Virus Removal

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Right guys the Full Scan with Spybot Search & Destroy has just finished and no immediate threats were found.
 

My Computer

Computer Manufacturer/Model Number
Acer Aspire 5745P
OS
Window 7 Home Premium 64-Bit
CPU
Intel Core i3
Memory
3GB
Hard Drives
WD Scorpio Blue 300Gb
So you only did a scan using spybot? How about the others? Did your AV or malwarebytes find anything after updating them?
 

My Computer

Computer Manufacturer/Model Number
D3f's Customs
OS
Win 7 Ultimate SP1 x64
CPU
Intel Pentium Dual Core E5300 OC'd @ 3GHz
Motherboard
Asus P5G41-M LE
Memory
Kingston 2x2GB DDR2-800 Dual Channel SDRAM
Graphics Card(s)
Integrated Intel GMA X4500
Sound Card
Realtek 5.1 HD Audio (ALC887)
Monitor(s) Displays
LG Flatron W1943S @ 60Hz
Screen Resolution
1360 x 768
Hard Drives
Internal - WD Caviar Blue 500GB, External - WD My Passport Essential 500GB
PSU
Headway 450w PSU
Case
Pixxo Slim Black mATX Case
Cooling
Stock Cpu Fan, 1 x Top Case Fan
Keyboard
Logitech K120
Mouse
Logitech LS1 Laser Mouse
Internet Speed
17.66Mb/s Down, 0.82Mb/s Up
Other Info
Creative SBS A300 2.1 Speaker System, LG GH22NS50 22x Internal Super-Multi DVD-RW, 2Wire 5012NV Wireless Modem Router
Nope none of them at all. I am half way through installing AVG Trial of Internet Security I shall do a full scan of this and see what happens.
 

My Computer

Computer Manufacturer/Model Number
Acer Aspire 5745P
OS
Window 7 Home Premium 64-Bit
CPU
Intel Core i3
Memory
3GB
Hard Drives
WD Scorpio Blue 300Gb

My Computer

Computer Manufacturer/Model Number
D3f's Customs
OS
Win 7 Ultimate SP1 x64
CPU
Intel Pentium Dual Core E5300 OC'd @ 3GHz
Motherboard
Asus P5G41-M LE
Memory
Kingston 2x2GB DDR2-800 Dual Channel SDRAM
Graphics Card(s)
Integrated Intel GMA X4500
Sound Card
Realtek 5.1 HD Audio (ALC887)
Monitor(s) Displays
LG Flatron W1943S @ 60Hz
Screen Resolution
1360 x 768
Hard Drives
Internal - WD Caviar Blue 500GB, External - WD My Passport Essential 500GB
PSU
Headway 450w PSU
Case
Pixxo Slim Black mATX Case
Cooling
Stock Cpu Fan, 1 x Top Case Fan
Keyboard
Logitech K120
Mouse
Logitech LS1 Laser Mouse
Internet Speed
17.66Mb/s Down, 0.82Mb/s Up
Other Info
Creative SBS A300 2.1 Speaker System, LG GH22NS50 22x Internal Super-Multi DVD-RW, 2Wire 5012NV Wireless Modem Router
Ok right the AVG scan hasn't finished yet but already picked up two things. Please look at the picture for more info.
 

Attachments

  • Virus.PNG
    Virus.PNG
    6.2 KB · Views: 78

My Computer

Computer Manufacturer/Model Number
Acer Aspire 5745P
OS
Window 7 Home Premium 64-Bit
CPU
Intel Core i3
Memory
3GB
Hard Drives
WD Scorpio Blue 300Gb
I've done a few research on the above mentioned virus aka vundo on the net. AVG might remove it and will ask you to restart your PC. But when you do a rescan, the trojan will still be there.

I've done some reading on an article regarding this issue from another forum, it needs HiJackThis, vundofix to fix this. Vundo is a very tricky virus to remove.

Admins/Mods, can i post the link from another forum to here so TS can read it? So that it will help him remove the trojan.

EDIT - Nevermind i'll send him the links through PM.
 

My Computer

Computer Manufacturer/Model Number
D3f's Customs
OS
Win 7 Ultimate SP1 x64
CPU
Intel Pentium Dual Core E5300 OC'd @ 3GHz
Motherboard
Asus P5G41-M LE
Memory
Kingston 2x2GB DDR2-800 Dual Channel SDRAM
Graphics Card(s)
Integrated Intel GMA X4500
Sound Card
Realtek 5.1 HD Audio (ALC887)
Monitor(s) Displays
LG Flatron W1943S @ 60Hz
Screen Resolution
1360 x 768
Hard Drives
Internal - WD Caviar Blue 500GB, External - WD My Passport Essential 500GB
PSU
Headway 450w PSU
Case
Pixxo Slim Black mATX Case
Cooling
Stock Cpu Fan, 1 x Top Case Fan
Keyboard
Logitech K120
Mouse
Logitech LS1 Laser Mouse
Internet Speed
17.66Mb/s Down, 0.82Mb/s Up
Other Info
Creative SBS A300 2.1 Speaker System, LG GH22NS50 22x Internal Super-Multi DVD-RW, 2Wire 5012NV Wireless Modem Router
Oh right thanks for researching it. And please do send me the link it will help me so much!
 

My Computer

Computer Manufacturer/Model Number
Acer Aspire 5745P
OS
Window 7 Home Premium 64-Bit
CPU
Intel Core i3
Memory
3GB
Hard Drives
WD Scorpio Blue 300Gb

My Computer

Computer Manufacturer/Model Number
D3f's Customs
OS
Win 7 Ultimate SP1 x64
CPU
Intel Pentium Dual Core E5300 OC'd @ 3GHz
Motherboard
Asus P5G41-M LE
Memory
Kingston 2x2GB DDR2-800 Dual Channel SDRAM
Graphics Card(s)
Integrated Intel GMA X4500
Sound Card
Realtek 5.1 HD Audio (ALC887)
Monitor(s) Displays
LG Flatron W1943S @ 60Hz
Screen Resolution
1360 x 768
Hard Drives
Internal - WD Caviar Blue 500GB, External - WD My Passport Essential 500GB
PSU
Headway 450w PSU
Case
Pixxo Slim Black mATX Case
Cooling
Stock Cpu Fan, 1 x Top Case Fan
Keyboard
Logitech K120
Mouse
Logitech LS1 Laser Mouse
Internet Speed
17.66Mb/s Down, 0.82Mb/s Up
Other Info
Creative SBS A300 2.1 Speaker System, LG GH22NS50 22x Internal Super-Multi DVD-RW, 2Wire 5012NV Wireless Modem Router
hey I'm having the exact same problem, would you please be able to send me the links too?
 

My Computer

OS
Windows 7
tristan753 said:
hey I'm having the exact same problem, would you please be able to send me the links too?
Click to expand...
I'm unable to send it through your PM. Do enable the PM feature through your User CP. Thanks.

EDIT - Send me a PM once it's enabled. Then i'll pass you the links. Thanks.
 

My Computer

Computer Manufacturer/Model Number
D3f's Customs
OS
Win 7 Ultimate SP1 x64
CPU
Intel Pentium Dual Core E5300 OC'd @ 3GHz
Motherboard
Asus P5G41-M LE
Memory
Kingston 2x2GB DDR2-800 Dual Channel SDRAM
Graphics Card(s)
Integrated Intel GMA X4500
Sound Card
Realtek 5.1 HD Audio (ALC887)
Monitor(s) Displays
LG Flatron W1943S @ 60Hz
Screen Resolution
1360 x 768
Hard Drives
Internal - WD Caviar Blue 500GB, External - WD My Passport Essential 500GB
PSU
Headway 450w PSU
Case
Pixxo Slim Black mATX Case
Cooling
Stock Cpu Fan, 1 x Top Case Fan
Keyboard
Logitech K120
Mouse
Logitech LS1 Laser Mouse
Internet Speed
17.66Mb/s Down, 0.82Mb/s Up
Other Info
Creative SBS A300 2.1 Speaker System, LG GH22NS50 22x Internal Super-Multi DVD-RW, 2Wire 5012NV Wireless Modem Router
I am very curious about the above poster "tristan753". :zip: Just joined today and only had 1 post. Suddenly come by this thread asking for help? And states that he/she has the same issue with TS? Funny eh? Why not google her/his way for help? :confused:

Till now the user has not has not enable the PM feature. How to help?
 

My Computer

Computer Manufacturer/Model Number
D3f's Customs
OS
Win 7 Ultimate SP1 x64
CPU
Intel Pentium Dual Core E5300 OC'd @ 3GHz
Motherboard
Asus P5G41-M LE
Memory
Kingston 2x2GB DDR2-800 Dual Channel SDRAM
Graphics Card(s)
Integrated Intel GMA X4500
Sound Card
Realtek 5.1 HD Audio (ALC887)
Monitor(s) Displays
LG Flatron W1943S @ 60Hz
Screen Resolution
1360 x 768
Hard Drives
Internal - WD Caviar Blue 500GB, External - WD My Passport Essential 500GB
PSU
Headway 450w PSU
Case
Pixxo Slim Black mATX Case
Cooling
Stock Cpu Fan, 1 x Top Case Fan
Keyboard
Logitech K120
Mouse
Logitech LS1 Laser Mouse
Internet Speed
17.66Mb/s Down, 0.82Mb/s Up
Other Info
Creative SBS A300 2.1 Speaker System, LG GH22NS50 22x Internal Super-Multi DVD-RW, 2Wire 5012NV Wireless Modem Router
Ok right I stopped the scan with AVG and removed the viruses (Well AVG said it did). Without restarting I did a scan with VundoFix and nothing was found. Is it worth restarting my system then rescanning with VundoFix?
 

My Computer

Computer Manufacturer/Model Number
Acer Aspire 5745P
OS
Window 7 Home Premium 64-Bit
CPU
Intel Core i3
Memory
3GB
Hard Drives
WD Scorpio Blue 300Gb
Right ok here is an update of my situation. I belive the VUNDO has been wiped of my Computer, but in MSE a pop-up is now occuring with something called
TrojanClicker:JS/Iframe.F
I am also still getting the advertisment tabs in firefox??
 

My Computer

Computer Manufacturer/Model Number
Acer Aspire 5745P
OS
Window 7 Home Premium 64-Bit
CPU
Intel Core i3
Memory
3GB
Hard Drives
WD Scorpio Blue 300Gb
http://www.microsoft.com/security/p...rojanClicker:JS/Iframe.F&ThreatID=-2147335922

Try this: http://www.surfright.nl/en/hitmanpro
Download and scan with it.

EDIT: Actually, now when I read your posts again.
I seriously think you should run it.
It seems for me TDL rootkit symptoms... :confused:

Post screenshot after scan

see my other post: http://www.sevenforums.com/system-s...uac-disables-itself-read-more.html#post554765
I do think you have the same or similar problem.
In any case I think the same rootkit family... :(
 

My Computer

OS
Windows 7 Ultimate x86 SP1
You might want to try clearing your Java cache and then running a scan afterwards. Go to control panel/Java/settings/delete files.


Steve
 

My Computer

Computer Manufacturer/Model Number
Over Clockers Ultima Viper 2.80Ghz
OS
Windows 7 Ultimate 64 - OEM Service Pack 1
CPU
Intel Core i7 930 2.80Ghz Bloomfield Socket LGA 1366
Motherboard
Gigabyte GA-X58A-UD3R Intel X58 Socket 1366 DDR3
Memory
Patriot Viper 6GB 3x2GB DDR3 PC3-1200C9 1600Mhz Tri Channel
Graphics Card(s)
Asus ATI Radeon HD 5770 CuCore 1024MB GDDR5 PCI Express
Sound Card
Realtek ALC889 @ Intel 82801JB ICH10 - High Definition Audio
Monitor(s) Displays
Samsung SyncMaster 920N 19"
Screen Resolution
1280*1024
Hard Drives
1 x OCZ Vertex2 Series 120GB 2.5" SATA-II SSD
1 x Seagate Barracuda 7200.12 1TB SATA-II 32MB Cache
1 x Western Digital Caviar Green 2TB SATA-II 64 MB Cache
PSU
Corsair TX 650W ATX SLi
Case
Antec 902 Ultimate Gaming Case Black
Cooling
Prolimatech Megahalems Rev B CPU Cooler Socket 775/1156/1366
Keyboard
Microsoft Comfort Curve Keyboard
Mouse
Microsoft Optical USB
Internet Speed
ADSL24 FTTC 34.2 Mbps Down 7.1Mbps Up
Other Info
OcUK 22x DVDSATA ReWriter Black
Akasa AK-FN058 Apache Black Super Silent 120mm Fan
Printer Epson Stylus Photo R300
Scanner Canon Canoscan 8000F
The scan hasn't quite finished yet but has picked up a rootkit. More info look at picture below.
 

Attachments

  • Virus.PNG
    Virus.PNG
    35.1 KB · Views: 57

My Computer

Computer Manufacturer/Model Number
Acer Aspire 5745P
OS
Window 7 Home Premium 64-Bit
CPU
Intel Core i3
Memory
3GB
Hard Drives
WD Scorpio Blue 300Gb
mjwilson94 said:
The scan hasn't quite finished yet but has picked up a rootkit. More info look at picture below.
Click to expand...

ahh...
As I said TDL 3 rootkit from TDSS family. :shock:
Hopefully Hitman Pro will be able to remove it as they claim. ;)
 

My Computer

OS
Windows 7 Ultimate x86 SP1
Please run the following tool:
Extract the file and run it.
Once completed it will create a log in your C:\ drive called TDSSKiller_* (* denotes version & date)
please post the content of that log TDSSKiller
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
  • Like
Reactions: jav
You must log in or register to reply here.
Back
Top