Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

I've Been Infected! "http://url[dot]urtbk[dot]com"

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

I've Been Infected! "http://url[dot]urtbk[dot]com"

Unread postby Shane284 » February 17th, 2010, 6:59 pm

Hello Malware community,

My computer has recently been infected with spyware, I receive a warning from my third party security software (Trend Micro) when I search websites on firefox, The warning displays "http://url[dot]urtbk[dot]com" even tho I haven't been redirected to that site. I came here to hopefully get this problem resolved.
I did a scan with "Malwarebytes' Anti-Malware" results below,

Malwarebytes' Anti-Malware 1.44
Database version: 3753
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2/18/2010 9:24:58 AM
mbam-log-2010-02-18 (09-24-54).txt

Scan type: Full Scan (C:\|F:\|)
Objects scanned: 224864
Time elapsed: 1 hour(s), 7 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{fe5b2d9d-91b0-b04b-ac20-14a260769687} (Adware.ColorSoft) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\feym6ia (Adware.AdRotator) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Shane Frazz\Desktop\keygen-Windows.exe (Malware.Tool) -> No action taken.
C:\Documents and Settings\Shane Frazz\Local Settings\Temp\ldm1.exe (Adware.Agent) -> No action taken.
C:\Documents and Settings\Shane Frazz\My Documents\My Music\TMPGEnc Authoring Works\keygen.exe (Malware.Packer.Gen) -> No action taken.
C:\WINDOWS\system32\FeyM6iA.exe (Adware.AdRotator) -> No action taken.
F:\TMPG DVD Maker\keygen.exe (Malware.Packer.Gen) -> No action taken.

Help would be greatly appreciated, thank you!
Active Member
Posts: 9
Joined: February 17th, 2010, 6:50 pm
Register to Remove

Re: I've Been Infected! "http://url[dot]urtbk[dot]com"

Unread postby NonSuch » February 18th, 2010, 1:30 am

In order for us to help you it is necessary that you provide us with a HijackThis log. Please follow the guideline at the link below to start a new topic and post your HijackThis log by pasting it into your post. Do not utilize attachments.

This topic is now closed. Please start a new topic by following the HijackThis Guideline posted here: >Guideline for posting your HijackThis log<
User avatar
Posts: 27577
Joined: February 23rd, 2005, 7:08 am
Location: California

  • Similar Topics
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!

Who is online

Users browsing this forum: No registered users and 61 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware