Posted 20 January 2010 - 02:25 AM
A couple of days ago I experienced the browser random redirect problem (referred to by other posters here and elsewhere) when clicking on search results from Google.com as well as random pop-ups. I then left town for a couple of days, but on returning last night, had the same problem. Full scan by Norton 360 did not appear to pick up anything but I wanted to get rid of the problem as I feared the my system (Lenovo T61 running XP Pro) might be compromised. E-mail and Advanced Sonar Settings on Norton 360 had been switched off and could not be turned back on. Norton's One Click Support attempted to autoload on many occasions but never completed. I only had N360 and Spyware Doctor & Spyware Blaster loaded on my computer, though I can't remember if Windows Defender firewall was also active. (This whole crisis has proven disorienting, so I apologize for the lack of details and hope someone can aid me even given the scant details)
I had no problem accessing regedit (as some other posters reported) and ipconfig did not appear to indicate a problem with the DNS or ip settings on my computer.
Hoping to identify the source of the problem through internet research on my spouse's laptop, and figuring 360 might not be working correctly, I downloaded Malwarebytes. After a full scan using this and the Windows Live online scan, followed by a full 3-hour scan by Avast (which I also downloaded) my system was found to contain a variety of malware and viruses. As best I can recall, they included (in rough order of diagnosis):
CoreGuard Antivirus 2009
I also received error messages saying that there was an error loading "Windows/System32/johirija.dll" -- Specific module not found
At some point this morning, the wallpaper on my PC changed to the ugly green with the "Your System is Infected!" text, urging me to click on the pop-ups. My tray also contained the red circle with white X masquerading as a spyware solution, but I believe I steered clear of it.
At any rate, when Spyware Blaster found 20+ harmful threats, it took care of all but three but said a reboot was necessary to rid the rest. I first let the Avast scan run as well, and it identified several more threats and also requested a reboot. I was very worried about whether my computer would indeed reboot and so also took steps (suggested in one of the dozens of posts I read) to rename several apparently random-named files in my C:\ main directory. One of these files (nqvkiv.exe) was identified and quarantined by Avast. Hoping to rid every last remnant of contamination, I also (perhaps foolishly) decided to try renaming the other four (ygjst.exe ahhf.exe ajeesil.exe and auhbifch.exe) and then subsequently decided to send them to the recycling bin.
I then allowed Avast to reboot and since then, have not been able to boot my system. Not in Safe Mode, Not in Normal Mode, Not using Last Known Good Configuration.
Safe Mode only gives me a scrolling list of files in the System directory, and Normal or Last Known config boot with the Blue Screen. If it helps, the error message provides the following Technical Information:
*** STOP: 0X0000007B 0XF78BC524 0XC0000034 0X00000000 0X00000000
I would be exceedingly and eternally grateful to anyone who can come up with a means of helping me to reboot. Please help!