

Discussion in 'Malware Help (A Specialist Will Reply)' started by lisbonlion67, Apr 1, 2011.

  1. lisbonlion67

    lisbonlion67 Private E-2

    My iexplorer.exe keeps opening and running the background, and my google searches get redirected.

    I have run goored fix and this is the log:

    GooredFix by jpshortstuff (03.07.10.1)
    Log created at 22:50 on 01/04/2011 (Lizzie and Andy)
    Firefox version 3.6.16 (en-US)

    ========== GooredScan ==========


    ========== GooredLog ==========

    C:\Program Files\Mozilla Firefox\extensions\
    {972ce4c6-7e08-4474-a285-3208198ce6fd} [17:07 23/05/2010]
    {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [20:09 10/06/2009]

    C:\Users\Lizzie and Andy\Application Data\Mozilla\Firefox\Profiles\et5a91x0.default\extensions\
    {20a82645-c095-46ed-80e3-08825760534b} [20:00 05/03/2011]
    {20a82645-c095-46ed-80e3-08825760534b}-trash [20:00 05/03/2011]

    [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
    "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [08:08 06/08/2009]
    "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\" [18:34 25/03/2011]
    "{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn\" [18:29 25/03/2011]

    -=E.O.F=-

    any ideas? what next?
     
    lisbonlion67, Apr 1, 2011
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!
    Download TDSSKiller from Kaspersky to your directly onto your Desktop
    • Now double click the TDSSkiller.exe file to run it ( if using Vista or Windows 7 do not double click on it but rather, right click and select Run As Administrartor. )
    • If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123tdk.com).
    • Allow the application to run if prompted by Windows or any security programs you have installed
    • It will start the scan and run rather quickly and will notify you of whether anything is found or not.
    • Follow the instructions to delete/quarantine if asks you what to do when if finds something.
    • Whether an infection is found or not, a log file should be created on your C: drive ( or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run. Please attach this log to your next reply. (See: HOW TO: Attach Items To Your Post )
     
    chaslang, Apr 1, 2011
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds