Hello to the distinguished community. I am a new member joining because of the desperate need to learn how to fight this constantly increasing annoyance of hackers/malware/viruses.. you know what I am talking about.
I am posting this here while I am sure others have had similar experience from which I have taken notice and performed the following actions based on your recommendations.
Now this has happened to me twice, only in the second time, I did not want to go through re-formating and re-installing my laptop all over again as I did in the first time, and so I wanted to learn what it is that's causing this, how to clean it and mostly, how to protect it at least for a while so I can get back to work...
It started with a sudden blue screen on my XP-SP2 running PC, and after a few failed attempts to re-boot it, I went for the F8 option - safe mode - which returned a blue screen immediately...
Until the normal boot option worked - for some reason.
Then my PC became sluggish and went up to 100% I noticed that some services such as the MacAfee won't start and some of the privileges were taken away... and some of the folders got hidden from the system. Only by running the Rootkit Revealer, did I get what was going on in my system. Horrible. These guys made my PC a ghost hub for illegal SW (I can put a snap shot but you can also see it in the combo fix log).
To cut the story short, I spent the whole day yesterday reading in forums such as this one, and took actions. The problem is that none of the executable files would run as I'd get "... not a win32 application.." message when I tried to run it, SO I had to joggle between two computers on an internal network to finally download the files (ComboFix and HijackThis) and only by changing their names and then copying it to the infected computer was I able to run them (I think better correct the Combofix Guide to include this step).
So after cleaning these files, PC seems to be better but I don't want to connect it to the internet as of yet because: A: The MacAfee still won't run (I can't start the MacShield service) and B. How do I protect my loopholes? If it happened, it could happen again although I am using the Checkpoint Secure client, the windows firewall and Macafee (which is not working...).
I can post the logs if you wish, but please let me know ASAP what I can do to block the whole through which this thing came...
Thanks a lot!
Edited by gedit, 23 May 2008 - 09:19 AM.