Next day started up the computer, booted fine. I wanted to run malwarebytes again so i run rkill (just to make sure nothing is still running from virtumonde) then installed malwarebytes (since parts of it got deleted during the removal of virtumonde according to the directions on the site given earlier), click on update, during the update the computer restarted.
I don't know if there was an error message as I wasn't watching the computer at the time. The computer restarted then went to the safe mode options screen. I try to boot up in safe mode, loops back to the safe mode options screen, try last known config, loops again. Comp is stuck in a reboot loop so I have to hold in the power button to get it to shut down. I wait a few mins then start it up again, back in the boot up loop.
I haven't attempted to do anything more with it. I do not want to lose data on it as the computer is not mine. I have a new hard drive to put in it so I can pull this hard drive. What would be the safest course of action to maintain as much data on the hard drive as I can? Should I try to get XP to boot up or just pull the drive and slave it to try to recover the data? Is virtumonde doing this or is it a separate issue? If I slave the drive and copy the data will virtumonde tag along to a new computer with the recovered data?
I don't have any logs, but here is a list of the problem files malwarebytes found:
Are all of these infections from virtumonde of did i have several different infections? I had run AVG prior to malwarebytes and it only picked up virtumonde and said it removed it, spybot also only picked up virtumonde and also said it had removed it, but neither had since malwarebytes also picked it up.
Any suggestions are much appreciated.
Edited by Pandy, 10 January 2010 - 07:51 PM.
Moved from HijackThis Logs and Virus/Trojan/Spyware/Malware Removal as no logs were posted. ~Pandy