Posted 02 November 2011 - 09:31 AM
hello, computer is a
Windows Vista Home Premium, Service Pack 1.
4 GB ram.
AMD phenom 9550 Quad-core processor 2.20 Ghz
2 days ago parents allowed access to something,
it then hid the desktop and start menu etc in some temp folder.
came up with 20+ overlapping warning boxes on the desktop
came up with warnings on the taskbar saying clusters are broken. typical malware symptoms.
anyway, i have removed malware before a few times, using Rkill and Malwarebytes, and this proved successful this time. i thought.
but then, with every click from google's searches i would be redirected to other websites, internet explorer pop ups would come on the desktop when IE was not running. even adverts "sounds" were coming through my speakers but not to be seen.
this has never happened before when i have removed malware. this, to me, seems different.
to try to rid of this redirection, i downloaded ccleaner, did a disc clean, reset internet options.. but it didn't work.
finally, i used combofix (don't have logs), it didn't really do anything of note except when it restarted my computer it loaded with a worrying "hard drive failure is imminent..." press F2 to continue..
when it loaded up, combo fix flashed a a lot of times, overlapping itself and took a while to go down. it did, i uninstalled, and started to back up my files. when i had backed them up. I used recovery discs i created ages ago to recover and send it to factory settings.
now when i try to restore my files i am greeted with a runtime error about 5% in, "This application has requested the Runtime to terminate it in an unusual way"
i don't have any logs from MBAM/combofix/rkill because i thought it would be a routine malware removal thing. so i know i have hindered myself a few times here
the computer looks new now, at it's factory setting. i dreaded the rootkit "thing" but figured i should start up this first. as i know nothing of rootkits.
any help would be so appreciated.