I should explain that on 10/16/10, I fell for the USAJobs PDF exploit lurking in what I thought was an innocent message in my Yahoo inbox. It changed my Desktop, Firefox homepage, and wouldn't allow me to access antimalware software, antimalware-related websites, or to install any antimalware programs I had downloaded to a flash drive from an uninfected computer.
A friend took the hard drive out of the tower and scanned it but could find nothing, so he returned the computer to me, but I was still having problems with it running slowly and never going into Sleep mode. I then started receiving e-newsletters I had never signed up for, even after changing my Yahoo password multiple times, so my friend recommended I simply restore my computer to factory settings.
I thought that would take care of the problem, but it obviously did not, because I discovered a strange login name on DD7's computer account on 7/27/11. So, I downloaded and followed MakeUseOf.com's
Malware Removal Guide. I wasn't particularly happy when I installed AIS and discovered I had Win32:Kelihos-S[Trj], a decompression bomb, and several corrupted archives, but I was overjoyed to find my computer actually running normally and going into Sleep mode for the first time.
My bubble burst, however, when I got to Step 19 of the
Removal Guide. I ran aswMBR but noted in the log that it hadn't scanned D drive (yes, I now know what MBR stands for but, at the time, thought the program was yet another virus scanner), so I clicked on the drop-down to select D but opted to try a Full Scan of C drive first. The program crashed whether I was in Normal or Safe Mode, so I went online to find a fix and discovered MBRCheck, which found "MBR Code Faked!"
So, here I am now, seeking more knowledgeable help
ML
--
HP s3707c
AMD Athlon 64x2 Dual Core Processor 5400+ 2.80 GHz
4.00 GB RAM
64-bit Vista Home Premium SP2
running KIS at time of infection, then switched to Norton360, now using AIS
MBAM has never found a thing on my computer, whether my PC was infected or not