Solve : Here we go again..possible virtumonde? – InterviewSolution

InterviewSolution

1.	Solve : Here we go again..possible virtumonde?
Answer» I have had this problem before and fixed it but this time I'm beat! Here's the problem.... Missing icons ,task bar and unable to update microsoft. We had a friend borrow our pc when he came over to our house this past weekend and he goes to myspace and facebook. My computer was fine except the updates was disabled and I could not start it up again so.. I researched and tried to fix it. The pc started downloading something strange and my Anti Vir went nuts. The pc froze and I had to reboot. When it rebooted the icons and task bar were missing. The only thing showing on my desktop was the wallpaper. I checked Safe Mode and it was the same there as well. I could not restore because it had mysteriously been turned off. I ran Spybot search and Destroy and it got rid of some things. I reran spybot and it got rid of alot of things. I ran Lavasoft anti spyware and it found nothing. I ran Antivir and it found nothing. I downloaded Spyware doctor and it found Virtumonde. It could not eliminate it so I downloaded Trojan Remover and it got rid of some things but still no icons etc. I ran SD fix ....nothing I did the sfc/ scannow....nothing I ran the kelly's corner fixes...nothing I ran vundofix.....it found nothing I checked on msconfig....nothing ran A squared.....nothing Repaired windows XP..... now I cannot see my hidden files and I can only access things with ctrl-alt-delete (task manager) Ok... I am guessing you will tell advise me to reformat but I am hoping to avoid this because it is a pain to re set up ATT DSL I have not run combofix due to the pc will give me an error message and not allow it. I keep getting corrupt file error messages everytime I run anything that scans it for spyware or virusware.... Ok I'm out of ideas...need help please.. Also I am on my work pc so I will not be able to post a hijack log til this evening Thanks.. ~Bettina~ Try renaming Combofix and then running it. Download and rename Combofix by sUBs from one of the below links. (Try all three if necessary) Link #1 Link #2 Combofix MUST be saved to the desktop. STOP all of your antivirus, antispyware, and other protection monitoring programs Click this link to see a list of security programs that should be disabled and how to disable them. Close all other BROWSER windows. Now right click on the combofix.exe icon on your Desktop and select Rename. Rename it to cf.exe This may help Combofix to run where certain malware attempts to block the original file name from running. Open task Manager and copy the below text into the New Task window. "%userprofile%\desktop\cf.exe" /killall Click the OK button and Combofix will begin to run and do the following. - It will terminate some running processes. - It will set your clock to a 24 hour setting (will be restored to normal when finished running properly) - It will disconnect your PC from the internet. The connection is automatically restored before Combofix completes its run. If Combofix runs into DIFFICULTY and terminates prematurely, the connection can be manually restored by restarting your machine. - If malware is found, Combofix will reboot your PC automatically when finished with the scan. When your PC restarts and after you log BACK in, Combofix will finish running and create a log. Do not interrupt this process. - Note: Do not mouseclick combofix's window while it is running. That may cause your system to stall. - Do not attempt to use the internet or run anything else while it is running as you will most likely interfere with what it needs to do. When finished, it will produce a log (C:\combofix.txt) for you. Post the contents of that log in your next reply. Update: The pc got so bad that I had to reformat and wipe it clean. My browser got hijacked by a Antivirus pro 2008 and it would not even let me go to any other site. So..after thinking a bit I reformatted. I have done lots of virus/spyware scans since reformatting and the pc is clean. I have not REINSTALLED all my other programs yet but plan on doing it soon. It is running on basic programs right now. Can the virus still be in my pc? I did not have restore on Thanks for all your help... A reformat should have wiped everything nasty off of the PC. Thanks for letting us know.

Discussion

No Comment Found

Related InterviewSolutions