Posted 12 June 2011 - 10:19 AM
Apologies if this has been covered, but I've searched around the forums and while I've spotted seeveral threads regarding this virus, my issues seem somewhat unique.
First, I'm running Windows XP home.
Problems started yesterday when the Windows XP Restore virus reared its ugly head. I recognized if for what it was right away, didn't click on anything I shouldn't and ran an rkill followed by Malwarebytes full scan. Unfortunately, I was optimistic - overly so, it now seems - that this would solve the issue, so I didn't save the logs and can't get to them now (more on that later). MBAM found about 10 infected files, I had them removed/quarantined and then followed the instructions to reboot.
So far, so good.
On reboot, however, Windows popped up in a blue screen telling me to run a CHKDSK, which I did. After that ran, Windows came up but the vast majority of my desktop icons, programs and files were missing. Following the advice here, I ran unhide.exe, which returned what appeared to be all my files.
I happily went about my business from there, thinking I'd resolved this when, a short while later, an icon for Windows XP Restore reappeared on my desktop. So, I repeated the steps above (again, didn't save the logs, sorry), MB found one infected file this time and I rebooted.
Now here's where the real problems start. Upon reboot (after another CHKDSK) the Windows XP Restore remains, along with a couple other icons, but most icons and files are again missing. Making matters worse, I'm getting Google redirects from IE, Firefox won't open (get a message telling me it's already running, which according to my task manager it isn't), I can't open/run any potential fixes (such as ComboFix, TDSSKiller) and IE won't allow me to download any of those potential fixes or open them off a CD. Also, even among the files that do appear, I can't open any ... thus I can't recover old mbam or rkill logs.
So, that's where I'm at. I've dealt with a couple of nasty viruses/malwares in the past and eventually figured it out, but this one has left me clueless and near hopeless. At this point, I'd take it if I could just recover my files, though I hope for better.
At present, I'm on a work computer, so hopefully I can download any fixes here to run at home if need be, but again, it's not even letting me run programs off CDs.
Any help/direction/advice would be much, much appreciated.