After working with a friend on a school project, I learned that my USB drive was harboring resycle/autorun/boot.com files. I followed directions he gave me (deleting the hidden files and scanning the registry on my USB drive and laptop) - but I didn't find any more hidden files.
Later that night, IE popups began appearing on my computer (Vista) when I wasn't using IE. I ran SpyBot, which detected but could not remove Smitfraud, Smitfraud-C, Virtumonde, Virtumonde.prx. Shortly after, SpyBot dialog boxes began appearing asking me to Allow/Deny system changes (things were being added). I ran SpyBot again and apparently removed Smitfraud-Core-something, so I allowed the next two system changes (removal of some run32dll files). Sometime after a reboot, my desktop wallpaper was replaced with a blue screen.
I ran Smitfraudfix in Safe Mode to no avail, but as of today, Spybot does not report any instance of Smitfraud or Virtumonde. However, my computer does not start properly (desktop doesn't load) and cogad.exe is running as a background process. I don't think my computer is completely clean and I would like help fixing this!
Thanks for your help,
Edited by ajlpenguin, 12 January 2009 - 10:21 PM.