Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Strange Malware hijacks IE, cmd.exe et. al; cannot identify


  • Please log in to reply
2 replies to this topic

#1 superhighgain

superhighgain

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:17 AM

Posted 25 March 2009 - 04:35 PM

I'm usually good at tracking these things down, but this one's got me stumped:

The HJT log doesn't yield anything - the same 4 or 5 entries I've always had and they're all verified legit.

MalwareBytes did not detect anything even on full scan.

Spybot S&D totally updated did not detect anything.

Ran VundoFix and VirtumondeBeGone - Nothing.

Symptoms:

IE shuts down or redirects when I try to go to anti-virus sites (even bleepingcomputer) - It usually takes me to some totally unrelated sites like womansday.com, bankingmyway.com, freestuff.com, etc.

Applications will randomly shut down.

Trying to use cmd.exe usually restarts explorer.exe and I lose most or all of running programs.

Windows Update freezes at the screen where it tries to find out what version of software I am using.

The DDS.scr does not run successfully - I just see a cmd box quickly open and disappear. I have ran the program successfully on other computers.

I keep this computer very clean and use it only for business and am very careful about attachments, scripts and executables. I don't really know how this happened.

Any direction and/or help much appreciated.

Superhighgain

BC AdBot (Login to Remove)

 


#2 superhighgain

superhighgain
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:17 AM

Posted 25 March 2009 - 04:53 PM

As an update, I also get autosuggestion drop-down box and sysfader errors when I try to shut down windows (this is xp, btw).

Again, any help or direction much appreciated,
Superhighgain

#3 superhighgain

superhighgain
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:17 AM

Posted 25 March 2009 - 10:57 PM

I think next time I'll create a login name like "Mary Ann" or "Naomi".

Still no progress figuring out what I got.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users