root kti infection

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by PrivatePile-sir, Jul 30, 2010.

  1. PrivatePile-sir

    PrivatePile-sir Private E-2

    I think I may have a root kit infection. Here's whats going on.,
    after making some menue item changes for the system, reboot, and the system goes back to default.
    ex; changed control panel to in start menu to show as menu.
    IE8 home page keeps loading it's own pages, different everytime.
    shut down some services in admin tools, after reboot they are back on
    avast av, lavasoft ad-aware, system firewall.
    while running combofix, i get this message on screen;
    sed: can't read profiles.folder.dat
    sed: can't read appdata.folder.dat
    sed: can't read localappdata.folder.dat
    sed: can't read desktop.folder.dat
    sed: can't read startup.folder.dat

    started system this morning after following the README_FIRST sticky and completing the log files requested and IE8 asking for default permissions, after it had been set already yesterday.

    I used the file attachment icon above and sent the results of the scans, plz let me know if they did not come through.

    Thank you for your time and effort.
     

    Attached Files:

  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    I still need to see the log from rootrepeal if you were indeed able to run it, and most importantly, the C:\Mglogs.zip.
     
  3. PrivatePile-sir

    PrivatePile-sir Private E-2

    sorry, forgot the MGfile
     

    Attached Files:

  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    You mean your homepage keeps getting reset to a different website? I see your start page now is foxnews?

    Running from: c:\downloads\mgtools&fix\ComboFix.exe <--- Move combofix.exe directly onto your desktop where it needs to be.

    I am not seeing any malware in those logs.
     
  5. PrivatePile-sir

    PrivatePile-sir Private E-2


    this is the new combofix log.
     

    Attached Files:

  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Hello there. I didn't request another combofix log. I just asked that you move it to the desktop.

    I also asked you this question that you didn't answer.

    I am not seeing any malware in those logs.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds