My name is Lane and I'm a 27 year old electrical engineer. I can usually solve my own malware problems, but this one has me stumped. This is on my work computer, so my normal login account has limited privileges, but I do have a local administrator login so I can install software. I won't give you a pile of excuses about how this shouldn't have happened. Obviously, I went somewhere or opened something I shouldn't have, although I usually only read through automotive message boards when I have downtime, and I haven't had anything out of the ordinary happen over the last couple of days.. Who knows..
Ok, down to business. I've been getting pop-ups that mainly advertise spyware/malware removal software. Happens in both IE and Firefox and seems to increase frequency with the speed that I maneuver to different websites. I tried malwarebytes. It didn't find anything. Spybot found 90 something "infections" and after it did its cleanup I seemed popup free, at least for the last half of the day. Well this morning the popups are back, and I have a startup error (don't know if it's relevant or not) saying that netshone.dll can't be detected in the documents and settings\myname\local settings\temp (I cleared this out after my antivirus program started detected trojans in the temp/temporary internet file folders).
I have attached DSS logs and a hijackthis log that I ran from my local administrator account. RootRepeal gives me an error every time I run it saying that it's having a Decompression error (5)! so I don't have logs for it.
Any help is greatly appreciated.
Finally got RootRepeal.exe to run on my administrator account. Here's the log.
Thanks for looking
Merged posts. ~ OB
Edited by Orange Blossom, 27 January 2010 - 10:08 PM.