Having read topic58138.html I have gone through the 15 steps.
Symptoms: My son's PC lost loads of desktop icons, the startup menu disappeared; the C:/ drive disappeared from My Computer; the clock showed the time plus "Virus Alerts!!!" and the shortcuts to Error Cleaner, Privacy Protector, Spyware & Malware Protection appeared on the desktop along with regular popups with various warnings and links to "helpful" software. The whole thing alost ground to a halt.
Eventually I found your suggestions, downloaded the various software and tools on another PC, installed them onto my son's via a memory stick and slowly worked through everything.
1. The Panda Antirootkit found no known or unknown rootkits.
2. I attach the three logs, HJT, Combofix and SAS as requested. The first SAS scan revealed 130+ infections! ( The only software that wouldn't run was the smitfraud.exe tool.
)
3. I use Windows Firewall because I have a conflict between the WiFi connection and ZoneAlarm.
4. The Safemode scans in step 14 went OK.
5. Since completing the 15 steps the PC is know looking and working as per usual. All shortcuts are bcak; all drives now visible ; no popups; clock is clear; and sluggishness is as before.
6. Out of interest I have since run SpyBot and SAS again. SS&D revealed a Virtumundo infection and SAS a AdWare.Vundo Variant/Rel infection. Both were deleted. As ADAware2008 was running AVG Resident Shield found a Downloader.Zlob.ZGC trojan horse in a .dll file in C:/System Volume Information/_restore directory. Does this mean these may appear at random times or that once you have seen the log files you can give further advice on how to clean them up?
I hope you can help and thank you for your help so far. At least my son can use the PC for basic games/internet use as long as he doesn't use it for financial transactions.
Regards
Ian
Symptoms: My son's PC lost loads of desktop icons, the startup menu disappeared; the C:/ drive disappeared from My Computer; the clock showed the time plus "Virus Alerts!!!" and the shortcuts to Error Cleaner, Privacy Protector, Spyware & Malware Protection appeared on the desktop along with regular popups with various warnings and links to "helpful" software. The whole thing alost ground to a halt.
Eventually I found your suggestions, downloaded the various software and tools on another PC, installed them onto my son's via a memory stick and slowly worked through everything.
1. The Panda Antirootkit found no known or unknown rootkits.
2. I attach the three logs, HJT, Combofix and SAS as requested. The first SAS scan revealed 130+ infections! ( The only software that wouldn't run was the smitfraud.exe tool.
)
3. I use Windows Firewall because I have a conflict between the WiFi connection and ZoneAlarm.
4. The Safemode scans in step 14 went OK.
5. Since completing the 15 steps the PC is know looking and working as per usual. All shortcuts are bcak; all drives now visible ; no popups; clock is clear; and sluggishness is as before.
6. Out of interest I have since run SpyBot and SAS again. SS&D revealed a Virtumundo infection and SAS a AdWare.Vundo Variant/Rel infection. Both were deleted. As ADAware2008 was running AVG Resident Shield found a Downloader.Zlob.ZGC trojan horse in a .dll file in C:/System Volume Information/_restore directory. Does this mean these may appear at random times or that once you have seen the log files you can give further advice on how to clean them up?
I hope you can help and thank you for your help so far. At least my son can use the PC for basic games/internet use as long as he doesn't use it for financial transactions.
Regards
Ian