Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Fake HDD linked with many other viruses crauto.dll Root kit

09 Apr 2012   #1
computergeekguy

7 home premium 64 bit
 
 
Fake HDD linked with many other viruses crauto.dll Root kit

Hi I am working on a friends computer that had gotten the smart HDD virus and it did the normal thing hidding file folders etc. etc.

We ran malwarebytes and it found a toatal of 44 infections. They were deleted and i run unhide.exe

It un hid all of his files but i think the comp is still infected due to slow performance command prompts showing up out of nowhere.

The computer was infected through a fake adobe update.

Since i thought he was still infected i ran some more scans with other programs he had pre installed on his machine.

Spybot s&d found 3 more i cleaned them.

I then ran BitDefender rescue cd and it found crauto.dll Trojan.Sirefef.BV

I lookied online and it says it is a root kit. Before i delete it i am going to run it past you.



I would give all the other virus info but currently i am booted in bitdefender and want to decide whether to delete this or not.

Thanks


My System SpecsSystem Spec
.
09 Apr 2012   #2
computergeekguy

7 home premium 64 bit
 
 

Ok i deleted it another comp tech said go ahead.

Here are some logs and pics of the viruses.


Hope this helps


Attached Thumbnails
Fake HDD linked with many other viruses  crauto.dll Root kit-virus-1.jpg   Fake HDD linked with many other viruses  crauto.dll Root kit-virus-2.jpg   Fake HDD linked with many other viruses  crauto.dll Root kit-virus-3.jpg   Fake HDD linked with many other viruses  crauto.dll Root kit-virus-4.jpg  
Attached Files
File Type: txt mbam-log-2012-04-08 (16-58-32).txt (4.4 KB, 3 views)
File Type: txt mbam-log-2012-04-08 (18-03-05).txt (7.7 KB, 1 views)
File Type: txt mbam-log-2012-04-08 (20-25-38).txt (3.9 KB, 2 views)
My System SpecsSystem Spec
09 Apr 2012   #3
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Are you thinking that you can just delete a Rootkit?
Rootkit - Wikipedia, the free encyclopedia

Some Trojan.Sirefef.BV infections contain trojan and keyloggers which can be used to steal sensitive data like passwords, credit card, bank account information etc.
My System SpecsSystem Spec
.

09 Apr 2012   #4
computergeekguy

7 home premium 64 bit
 
 

O boy root kits don't sound very fun I thought i might be able to get away with it due to there being root kit scanners. But it sounds like re installation of os is highly probable at this point.


How about hitman pro? Would that help anything? Thanks
My System SpecsSystem Spec
09 Apr 2012   #5
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Quote:
it sounds like re installation of os is highly probable at this point.
That would be my instructions .... do a "Clean" install! Also, all passwords need to be changed.
My System SpecsSystem Spec
09 Apr 2012   #6
computergeekguy

7 home premium 64 bit
 
 

I talked to him and we agreed to reinstall and yes I talked about changing passwords on a known clean comp.

I am backing up data and such


Thanks for your help Wish it turned out better but this is how it goes sometimes
My System SpecsSystem Spec
Reply

 Fake HDD linked with many other viruses crauto.dll Root kit




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Zero (0) is linked to a shortcut!
Hi If I hit "0" on the alphanumeric side of the keyboard (not a laptop), and even if I use on-screen keyboard I get this dialog window! "Missing Shortcut" "Windows is searching for program. To locate the file yourself, click Browse" " Browse...
General Discussion
Intel USB 3.0 root hub and USB root hub registries missing/incomplete?
Ok, so I've run into a very tricky spot: Yesterday, I successfully resolved a windows update issue (thread can be found here: http://www.sevenforums.com/windows-updates-activation/301935-unable-get-any-updates-all-error-800f0900.html ). Basically, one problem led to another and I ended up...
Drivers
Possible to have 2 drives linked with one shortcut?
Hi all, Just curious as to whether it is possible to have a shortcut to a folder which leads to two drives. Basically, I wan't to be able to work on my projects within a folder and this to be then backed-up automatically to a NAS drive and the local C drive from this one folder. I don't...
Network & Sharing
Fake Online AV Scanner Installs Fake AV
Fake Online AV Scanner Installs Fake AV Today, SophosLabs witnessed a bogus website with a fake online AntiAdware scanner. When the website is accessed, it executes embedded javascript within the webpage. This script will cause the victim’s computer to display a fake progress bar pretending to...
System Security
7265 fake or not? - Fake
Saw this and i see a source is trying to get his hands on it (if it's real) What do you guys think?
General Discussion
Cross-linked files???
Hey all, I was using the Paragon Partitioning Manager Express 9.0 to create a partition for 7RC (dual boot with Vista) and it was going smoothly until it said there was an error due to "cross-linked files" and it could not proceed until I fixed it...it said there was some programs I should already...
Installation & Setup


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 15:30.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App