Hello everyone, I am having a bit of an issue here and was looking for some help.
A few days ago I was asked to repair a computer in an office where it kept redirecting google and yahoo search results, as well as constant crashes of the Windows Hosting Service.
A domino effect of this is that the computer acts as a non-dedicated server for the entire office's database program.
I've done the preliminary steps and will post the logs for Malwarebytes, GMER, and DDS (both DDS and Attach)
Malwarebytes
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6020
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019
3/11/2011 10:03:09 AM
mbam-log-2011-03-11 (10-03-09).txt
Scan type: Quick scan
Objects scanned: 172586
Time elapsed: 6 minute(s), 42 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Windows\Temp\0.16358324044715977.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
A few days ago I was asked to repair a computer in an office where it kept redirecting google and yahoo search results, as well as constant crashes of the Windows Hosting Service.
A domino effect of this is that the computer acts as a non-dedicated server for the entire office's database program.
I've done the preliminary steps and will post the logs for Malwarebytes, GMER, and DDS (both DDS and Attach)
Malwarebytes
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6020
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019
3/11/2011 10:03:09 AM
mbam-log-2011-03-11 (10-03-09).txt
Scan type: Quick scan
Objects scanned: 172586
Time elapsed: 6 minute(s), 42 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Windows\Temp\0.16358324044715977.exe (Trojan.Dropper) -> Quarantined and deleted successfully.