Extreme virus troubles

Status
Not open for further replies.
Hello. This is my first time posting, I made this account because I'm literally at ropes end and I'm hoping you all can offer me an alternative that doesn't involve reformatting my computer, so here goes =(

I recently aquired a virus. I can't confirm what exactly it is (or they are) but I have a general idea.

I believe I have Virut, along with Win32 Heur. Avg found 82 infected files of Win32 Heur, and I think it found a couple other viruses along with it, one of which were Virut. Here are my symptoms

  • IE Webpage hijacking, and shutdown of browser whenever an antivirus site is accessed.
  • My Desktop is nonexistent (no start menu, icons, no click and drag either)
  • Explorer.EXE can't be started from task manager (I don't have the proper permission blah blah blah)
  • And the above mentioned also happens for several other EXE files I try to run
  • MalwareBytes gets closed after 6 seconds of scanning
  • and AVG will no longer scan.
  • SuperAntiSpyware gets closed as soon as I try to scan
I think thats about it

I've manually deleted a handful of files that seemed suspicious in the System32 folder that were made around the time when I got the virus (I remember the date and roughly the time) as well as some files in my Temp Folder, but they don't seem to help the matter at all

I ran rootrepeal, and it will terminate as well when I search files, but I used it to search stealth processes and svchost.exe came up, so I'm assuming I have an Infected svchost.exe running which is causing these problems ? On average, 7 should be running I believe, and I have 8 of these processes. I found one in my system32 folder running with a tdlcmd.dll driver, which was installed around when I got the virus, Deleted it, and it didn't help.

One more thing
Once a process gets terminated, like malwarebytes or rootrepeal did, I can no longer use it. It says I dont have permission to access it. And then from then on, it'll lose its icon and if i try to delete it, it'll tell me its in use. *Sigh*

I pray you all can help me. Thank you for your time.
 
What are your computer specs, including the operating system? Can you post a Hijackthis log?
 
thank you for quick reply, and I apologize for the missing information.
Windows Xp Home Edition (SP3)
2.93 GHz
2gb of Ram
I juss updated to the newest version of java moments ago and I am downloading hijackthis atm. Should I run HJT in safemode or should i execute it immediately ?
 
"This application has failed to start because MSVBVM60.DLL was not found. Re-installing the application may fix this problem"

*Sigh*
 
"EXTREME virus troubles- "...

Reinstall Windows fresh... I know you didn't want to hear this :blush:
 
I had a brilliant idea. I disconnected my harddrive and attaced it to another pc and am now running mbam and Avira on that drive. 404 viruses (& counting) found on avira, and 154 malware count for mbam. I'm gonna let it scan all night cus it's only 3 hrs in (lol!) but I'll post a report sometime tmrw.
 
In light of the extreme infection, I would strongly suggest a reformat of your drive, especially if you conduct internet banking or other processes on your system that handles sensitive information.

Keep important documents and files before you format. Before you transfer your files back, scan them thoroughly with a clean computer.
 
I had a brilliant idea. I disconnected my harddrive and attaced it to another pc and am now running mbam and Avira on that drive. 404 viruses (& counting) found on avira, and 154 malware count for mbam. I'm gonna let it scan all night cus it's only 3 hrs in (lol!) but I'll post a report sometime tmrw.

Good luck, but keep in mind what momok and I have mentioned here :)
 
Status
Not open for further replies.
Back