Hello, I need help on getting rid of the Virtumonde virus, found with Spybot Search and Destroy, and understanding what is happening with my AVG free rootkit.
I apologize in advance foe such a long post, but I am wondering now, if all of my seemingly small comp problems are related. Here goes:
I have not had tons of pop ups, but my computer is slower now than it used to be. I thought it was becasue I had too many images on the drive.
I used to have Zone Alarm, but it and spysweeper were causing problems, so I uninstalled them. But traces of Zone Alarm are still on my comp. The icon is still there, and it used to quickly flash onto my screen, as if it were trying to start up again.
I noticed that my Windows Media Center stalls and first would not let me view pictures. Then, it would not start at all - I'd get a black screen instead with a message at the top that said: C\windows\eHome\ehmass.exe
Now, everytime I reboot, I get that same window. When I go to the Start Menu> Media Centre Programs, the other games are there with their green icons, but the Gem Master is showing that white icon with the red and blue dots -as if the program is not there.
But it is actually there; sometimes if I start Media Center, and wait a long time, the black screen will eventually go away, and the program will start. Although Gem Master is not listed with the other programs there either, as it was before, if I look in the C>Windows>Programs folder, I see gem master there, along with the other media centre games. And if I click it and wait, and wait, it will start up.
Sometimes, especially on start up, a yellow triangle with an exclaimation point appears in the task bar. When I hover over it, sometimes it will say that a file is corrupted, and when I click it, it disappears.
I ran AVG Anti Virus Free. Did not have a virus until a while after this started. I got rid of it. Today went to a website and got sheur.buhg. Got rid of it as well, but found nothing online about it.
Downloaded spybot search and destroy today. It found the Virtumonde virus and the sceen steps said I should contact the Spybot forums or email them if I don't know how to remove it. I don't know how, but the forum will not load and their contact form is not working. I get a server error when I try.
Spybot also found tracking cookies and wants to get rid of the Wild Tangent stuff. So I highlighted a tracking cookie, and clicked on "FIX THIS," thinking that getting rid of a tracking cookie would not hurt anything.
But I did not highlight the Virtumonde because the Spybot screen said that it involved disconnecting from the internet, it might be tought to remove and that should contact them if I didnot know how to get rid of it.
Well, green checkmarks appeared next to everything in the list, not just the tracking cookie! So I did a restore on the cookie. I dont know what the green checks mean. Also, I think it wanted to change something in the registry, and I definitely don't know anythng about that. I redid the scan, and now it is not seeing Virtumonde! But I did not reboot because I don't know what will happen if I do.
Lastly, I ran AVG anti rootkit free, 126.96.36.199. It found a lof of things, I dont know if I will ruin my system if I get rid of them - some of them pointed to AVG, like this:
C:\WINDOWS\Temp\avg8info.id, Hidden File
and others seemed to be in temporary folders, like this: C:\WINDOWS\Temp\siB.tmp,Hidden File
and some say hidden directory, like this one
I do have my system set to show hidden files - I dont know if that is why so many showed up in the AVG free rootkit, if these are really virus like things, or false postives. Any suggestions or insight on the AVF rootkit findings and the Spybot Virtumonde Virus? Thanks
This will automatically open NotePad
Copy the entire file from NotePad: EDIT/SelectAll, EDIT/Copy
Then go to the forum dedicated for HiJack This logs (**NOT** back here), and PASTE the results there:
Be sure to include a detailed description of any problems/errors/warnings you are encountering.
Also, please indicate the steps you've already taken, if any, in terms of running anti-malware scanners or malware removal tools.
Hopefully, one of the HJT experts will get to it as quickly as possible.
Windows 10 Pro (64-bit), Panda DOME 18.7.4, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, Microsoft EDGE, Firefox, Pale Moon, uBlock Origin, CryptoPrevent.
[I believe computer-users who sandbox (Sandboxie) are acting prudently.]
You may have to post the log in a few seperate posts. Reply to your message until you have put the entire log in the thread (you may need to cut it in thirds, half, etc).
Acer Windows 7 SP1 i3 Intel Process 6GB Ram Terabyte Hard Drive
MBAM real-time protection