Well my roommate's computer cutting in and out was a separate problem. Our wireless was acting up. Got that fixed.

I think I narrowed down my problem. Theres 2 iexplorer.exe running when I only have 1 open. In taskmgr Ill close the bigger iexplorer.exe and it will start itself back up. When I close the smaller one it stays closed. Doing some searching I found out its most likely a .dll code still lurking around after dodging many scans. Im no computer guru so I cant tell a legit .dll code from a fake one.

I would love to reformat but no disks. Laptop was already loaded with programs when bought.

Any other helpful tips? Im basically running different anitvirus programs, scanning, and praying it works, but no luck yet. At least this time I have an idea what the problem is.

 

ive cleaned that up (in one form or another) on probably almost 100 computers.

go into safe mode w/ netowrking
run malwarebytes, remove everything
reboot back into safe mode w/ networking
run combofix
let combofix reboot your computer when its done, wait for the log, etc.
run cleanup!
reboot back into safe mode w/ networking, run cleanup again

 

I've had a lot of luck fully getting rid of infections using this forum - http://www.geekstogo.com/forum/Malwa...ide-t2852.html

 

My mediacenter is doing the exact same thing. I've been too busy to do anything about it though...

Maybe i'll fix it tonight.

Don't forget to pull all updates for malware, AVG, ect. beforehand.

 

Make sure the crapware hasn't forced your Internet connection to use a proxy server. Tools > Internet Options > Connections tab > LAN Settings. If "Use a proxy server for your LAN" is checked, uncheck it, then close IE and re-open it.

A lot of the fake antivirus sites set the proxy server option.

 

Thanks just tried this. Looks like Im getting closer to finding the bug. Combo fix actually failed to remove a file. Here it is in the log...

c:\windows\system32\drivers\uustqai.sys . . . . failed to delete

I looked up its properties, it was created the exact time I got attacked. I try to request security info but it cant be displayed. I also cant delete it, rename it, relocate it... etc. "I always get "Cannot read from the source file or disk." Any ideas? Thanks again you guys have been nothing but helpful so far.

edit: just to add, I still have an extra iexplorer.exe running in task manager. probably due to uustqai.sys still active.

 

Open malwarebytes, hit "more tools" and hit "run tool" under File Assassin.

See if that won't kill the file.

 

I run avast also free and sybot also free.

 

I just ran malwarebytes, avg free, and ran msconfig.exe to clear out all but a couple start up items.

Seems to have fixed my problem.

 

.