Nasty Little Bugger

Good Day,

Well it finally happened to me. Somewhere I picked up a nasty and it is proving to be very difficult to deal with.

Symptoms: svchost errors on bootup (multiple), color change on taskbar, browser redirects, etc.

Using Symantec Corporate A/v, it was up to date and shows nothing on a full scan.

Downloaded and installed Malwarebytes and Spybot, however cannot run in normal or safemode. I was able to get around that problem by renaming the exe files and got malwarebytes to run, it showed two problems and appeared to deal with them. Spybot will run but can't do update so will not do a scan.

DHCPnameserver entries changed in Hkey_local_machine\system\ControlSets 001,2 and current\services\tcpip\parameters and interfaces. Changed them back and appear to stay where they should, however browser redirects and svchost errors persist.

So before I do a "Format C:", I thought I would seek advice here. Any advice will be greatly appreciated as there is a lot of stuff on this notebook and a rebuild will be a lot of time, although considering the time spent so far!!

Well off to try ComboFix.

Regards,
LL

 

Okay, was able to install and run Combofix, and so far so good. Have not rebooted since Combofix finished but I am now able to d/l the spybot updates and am in the process of running Spybot.

All other symptoms appear to be gone for now, will update progress or lack of, if anyone is interested.

Cheers,
LL

 

All appears to be well. Ran Spybot and it found 121 entries which were removed without incident. Ran malwarebytes and it found nothing. Rebooted and all appears normal, no svchost error, browser working fine,etc.

So it would appear that Combofix was able to clean things up.

Thanks to Major Geeks for pointing me to Combofix, had not heard of it before.

Cheers,
LL

PS. I hope this isn't considered a bump, I just wanted to pass along my apparent success.