First post - apologies if I get the process wrong or if this is too vague.
I'm almost certain there's a virus on my computer - which is 5 years old, running XP SP 3, normally using Spybot as the main AV software, and mainly using Chrome or Firefox as a browser (never IE, very very occasionally Safari). Having done a quick search online it seems to be some sort of version of Conficker, but I don't know any more than that.
I'm based in Africa at the moment, and when I took the computer to an internet cafe the guy took the computer and plugged in an ethernet cable before I could ask whether it was wireless or not. The computer basically froze up and closed Explorer at that point (when the cable was plugged in - not opening dodgy-looking emails etc), before bits of Explorer started reappearing; five minutes into this process the computer froze entirely, so I switched it off. Since then:
- I can't view hidden files on my computer, and there are 2 hidden files that weren't there before in My Documents (as well as in one or two MD subfolders)
- Windows Automatic Updates turns itself off at start-up
- I can't connect to the AU website, regardless of what browser I use
- My Clamwin AV software won't update (not sure whether that's virus-related though)
- Spybot's found a couple of Trojans and registry changes
- Scanning any USB sticks finds a "runonce.exe" file (which Rkill finds too) and one other worm, which it then cleans
The bigger issue is how to fix it. I've downloaded Combofix and tried to use it - a friend of mine was taking me through some of the steps - but it wouldn't run (i.e. it freezes, without fail, at either the "creating log report" or "scanning system" stage). Other things haven't run properly either - most notably the DDS scanner. The GMER log is attached.
I'm in Africa currently, so I don't connect every day, and my connection is pretty slow, if that affects how I can get any help.