• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

virus?

h3llb3nd4

h3llb3nd4

New Member
Joined
Feb 15, 2009
Messages
3,323 (0.56/day)
Location
Durban, South Africa
System Specs
System Name My mobo is Laughing at me
Processor E7400
Motherboard P5KPL-E Bios flashed to 0601 (Piece of poo!!)
Cooling Thermalright Ultra 120a
Memory GENERIC 2 GB DDR2 800
Video Card(s) NONE!! Beat that!!
Storage 500GB SAMSUNG SATAII, 250GB SAMSUNG SATAII and o'l crappy 4gb maxtor
Display(s) ACER X223W Q
Case AEROCOOL ZERODEGREE (planning to mod)
Audio Device(s) REALTEK ONBOARD
Power Supply GIGABYTE 460W
Software Win 7 x86 build 7022
Benchmark Scores Super Pi 1m 17.000 :(
I'm having a random glitch in my system, when it starts explorer.exe does not boot, even after reboot, I have to go to task manager to start it. Is it a virus? cos NOD 3.2 is not picking any up, but avg free has picked up a virus called huey... what is happening?
 
I've had that happen before. Tons of fun. I think it was linked to the Virtumonde virus from a while ago, and was quite a pain in the ass to get rid of. A healthy combination of Malwarebytes Anti-Malware, Spybot S&D, Avast!, and CCleaner managed to strangle it to death. Be prepared for multiple scans, rebooting, safemode and the like.

For some it's easier to reformat. I do not believe in such things. :D
 
If it is a virus it will be an "active" one by the sound of it, can you post a screenshot of your processes running in Task manager, make sure that the column that shows thwe root file/directory for the process is fully visible, I have had some of these before so hopefully I can identify it if it is a virus.
 
same I also hate reformatting... takes ages
 
@ tatty, the task manager shows a 2~20% usage
 
Oh yeah, if it is Virtumonde, I think your best bet would be to format. I had that a while ago and I could not get rid of it, only a re-format did. But if you want to, do what Silverel said, but I think that would take to long, I'm really impatient with stuff like that so I just did a format.
 
problem is that both AVs did not find virtumonde
 
h3llb3nd4 said:
@ tatty, the task manager shows a 2~20% usage
Click to expand...

No, this screenie below is what I need to see, if there is a virus I will find it there! and yes they are demons to destroy but with a little bit of file property manipulation you can usually delete it.
 

Attachments

  • Untitled.jpg
    Untitled.jpg
    172.6 KB · Views: 289
Have you checked Regedit?

If not, maybe open regedit and ensure that the default string value of : "Shell"="Explorer.exe" exists.....

I would definately rule this out before formatting or worrying about a virus. It could be simple.....:)
 
You may want to try Combofix. I've used it to get rid of some NASTY stuff. Just search for it in Google and DL from bleepingcomputer. You have to run it in safe mode, and whatever you do don't mess with ANYTHING while it's running....it can seriously screw your File System up. Works wonders though. Smitfraud is also good.
 
Supreme0verlord said:
Well I don't think that the AV programs will detect Virtumonde, only Spybot S&D will.
Click to expand...

Malwarebytes was the killing blow for my Virtumonde infection. Spybot couldn't get rid of it all on it's own. It hooks into a bunch of DLL's to hide itself in system processes. If you dig around with ProcXP you can find it if ya have a keen eye.
 
You must log in or register to reply here.
Back
Top