Hi. This all started Friday with the dreaded Google Links Hijacked/Redirect mess. Now I have more problems. I've followed the directions in the Homeusers' malware troubleshooting doc. I'm in the process of running Stinger now, but I know I have a problem with winlogon.exe. Is this the virus that's running "Defense Center" and keeps asking me to uninstall McAfee's? What's responsible for the pornographic shortcuts appearing on my desktop?!
I writing now b/c I wasn't able to access the internet in normal mode, but I'm able to access in Safe Mode. When Stinger is done, I will run the malware program suggested in an earlier post. I'm posting my Safe Mode Scan results and Stinger Log now, in case I can't access the internet after rebooting. I can check this discussion on my PC (it's my laptop that's infected). Also, connected with this virus (?), I was unable to access Windows Update, but MS has sent me instructions, which I have yet to do.
Superantispyware found and removed a lot of stuff, but it didn't solve any problems.
I'll post again after Stinger runs and I run the malware program. Any and all help is much appreciated!! Dave
McAfee® Stinger Version 10.0.1.934 built on Jul 2 2010
Copyright © 2010 McAfee, Inc. All Rights Reserved.
Virus data file v1000 created on Jul 2 2010.
Ready to scan for 3659 viruses, trojans and variants.
Scan initiated on Sat Jul 10 14:59:22 2010
Found the Spy-Agent.bw.gen!mem trojan !!!
C:\WINDOWS\system32\winlogon.exe could not be repaired.
Number of clean files: 304404
Number of Trojans: 1
OK. Malware found 13 items, but "some items couldn't be removed"). I can access the internet on my laptop, my desktop is back to normal (proper resolution, colors, etc.), and I don't see the Defense Center nonsense. BUT, none of my shortcuts work, and, even if I try to open a program or tool from the start menu, I get prompted with "open with" and a list of programs, like Adobe, IE, etc. Even on the Malware program I just downloaded. And, McAfee's didn't open and run automatically. I was able to get that open from the start menu. And, lastly, I still have the Google Hijack/Redirect problem. Any suggestions? Please... DaveMessage was edited by: dcblawdog on 7/10/10 4:06:11 PM CDT
I found a fix for troubles running .exe files, and I ran TDSSKiller, rebooted, and everything seems to be OK now. Even the Google Redirect issue. Uh...thanks for the help.
I know you all are volunteer moderators, and I appreciate the help when needed, but in case Big Brother McAfee is listening, given the bad DAT file episode a few months ago, and now this fiasco, I'm seriously questioning my loyalty to McAfee.
When you run www.malwarebytes.org (http://www.malwarebytes.org) as Tom suggests and www.superantispyware.com (http://www.superantispyware.com) both of which are free and catches a lot of stuff. You should download these to a usb stick and I suggest you rename the download files and installation folders to something you can easily remember as virus are written to protect themselves. When you rename the programs you can usually get them installed as they do not pose a threat. Check for updates and run the program and let it clean everything it finds and reboot the computer. Do the same for the other program and reboot again.
(Above cut from a post by Tom)
No 1 program is 100% effective so I use mcafee with these two to ensure full coverage. If they find anything upload the file to Mcafee and the malware doc says it will assist mcafee in improving its coverage.Message was edited by: Peacekeeper on 11/07/10 3:18:49 PM
I don't know what malware program you were using but Malwarebytes is a good one and it is free. Go to www.malwarebytes.org and download and install it. Check for the latest updates and run the program and let it clean everything it finds.