Recently, I was exposed to a malware infection, called System Tool, which displayed all sort of warnings etc. I thought it to be another run of the mill kind of malware that can be cleaned using the typical steps ... Booting in safe mode, running rkill followed by MalwareBytes, which did detect a few oddities and cleaned them.
When I rebooted the machine, I kept getting Internet Explorer error messages over and over, even when I was not running any Internet Explorer. I also noticed that my web pages were getting redirected to some other sites, while using IE8 as well as Firefox. The IE crash messages continued, and I observed the iExplore process being started periodically (even when I killed it manually). A few times, I heard audio advertisements as well as spontaneous Winamp restarts etc.
I have tried "Spybot search and destroy", "AdAware" and "HijackThis" so far. But nothing has detected anything that can fix what I am observing. Currently, I have renamed the "iExplore.exe" from "c:\Program Files\Internet Explorer" to something else to stop the auto starting of "internet Explorer" in the background. However, the web redirects are still there, both with ie8 and Firefox.
I saw mentions of Combofix in the past, and would like to give this a try. A couple of times I tried this in the past, Combofix just sat there, and appeared to be stuck forever. Not sure if this was because I had not disabled my Symantec Antivirus, or if there is some hardware incompatibility. But I would like to give this a try again. I am hoping that someone could assist me in this exercise, and also to decipher the ComboFix log file in case it is run to completion.
Thanks in advance,
Edited by hamluis, 13 January 2011 - 02:46 PM.
Moved from XP to Am I Infected ~ Hamluis.