re-running now in normal mode, will post fresh logs when complete!
Last night i (stupidly) downloaded an executable and ran it, mcafee enterprise (work provided for me to install at home) immediately picked up a virus but by that stage it was too late
now all my google searches are redirected through some website called ecta.info (regardless of the browser being used) in addition when i load IE mcafee detects a bufferoverflow exploit and logs it
I also noticed some strange autoplay files appearing on ALL my fixed drives (resycled hidden file, boot.com hidden file), thankfully I've managed to remove those last night following these instructions (refer to post 25, I didn't use malware bytes though managed to nuke them through safe-mode and command prompt): http://www.precisesecurity.com/blogs/2008/...esycledbootcom/
The computer has been disconnected from the internet since I discovered the exploit, ive just downloaded and install malwarebytes anti-malware from another machine, copied to usb and and run it on the infected machine and its found a file called iamfamous.dll in firefox components and deleted it
All these fixes have been in safe-mode
Here is the log from malware bytes:
this issue also looks very very similar:
any help would be very highly appreciated!
Edited by guido_hat, 14 January 2009 - 11:00 PM.