DNS Trojan Charger, Virut and more...

Discussion in 'Malware Help (A Specialist Will Reply)' started by NosabeNocontesta, Jul 29, 2009.

  1. NosabeNocontesta

    NosabeNocontesta Private E-2

    Hello! I'm new to the forum, actually this is my first post,
    so if anything is wrong I'm really sorry, didn't mean it.

    Well, here's my problem:

    I made the big mistake of installing AresVista in my Notebook...
    (I know that by now everyone should think that I'm really stupid XD)
    Now I have I don't know how many Trojans that I can't get rid off.

    I have a DNS Trojan Charger, my last good version of the userinit.exe
    was destroyed and more things that I think I'm not even aware of.

    I run Malwarebytes but is not working, it finds some threats but can't
    get rid of them and now the Trojan is redirecting my Mozilla and Explorer
    so I don't have any access to Malwarebytes updates or website.
    I tried to use TrojanRemover and it doesn't work either due to the userinit.exe
    file missing. So I checked with Orbasoft and it gives a Windows Run Time Error and
    everything crashes...

    Then I tried to download Combofix from this forum but when I try to install it
    this message appeared:

    "!!Alert!! Is is not safe to continue
    the contents of the combofix package has been compromised.
    Please download a fresh copy from
    bleepingcomputer.com/combofix/how-to-use-combofix
    Note: You may be in infected with a Virut."

    After checking that website the same happened and my combofix copies disappeared.

    I have Vista Home Premium 32B.

    I really don't know what to do anymore...

    Could anyone please be so kind to help me out?

    Thanks a lot in advance!
     
    NosabeNocontesta, Jul 29, 2009
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    I'm sorry to have to break the bad news, but your actions have lead to a reinstall.

    Since ComboFix is indicating you have a Virut infection, it means your Windows Operating system files have become infected and there is no known reliable fix for this. In addition there are many many other infected files (just like ComboFix was being infected as you downloaded it). We could spend a lot of time trying to remove this infection, but odds are that it will not work because the nature of the infection has so many executable system files infected that as soon as we fix one file, other files that are infected will almost immediately or upon the next reboot, just reinfect the files. In addition, your PC would still basically be unreliable/untrustworthy even if we manage to fix the infected files that we can see since there could be many more that we are not seeing.

    The safest thing for you to do is backup your personal data immediately since your PC could possibly become unbootable at any point in time. Do not back up any executable files. This includes programs that you have downloaded since any of them could be infected.

    Once you backup, you need to format partitions and reinstall Windows and all other software especially your protection software. Then install all updates for all software. DO NOT reinstall from any executable file backups you made while this PC was infected or you will just be reinstalling the infection.
     
    chaslang, Jul 30, 2009
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds