Inactive Search Engine links hijacked

Status
Not open for further replies.
R

restech

Hello, I normally like to figure things out on my own but this has really stumped me.

also please don't tell me to run combofix as i have tried safemode and normal mode with rkill and exehelper to run combofix and it would simply sit at the scanning screen, for hours on end and never complete. Anyway here are log files from hijack this

[HJT log removed - Broni]
 
Welcome aboard
yahooo.gif


Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
First id like to say i ran MWB, Spybot, McAfee, Prevx, and Super anti spyware all until they came back clean. CCleaner was also run which removes temporary files etc.

Combofix would not run. tried in safemode, and normal mode. Ran rkill and exehelper, neither would help combofix to run, it gets to the scanning and just hangs.

MWB Log:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6485

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

5/5/2011 1:07:56 PM
mbam-log-2011-05-05 (13-07-56).txt

Scan type: Quick scan
Objects scanned: 203524
Time elapsed: 20 minute(s), 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


GMER Log:
GMER 1.0.15.15627 - http://www.gmer.net
Rootkit quick scan 2011-05-05 12:46:48
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST9160821AS rev.3.ALC
Running: ncei27rg.exe; Driver: C:\Users\angela\AppData\Local\Temp\pwdiqpow.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwMapViewOfSection [0x88650098]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwTerminateProcess [0x886500C2]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0x886500AE]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwYieldExecution [0x88650084]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtMapViewOfSection

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Tcp mfewfpk.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Udp mfewfpk.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----


DDS log: computer froze, will post when i get the log file.
 
Status
Not open for further replies.

Similar threads

E
GPU Driver or Hardware Issue?
Replies
8
Views
3K
Kshipper
Kshipper
L
Solved Notepad running when it should not
2
Replies
32
Views
5K
Broni
Broni
Julio Franco
In Super Mario Run criticism, analysts and F2P gamers forget that the game's quality is what matters
Replies
22
Views
2K
Makson
Makson

Latest posts

Back