TechSpot

Have run the 8 steps with no luck, logs included

By Jace0207
Jan 10, 2010
  1. So I got the fake Windows security pop-ups on Friday night. I also get the google redirect when searching. I ran thru the 8 steps after coming here for advice on how to get Malware bytes to run by renaming it. Same thing with Superantispyware.

    I had to run thru the 8 steps in safe mode though, don't know if that makes a difference. My computer goes to a blank screen if I try to boot up normally. I get a mouse cursor I can move around but the display is just black. I tried starting in VGA mode and that did no good. I tried to change the resolution in safe mode and re-boot that also didn't work. I tried to change the monitor refresh rate in the display settings, but it is set to "Hardware default setting".

    I suspect since the malware keeps opening IE that this has something to do with the display problem. I notice it listed as IEXPLORER.exe in my task manager. I often get the error message that IE is not working properly and is shutting down also. I use Firefox so there is no reason for IE to be active. I sure hope someone can help. I have some computer skills, but this is beyond me.
     

    Attached Files:

  2. Tmagic650

    Tmagic650 TS Ambassador Posts: 17,244   +234

    Delete and quarantine the items in the Mbam log!

    Download and run Combofix HERE


    With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.

    Important! Save the renamed download to your desktop.
    Please disable all security programs, such as antiviruses, antispywares, and firewalls. Also disable your internet connection.
    Double click on Combo-Fix.exe and Run- follow the prompts.
    (Understand that things like your system clock changing and your desktop disappearing might happen. Do not worry, because all will be restored later.)
    Wait for the scan to be completed.
    If it requires a reboot, please do it.
    • After the scan has completed entirely, please post the log here. The log will be located at C:\ComboFix(.txt)

    Notes:
    1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
    3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
    4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
    Then rescan with HijackThis.
    Attach Combofix report and new HijackThis log to next reply.
     
  3. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Jace, are you still having the problem? It appears that you have a Rootkit malware infection. Please let me know what your status is.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...