Keric
2008-12-24, 01:02
Hello,
This is my first post to the forums, so please excuse me if I forget to give an important piece of info in this post. I'll be more than happy to repost with anything needed.
So, I first noticed the problem when ZoneAlarm detected a file called a.exe trying to access the trusted zone. I didn't accept or deny, but looked up more info on a.exe. While I was doing this, more unknown files started desiring access, setting off the firewall like crazy. AVG starts detecting threats, all of which I "heal."
I do a Windows+F search to try to find the location of a.exe (it was found in C:/Windows/System32 , and when I find that it can't be moved or deleted, I restart in safe mode.
While in safe mode, I can no longer find the file. I run Spybot, and find a threat from Virtumonde. Thinking nothing of this (at the time) I fix the problem. I restart again, and notice that Windows Automatic Updates is turned off. It won't turn on. I go into the control panel and try to turn it on manually...at which point I discover it's already on.
I search for others with my problem, and find this:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.windowsupdate&tid=90538d6b-6ace-4748-8a37-b76da86e162e&cat=&lang=&cr=&sloc=&p=1
So far, I've ran HJT (I can post the log if needed). I'm currently running Spybot again to see if I have a recurring Virtumonde infection (something which seems to be a common occurrence on these forums).
My computer is running Windows XP Pro.
This is my first post to the forums, so please excuse me if I forget to give an important piece of info in this post. I'll be more than happy to repost with anything needed.
So, I first noticed the problem when ZoneAlarm detected a file called a.exe trying to access the trusted zone. I didn't accept or deny, but looked up more info on a.exe. While I was doing this, more unknown files started desiring access, setting off the firewall like crazy. AVG starts detecting threats, all of which I "heal."
I do a Windows+F search to try to find the location of a.exe (it was found in C:/Windows/System32 , and when I find that it can't be moved or deleted, I restart in safe mode.
While in safe mode, I can no longer find the file. I run Spybot, and find a threat from Virtumonde. Thinking nothing of this (at the time) I fix the problem. I restart again, and notice that Windows Automatic Updates is turned off. It won't turn on. I go into the control panel and try to turn it on manually...at which point I discover it's already on.
I search for others with my problem, and find this:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.windowsupdate&tid=90538d6b-6ace-4748-8a37-b76da86e162e&cat=&lang=&cr=&sloc=&p=1
So far, I've ran HJT (I can post the log if needed). I'm currently running Spybot again to see if I have a recurring Virtumonde infection (something which seems to be a common occurrence on these forums).
My computer is running Windows XP Pro.