Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.
1 - 3 of 3 Posts

·
Registered
Joined
·
4 Posts
Discussion Starter · #1 ·
I am writing to request for help with some spyware/malware on our computer running Windows XP SP3.

Some of the major symptoms are:

1. Whenever Internet Explorer is opened, it immediately crashes with an error signature such as:
Appname: iexplore.exe Appver:7.0.6000.16705 ModName: entapi.dll
Mod/ver: 8.0.0.240 offset:0000368

2. Whenever we use Firefox do a google search the result link is redirected to another website. For example, the top result of the search for hijack this is redirected to
http://go.google.com/?u=Qu3CZzPQvSI...GkDysKI_TRAAjoSuckloNe=s?php.c/711.691.111.46

I have run adaware, spybot, avg anti-virus and ccleaner on the computer and although these tools have removed a lot of ad cookies and some bad registry entries such as
‘HKEY_users\S-1-5-21-927213679-3701-77400-4173190044-1006\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges’; the core problem remains.

After reading the posts on this list, I believe the best option is for the experts to review the hijackthis logs, so I have run the utility and attached the logs with this email.

Any help you can provide is much appreciated.

Thanks much.
 

Attachments

·
Registered
Joined
·
4 Posts
Discussion Starter · #2 ·
Ok, I read some more posts on this list and gathered that one of the recommended actions was to run Malwarebytes Anti-Malware, which I did. To my pleasant surprise, the software did catch and clean a lot of threats. Attached is the log file before cleaning.

Now IE does start without crashing, but as soon as it opens it is redirected to some spam website. This is despite the fact that the home page is set to google. So that tells me that the malware is still residing on my system somewhere.

I re-ran hijack this after running ‘Malwarebytes Anti-Malware’ and have attached the latest logs.

Looking for some expert guidance ... help is appreciated.

Thanks
 

Attachments

1 - 3 of 3 Posts
Status
Not open for further replies.
Top