Posted 08 December 2010 - 05:03 PM
I'll try to keep this short but to the point with the important info. Thanks in advance to any help anyone can lend.
Windows XP operating system.
In the past week my wife got hit twice with some form of Malware while surfing the net. I wasn't home the first time but the neighbor helped her get it off. It looked like a McAfee scan she said but she didn't click on it but it pretty much shut her out and the neighbor tossed some things out in safemode.
The second time I was around and it was HDD Scanner. It installed itself into the toolbar and on the desktop and said it was critical to run a scan. Of course we didn't but it again shut us down and the neighbor tossed this out in safe mode using the task manager and deleted all temporary files.
Everything seemed ok but I couldn't get anything to appear with one of the user accounts. We ended up deleting that user account.
Since then I have run scans with Spbot S &D, McAfee Anti-Virus, Super Anti-Spyware, Windows Defender and Malwarebytes. Each found bad things except Defender which came up empty. I also ran an old scan of CWshredder for good measure and that found a couple things too. Then today I saw something about stopzilla and I ran that and it found a lot more but then it wanted credit card info for payment to take it all off and I was worried it might be a scam and stopped there.
After running all these things I am now getting constant popups from "Microsoft Development Envirnment". I can not get anything to appear on another user account now either.
I then decided to do a system restore back to earlier this fall but that failed. I then created a new user account but didn't let it set up yet.
I went back into safe mode and started another Malwarebytes scan. It showed "rootkit.td" and cleaned and removed it when it restarted. II am not scanning again with Superantispyware in safe mode.
I am at a loss for what to do. Any help will be much appreciated.
I printed the results of the first malwarebyes scan and have that with me. I also wrote down what the stopzilla scan supposedly found.