Hi,
While installing malwarebytes it asks to choose the language and I choose English, but still the program runs on some other language, somehow I manage to run the scan and found 3 infections. I posted the log details below.
I think, this time I got success, now no redirects on the google search page and looks everything fine now.
Probably because of a program called Gygan (
http://www.gygan.com/) that I installed couple of months back and that is the one creates the problem. (ref. malwarebytes log)
Thanks for the kind support, great forum.
Do you what language is it?
Below is the log details after the scan.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Versión de la Base de Datos: 5020
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13
11/2/2010 5:45:13 PM
mbam-log-2010-11-02 (17-45-13).txt
Tipos de Análisis: Análisis Completo (C:\|D:\|E:\|)
Objetos examinados: 216618
Tiempo transcurrido: 2 hora(s), 51 minuto(s), 30 segundo(s)
Procesos en Memoria Infectados: 0
Módulos de Memoria Infectados: 0
Claves del Registro Infectadas: 0
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Archivos Infectados: 3
Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)
Módulos de Memoria Infectados:
(No se han detectado elementos maliciosos)
Claves del Registro Infectadas:
(No se han detectado elementos maliciosos)
Valores del Registro Infectados:
(No se han detectado elementos maliciosos)
Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)
Carpetas Infectadas:
(No se han detectado elementos maliciosos)
Archivos Infectados:
C:\Documents and Settings\HP\Local Settings\Application Data\Xenocode\Sandbox\Gygan\0.6.1.7\2010.07.20T01.46\Native\STUBEXE\8.0.1112\@PROGRAMFILES@\Gygan BETA\unrar.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP\Local Settings\Application Data\Xenocode\Sandbox\Gygan\0.6.1.7\2010.07.20T01.46\Native\STUBEXE\8.0.1112\@WINDIR@\explorer.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP\Local Settings\Application Data\Xenocode\Sandbox\Gygan\0.6.1.7\2010.07.20T01.46\Virtual\STUBEXE\8.0.1112\@PROGRAMFILES@\Gygan BETA\Gygan.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
***
Welcome to the forums, stevehawk90
Try using the free version of malwarebytes antimalware from the link below.
Download it, install it, update it, and then run the Quick Scan.
http://www.malwarebytes.org/mbam.php
Post the log results in this thread
.
***