Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

YOUR SYSTEM IS INFECTED!


  • Please log in to reply

#1
whodatNo1

whodatNo1

    New Member

  • Member
  • Pip
  • 1 posts
Hello,

Win XP SP3 opsys.

I had the AV2010 virus and I thought I had cleaned everything up (using info from other posts at GtG). When I started up after doing some cleaning, after entering the user and user p/w at the Welcome screen, I get a green screen with huge black letters saying, "YOUR SYSTEM IS INFECTED!".

WHATS INTERESTING IS THAT, IF I LOG ON AS THE OTHER USER (at the Windows Welcome prompt), I DO NOT GET THE "INFECTION" NOTICE!

First, I deleted about 2bg of temp files.

Then I used ERUNT to backup the registry.

I then scanned using MalwareBytes which found eight infections. Restarted. -> Still get "infected" wallpaper.

I scanned with SuperAntiSpyware and it found 2 problems in the registry; both "Browser HIjacker Internet Explorer Zone Hijacker. SAS quarantined the two items. Restarted -> Still get "infected" wallpaper.

I have just completed a GMER scan and I've attached the log.

I copy/pasted the GMER log file below. Please help. I've been at this for a week and at/near wit's end.

Best,
Bill

Log File
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-15 05:23:19
Windows 5.1.2600 Service Pack 3
Running: 9mbv40cw_thisis gmer.exe; Driver: C:\DOCUME~1\Bill\LOCALS~1\Temp\pxtdapow.sys


---- System - GMER 1.0.15 ----

SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xAE5B70B0]

---- EOF - GMER 1.0.15 ----
  • 0

Advertisements


#2
Extremeboy

Extremeboy

    Malware Removal Staff

  • Retired Staff
  • 824 posts
Please Click here!, and follow the recommendations in the guide.

Someone will be along to tell you what steps to take after you post the contents of the scan results.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP