954,249 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Have something to say? Contribute New Article Reply to this Article
11 Months Ago
0

Internet Explorer redirects Virus thread cannot be removed

I have spend over 10 hours trying to find a solution using the internet.
I have had McAfee virus removal team working on it for two days and they could not remove the virus in the thread. I ran Malwarebytes and DDS this did not remove the problem, can you help? I ran both tools in safe mode and Malwarebytes states that it removed all virus'. Here is my dds.txt

.
DDS (Ver_2011-06-03.01) - NTFSx86 NETWORK
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15
Run by HP_Administrator at 23:25:00 on 2011-06-04
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.641 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
.
============== Pseudo HJT Report ===============
.

Thank you for the help

Attachments attach.txt (24.39KB) mbam-log-2011-06-04_(23-01-36).txt (2.35KB)
poorrich
Newbie Poster
3 posts since Jun 2011
Reputation Points: 10
Solved Threads: 0
 
Bal
Junior Poster
198 posts since Apr 2005
Reputation Points: 68
Solved Threads: 18
 
11 Months Ago
0

Hi and welcome to the Daniweb forums :).

==========

Please do not double post for the same problem and please do not attach logs as requested.
You need to also post the Gmer logs.
The log that you did post is incomplete, so you will have to repost it.
Tools should be run in normal mode unless the virus prevents you from doing so. This is especially true of MBA-M which needs to have its service running.
So basically, you have to start over :).

crunchie
Most Valuable Poster
Moderator
20,095 posts since Feb 2004
Reputation Points: 1,142
Solved Threads: 985
 
11 Months Ago
0
Did you do all this
http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/27570


Bal. That is an old thread. The one to do is the one he has been to already, but has not done it correctly.
Hopefully he will do so, so that we can clean him up.

crunchie
Most Valuable Poster
Moderator
20,095 posts since Feb 2004
Reputation Points: 1,142
Solved Threads: 985
 
11 Months Ago
0

Which one is current thread? old one should be removed.

Bal
Junior Poster
198 posts since Apr 2005
Reputation Points: 68
Solved Threads: 18
 
11 Months Ago
0
old one should be removed.

Sorry, I'll do it now.

crunchie
Most Valuable Poster
Moderator
20,095 posts since Feb 2004
Reputation Points: 1,142
Solved Threads: 985
 

This article has been dead for over three months

Post: Markdown Syntax: Formatting Help
You
View similar articles that have also been tagged:
 
© 2012 DaniWeb® LLC
Home | About Us | Contact Us | Terms of Service | Advertising Opportunities
RSS Feed RSS Feed