Co-workers Personal Computer 1 of 2

les-james · Mar 1, 2010

I have a co-worker who shouldn't even be allowed to use a computer :-D. Anyway, after running every single step of the instructions prior to posting this thread, there is rootkit activity detected revealed by one of the scans. I am still having problems with browser re-directs, on page pop-up windows, IE opens and then closes immediately, etc... Windows XP Pro SP3. I have attached logs from the various scans. Thanks for any assistance.

les-james · Mar 1, 2010

Co-workers Personal Computer 2 of 2

Posting for additional logs from Malware Bytes... 2, 1 from before 1 from after. Thanks.

TimW · Mar 1, 2010

According to your newfiles log, there are a number of user profiles that had become corrupt for some reason.

Although Combo says it fixed a system file, I want you to do this to be certain:

* Please download TDSSKiller to your Desktop
* Extract its contents to your Desktop so that you have TDSSKiller.exe directly on your Desktop and not in any subfolder of the Desktop.
* Click Start > Run and copy/paste the following bold command into Run box and hit Enter.

"%userprofile%\Desktop\TDSSKiller.exe" -v

* Follow the instructions to type in "delete" when it asks you what to do when if finds something.
* When done, a log file should be created on your C: drive named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run. Please attach this log to your next reply.

Tell me what issues you still have.

Log in or Sign up

Co-workers Personal Computer 1 of 2

les-james Private E-2

Attached Files:

MGlogs.zip

RRlog.txt

ComboFix.txt

SUPERAntiSpyware Scan Log - 02-28-2010 - 21-41-31.log

les-james Private E-2

Attached Files:

mbam-log-2010-02-26 (14-41-45).txt

mbam-log-2010-02-26 (16-34-19).txt

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member