HELP Ive got virtumonde & smitfraud-c

[alfrane]

Ive disconnected from the internet and run a spybot s&d 'scan' and 'fix'. I still have virtumonde & smitfraud-c. They wont go away. I am new to all of this and clueless as to how to proceed. But I know how to follow instructions. HELP!

[ken545]

Hello alfrane

Welcome to Safer Networking.

Please read Before You Post
That said, All advice given by anyone volunteering here, is taken at your own risk.
While best efforts are made to assist in removing infections safely, unexpected stuff can happen.
It is advisable that you back up your personal data before starting any clean up procedure.

Download Trendmicros Hijackthis to your desktop.

• Double click it to install
• Follow the prompts and by default it will install in C:\Program Files\Trendmicro\Hijackthis\Highjackthis.exe
• Open HJT Scan and Save a Log File, it will open in Notepad
• Go to Format and make sure Wordwrap is Unchecked
• Go to Edit> Select All.....Edit > Copy and Paste the new log into this thread by using the Post Reply and not start a New Thread.

DO NOT have HijackThis fix anything yet. Most of what it finds will be harmless or even required.

[alfrane]

Hello ken545 - Thanks for the quick response - Im hoping to get the affected pc repaired before tomorrow Wednesday the 26 of November because of the thanksgiving holiday. But if not, its cool. I am on an unaffected pc on our company network.

You should know the affected pc is also infected with vundo.ua

I downloaded hjt on the clean pc, wrote it to a cd and then walked it over to the damaged pc. I disabled teatimer, rebooted, installed hjt and ran the log.

The problem is I would have to plug in the network cable on the affected computer to paste the log into this thread. I dont want to plug in the network cable and spread the infections all over our company network. So if I cant get onto this thread on the affected computer, I could write the log file to a cd. But the disc will get infected. I dont want to infect a cd and insert it into this clean pc and then wind up infecting the whole company that way either. How am I supposed to get the log into this thread for you to look over? What would you suggest? Would you prefer I sent the log file data pasted into a plain text email?

[ken545]

alfrane,

You need to click on the link for BEFORE YOU POST and read post # 5, we do not work on company computers, this can open a whole bag of worms, you need to contact your IT Department for help.

Ken

[alfrane]

Ken - sorry I didnt read that far ahead in the 'before you post'. My IT dept is planning to wipe the whole machine and reinstall everything. Probably the best plan. Darien, huh? I grew up in Middletown... Thanks again - alfrane

[ken545]

alfrane,

Not exactly sure what your infected with but some of the latest threats will compromise a computer, that means that the infected computer, even though its been cleaned can not be trusted, don't know if this is your case but a reformat and clean install sometimes is the best option.

Good Luck,
Ken