I think I have a malware problem. Observed symptoms:
1) Can't edit registry or access DOS prompt. When I use the "run" option of the start menu to run "regedit" or "cmd", the only thing that happens is that the task bar disappears for 2-3 sec, and then returns. I could access these programs last week, so I don't think it's a configuration/policy issue.
2) Can't update anti-virus program databases. The programs report a "couldn't update, make sure you're connected to the internet and try again" message.
3) Intermittent redirection to random website. When clicking on a link (e.g. from a google search), I go to a web page that has nothing to do with what the link indicates. When I go back and retry, I usually reach the desired page. NOTE: After research, I have disabled my DNS client service on the suspect PC, and have not seen this happen since then.
I have disconnected the PC from my home network, and have copied all important data (e.g. pictures) to the secondary hard drive and disconnected that hard drive from the motherboard. I am transferring files to/from the quarrantined PC via USB memory stick.
Since suspecting the infection, I have run the following programs to attempt to diagnose the problem. Unless otherwise noted, the program reported that it did not find any problems.
* ClamWin (this was the only program installed at the time of infection)
* AVG
* TrendMicro HouseCall (it reported an infection, but terminated during its clean-up phase)
* TrendMicro "sysclean.com" (it reported an infection, but terminated during its clean-up phase)
* MalwareBytes Anit-Malware (it reported that I had some invalid entries in my hosts file, but I believe that these were entries entered by Spybot to redirect known bad host names to 127.0.0.1.)
* AdAware
* Spybot S&D
* Avast
* SuperAnitSpyware
When scanning, I made sure that all the other programs were disabled before starting the scan. I understand they can sometimes interfere with each other.
Per the forum ground rules, I have performed the requested 8-step program before posting. (hopefully I did it correctly)
I could not confirm my java version as recommended. Every time I tried to go to the specified web page, I would be redirected to a different page. (don't recall the URL) I know that I recently removed all Java on my PC and then installed the latest version from Sun's website. (Java 6 Update 13, according to my list of installed programs)
Thanks in advance for any help.
----tom
1) Can't edit registry or access DOS prompt. When I use the "run" option of the start menu to run "regedit" or "cmd", the only thing that happens is that the task bar disappears for 2-3 sec, and then returns. I could access these programs last week, so I don't think it's a configuration/policy issue.
2) Can't update anti-virus program databases. The programs report a "couldn't update, make sure you're connected to the internet and try again" message.
3) Intermittent redirection to random website. When clicking on a link (e.g. from a google search), I go to a web page that has nothing to do with what the link indicates. When I go back and retry, I usually reach the desired page. NOTE: After research, I have disabled my DNS client service on the suspect PC, and have not seen this happen since then.
I have disconnected the PC from my home network, and have copied all important data (e.g. pictures) to the secondary hard drive and disconnected that hard drive from the motherboard. I am transferring files to/from the quarrantined PC via USB memory stick.
Since suspecting the infection, I have run the following programs to attempt to diagnose the problem. Unless otherwise noted, the program reported that it did not find any problems.
* ClamWin (this was the only program installed at the time of infection)
* AVG
* TrendMicro HouseCall (it reported an infection, but terminated during its clean-up phase)
* TrendMicro "sysclean.com" (it reported an infection, but terminated during its clean-up phase)
* MalwareBytes Anit-Malware (it reported that I had some invalid entries in my hosts file, but I believe that these were entries entered by Spybot to redirect known bad host names to 127.0.0.1.)
* AdAware
* Spybot S&D
* Avast
* SuperAnitSpyware
When scanning, I made sure that all the other programs were disabled before starting the scan. I understand they can sometimes interfere with each other.
Per the forum ground rules, I have performed the requested 8-step program before posting. (hopefully I did it correctly)
I could not confirm my java version as recommended. Every time I tried to go to the specified web page, I would be redirected to a different page. (don't recall the URL) I know that I recently removed all Java on my PC and then installed the latest version from Sun's website. (Java 6 Update 13, according to my list of installed programs)
Thanks in advance for any help.
----tom