03-23-2012 03:58 AM
Lets check for required system files and MBR carefully first so if something gets removed I know what I have to replace before I check for things like Java to be on the safe side.
Please read carefully and follow these steps.
Download TDSSKiller hxxp://support.kaspersky.com/downloads/utils/tdsskill
doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please attach the log in the post back
Please download aswMBR hxxp://public.avast.com/~gmerek/aswMBR.exe to your desktop. (replace the hxxp with http)
Double click the aswMBR.exe icon to run it
it will ask to download extra definitions - ALLOW IT
Click the Scan button to start the scan
On completion of the scan, click the save log button, save it to your desktop and Please attach the log in the post back
03-25-2012 07:05 AM
Quads, Tried for past 2 days. Cannot get the first URL to download. Keep getting a 404 error. Did get the 2nd to DL, but hesitated to run it until I ran the 1st one. Can/should they be run in reverse order?
04-13-2012 06:14 PM
I had the same problem and after running multiple scans, full scans, erasing my IE history daily, it was obvious there was malware involved, that neither Norton Internet Security 2012 nor Norton Power Eraser was finding multiple times. A friend of mine suggested Viprerescue, which is a free download, even to non-subscribers--unlike Norton's malware removal, which charges $100 for its not doing its job.
Vipre took a very long time, but after a scan of 4-5 hours it quarantined a trojan from 2009/2010 called "Trojan.Win32.Generic!BT." From what I can tell, the problem is fixed. I don't know, of course, what damage may have been done while Norton was sleeping at the switch-- whether it was able to keylog my userid/pw, and credit card numbers. I'm probably going to change Internet Security subscriptions when my sub expires.