![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Do I still have malware on my computer or did it alter a setting affecting internet requests?
Last night I downloaded a file that apparently had some sort of malware in it. I believe it was a rar or zip file and when I tried to decompress it, I knew something was wrong and tried to shut it down. Something is now opening blank Internet Explorer windows and an advertisement plays over my speakers but no browsers appear to be running. I find multiple instances of ml#.exe (# is a single digit number; each instance has the next number available) in my processes. Attempts to open Firefox, result in the page being redirected. My desktop widgets are failing to run properly (Network Traffic, MSN Weather and a Game Server Monitor).
I did a quick scan with MSE and nothing was found. I downloaded Spybot Search & Destroy on another computer and installed via USB. I ran the search twice (the second time in Adminstrator mode) but it didn't seem to check all files. While it was running, I decided to download Malwarebytes. Prior to restarting in Safe Mode, MSE warned of a problem (vobfus.gen!D) and I told it to repair/fix the issue. Internet traffic was still being redirected.
After entering safe mode, I attempted to run Search & Destroy. It appeared to start but no window opened (The taskbar indicated it was open but repeated attempts to open it wouldn't present a window). I installed and updated Malwarebytes and ran a full scan overnight. I checked this morning and it found 17 issues. I had it fix them. I attempted S&D again with no luck and couldn't find a way to open MSE in safe mode (not listed in menus and not in the systray).
I restarted my computer in normal mode. S&D said there was a change in the registry by Malwarebytes and I allowed this. The widgets on my desktop are still not loading there information. I started MSE on a full scan before heading to work.
Does the redirect of internet traffic/widget issue mean that the virus/trojan/? is still active or could it have changed a setting that I need to manually revert back? Any suggestions on what my next step should be if I am still having problems when I get home today?
Last night I downloaded a file that apparently had some sort of malware in it. I believe it was a rar or zip file and when I tried to decompress it, I knew something was wrong and tried to shut it down. Something is now opening blank Internet Explorer windows and an advertisement plays over my speakers but no browsers appear to be running. I find multiple instances of ml#.exe (# is a single digit number; each instance has the next number available) in my processes. Attempts to open Firefox, result in the page being redirected. My desktop widgets are failing to run properly (Network Traffic, MSN Weather and a Game Server Monitor).
I did a quick scan with MSE and nothing was found. I downloaded Spybot Search & Destroy on another computer and installed via USB. I ran the search twice (the second time in Adminstrator mode) but it didn't seem to check all files. While it was running, I decided to download Malwarebytes. Prior to restarting in Safe Mode, MSE warned of a problem (vobfus.gen!D) and I told it to repair/fix the issue. Internet traffic was still being redirected.
After entering safe mode, I attempted to run Search & Destroy. It appeared to start but no window opened (The taskbar indicated it was open but repeated attempts to open it wouldn't present a window). I installed and updated Malwarebytes and ran a full scan overnight. I checked this morning and it found 17 issues. I had it fix them. I attempted S&D again with no luck and couldn't find a way to open MSE in safe mode (not listed in menus and not in the systray).
I restarted my computer in normal mode. S&D said there was a change in the registry by Malwarebytes and I allowed this. The widgets on my desktop are still not loading there information. I started MSE on a full scan before heading to work.
Does the redirect of internet traffic/widget issue mean that the virus/trojan/? is still active or could it have changed a setting that I need to manually revert back? Any suggestions on what my next step should be if I am still having problems when I get home today?
