We're a community of 1076K IT Pros here for help, advice, solutions, professional growth and fun. Join us!
1,075,745 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Start New Discussion Reply to this Discussion
Ad: Join Spiceworks today for free - all IT pros welcome!
1 Year Ago
0

Internet Explorer redirects Virus thread cannot be removed

I have spend over 10 hours trying to find a solution using the internet.
I have had McAfee virus removal team working on it for two days and they could not remove the virus in the thread. I ran Malwarebytes and DDS this did not remove the problem, can you help? I ran both tools in safe mode and Malwarebytes states that it removed all virus'. Here is my dds.txt

.
DDS (Ver_2011-06-03.01) - NTFSx86 NETWORK
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15
Run by HP_Administrator at 23:25:00 on 2011-06-04
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.641 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
.
============== Pseudo HJT Report ===============
.

Thank you for the help

Attachments attach.txt (24.39KB) mbam-log-2011-06-04_(23-01-36).txt (2.35KB)
3
Contributors
5
Replies
1 Hour
Discussion Span
1 Year Ago
Last Updated
6
Views
poorrich
Newbie Poster
3 posts since Jun 2011
Reputation Points: 10
Solved Threads: 0
Skill Endorsements: 0
Bal
Junior Poster
198 posts since Apr 2005
Reputation Points: 68
Solved Threads: 18
Skill Endorsements: 0
1 Year Ago
0

Hi and welcome to the Daniweb forums :).

==========

Please do not double post for the same problem and please do not attach logs as requested.
You need to also post the Gmer logs.
The log that you did post is incomplete, so you will have to repost it.
Tools should be run in normal mode unless the virus prevents you from doing so. This is especially true of MBA-M which needs to have its service running.
So basically, you have to start over :).

crunchie
Most Valuable Poster
Moderator
20,101 posts since Feb 2004
Reputation Points: 1,142
Solved Threads: 985
Skill Endorsements: 3
1 Year Ago
0

Did you do all this
http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/27570

Bal. That is an old thread. The one to do is the one he has been to already, but has not done it correctly.
Hopefully he will do so, so that we can clean him up.

crunchie
Most Valuable Poster
Moderator
20,101 posts since Feb 2004
Reputation Points: 1,142
Solved Threads: 985
Skill Endorsements: 3
1 Year Ago
0

Which one is current thread? old one should be removed.

Bal
Junior Poster
198 posts since Apr 2005
Reputation Points: 68
Solved Threads: 18
Skill Endorsements: 0
1 Year Ago
0

old one should be removed.

Sorry, I'll do it now.

crunchie
Most Valuable Poster
Moderator
20,101 posts since Feb 2004
Reputation Points: 1,142
Solved Threads: 985
Skill Endorsements: 3

This article has been dead for over three months: Start a new discussion instead

Post: Markdown Syntax: Formatting Help
 
You
Hardware and Software > Microsoft Windows > Viruses, Spyware and other Nasties
View similar articles that have also been tagged:
 
© 2013 DaniWeb® LLC
Page rendered in 0.0911 seconds using 2.94MB