i'm running windows XP home and ran into some trouble last night. avira suddenly announced i had some trojans, so i ran malwarebytes and it detected a bunch of rootkit nasties + more. so i cleaned them out and rebooted. but the computer ran very slowly and still had obvious problems and could not run malwarebytes again. i ran combofix and that didn't seem to do the trick either. my alarm bells started to ring when i began to get stop error screens, "DRIVER_IRQL_NOT_LESS_OR_EQUAL," when trying to run malwarebytes or open any combination of programs. freezes, crashes, etc.
so i tried a system restore and that seems to have fixed the blue screen of death problems and some of the performance issues. some programs are still running a bit slow and tentative - i'm running a malwarebytes full scan now and it has taken over 2 hrs to scan 55,000 files (no infections found yet) - but other programs seem to work fine.
however, my firefox and IE have been totally disabled. double clicking them from the desktop does nothing, no windows open. my connection is ok because i'm able to access email from outlook express just fine.
i followed the advice of another thread here and ran rkill.com, but it didn't report finding anything to terminate and firefox and IE still do not open (i haven't rebooted yet though, is that necesary?)
i don't see anything out of the ordinary running in my task manager, and nothing that doesn't seem to belong in my msconfig startups.
i did find a string of entries called "services" in my windows firewall list of exceptions that i'm almost certain don't belong. i uncheck them and delete the entries, but they always return on reboot.
still running this very slow malwarebytes scan which may take all day..... but please let me know what else i should be trying! thanks!
UPDATE: after several hours, the MBAM full scan did not finish, i got an abrupt blue screen of death, the same as before: "DRIVER_IRQL_NOT_LESS_OR_EQUAL." MBAM had until then found no infections. on reboot, the computer would not start: i got an hourglass on the screen with green bars animating behind it, sort of like in "the matrix."
UPDATE: in safe mode, MBAM and superantispyware scan totally clean. i downloaded and ran "unhackme," which said it located and removed a rootkit on startup. but i am still having problems. IE and firefox still will not open. a series of "services" still appears in my windows firewall list of exceptions every time i reboot even after deleting them all. the computer's hard drive light flashes at all times, whether or not i am doing anything.
UPDATE: according to the BSOD's, the driver causing problems was NDSIS.SYS. so i replaced the windows32 version one with the one in my service pack files. but still have problems. still no IE or firefox, same issues as before. following instructions from other threads again, i ran combofix again, which detected an MBR rootkit. i ran "MBR.exe -f" as instructed but it did not appear to solve anything after rebooting. then, running GMER, the computer abruptly reset itself. i'm kind of at my limit here now, please can anyone help???
Edited by apriljapan, 06 March 2010 - 05:29 AM.