Posted 06 August 2009 - 10:05 PM
Wife and daughter's computer. Wife reported web redirects about a week ago (I know I should have checked it, but...). Daughter clicked on a "click here to fix your computer" button.
System is WinXP SP3 with all windows updates. AVG Free 8.5 antivirus.
When I checked it a "security application" was running after bootup and could not be disabled. Task manager wouldn't run, background was a warning about using the application to protect your files etc...
Booted into safe mode. Downloaded Malwarebytes and ran it. The "security app" is gone, but Malwarebytes reports Trojan.TDSS is still there and it cannot remove it.
AVG reports Win32/Cryptor infecting 54 files and it cannot remove them.
I found a thread on Malwarebytes forum and followed along using couple of recommended tools:
However, without "adult supervision" my results weren't too good and I'm afraid I need some help.
The main symptoms appear to be gone or lurking, but I think I really need to clean these remaining problems up. (I could just reinstall Windows, but want to make sure I've tried everything first).
Any help graciously appreciated.