Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus infection is ruining my world.


  • Please log in to reply
2 replies to this topic

#1 ninthmidget

ninthmidget

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Greensboro, NC
  • Local time:09:46 AM

Posted 08 June 2011 - 11:12 AM

Well, I'm on day 4 of removing viruses from our computer. With AVG I removed "Generic22.CGJQ" today from two locations and two days ago we removed "Vundo.HX". Malwarebytes removed 6 registry values/files inclding "hidden desktop," "hijack display" and "vyuamrmefielc.exe".

WHAT HAPPENED: Google translate suggested I search for yummy indian recipes in their native language. Pregnant and hungry, I was all too happy to comply, and I found a site in Hindi promising such. Clicked the link, which turned out to actually be an aggregator, and IE immediately started glitching up and acting funny. Then the fun started.

WHAT IT DOES: First, it started popping up Defender fake spyware protection, then it started hiding my files, folders, and desktop icons, and emptied the start menu. It also generated a bunch of trash files and folders and a new user profile-- now it's hard to know what's trash and what isn't. I was able to unhide all of my folders and files, and while annoying, it doesn't appear that anything is missing.

Next it disassociated programs... from their programs. So to run a program, you had to search for that program in 'my computer,' and select that program to open that program. Then it disassociated .exe files and you couldn't execute anything at all... except IE, which was suspicious but fortunate. I was able to fix this particular problem using exefix_xp.com. It keeps changing my homepage and google is redirecting like crazy. Firefox appears to be trashed, and IE runs, but slowly.

Antivirus software is coming up clean again, but google is still redirecting, so something isn't right. What else should I be looking for that may be screwy on my computer?

Edited by ninthmidget, 08 June 2011 - 02:17 PM.


BC AdBot (Login to Remove)

 


#2 ninthmidget

ninthmidget
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Greensboro, NC
  • Local time:09:46 AM

Posted 10 June 2011 - 04:03 PM

DL'd Dr. Web and after an 8 hr scan, "cured" volsnap.sys from a backdoor dss.565 virus.

Comp and internet seem to be working well, but now AVG is detecting volsnap.sys as a threat and won't touch it. Malware scan is clean, and Dr. Web Express scan is clean. Could AVG be giving false positives? or is there another way to "cure" this file?

#3 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:02:46 PM

Posted 13 June 2011 - 02:35 PM

Please follow the instructions in ==>This Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users