ComputerForum.com ComputerForum.com  
Go Back   Computer Forum > Computer Software > Computer Security
How to get rid of Vundo Infection? How to get rid of Vundo Infection?
Register FAQ Members List Calendar Mark Forums Read

Reply
Page 2 of 3 < 1 2 3 >
 
LinkBack Thread Tools Display Modes
Old 05-23-2008, 08:44 PM   #11 (permalink)
Diamond Member
 
Punk's Avatar
 
Join Date: Jan 2007
Location: France
Age: 18
Posts: 4,896
Default
Quote:
Originally Posted by GameMaster View Post
No those are Trojans I doubt they're gone. Please when you get back on the infected computer, do as suggested.
Avenger doesn't work on Vista...

Quote:
Originally Posted by instructions
Windows XP 32 bit systems only
__________________
Punk's anti-hackers website
Punk's Website making and registering tutorial!

Rise And Fall, Rage And Grace

The Offspring!

Huck it!
I just want to be who I want to be
guess that's hard for others to see
Punk is offline   Reply With Quote


Old 05-23-2008, 08:44 PM   #12 (permalink)
Diamond Member
 
g25racer's Avatar
 
Join Date: Feb 2008
Location: Hamilton, MI
Posts: 3,852
Default
Im on vista though! Can I still use Avenger?

Edit: Srry missed that comment. So what should I do now?
__________________
CPU - AMD Athlon 64x2 5200+ @ 2.6ghz
Ram - 2GB Stock clock
HD - 320gb seagate & Samsung 750gb 32mb cache
GPU - XFX 8600GT XXX Zalman @ 680 or 700mhz
PSU - Ultra X-finity 600watt
OS - Vista Home Premium(32) & Ubuntu (8.04) Ultimate Ed
Audio - JVC 460watts
Control - Logitech G25 Wheel & Logitech Rumblepad 2
Games - GTR2 and LFS
-- Race Sim's for Life --
g25racer is offline   Reply With Quote
Old 05-23-2008, 08:52 PM   #13 (permalink)
Diamond Member
 
GameMaster's Avatar
 
Join Date: Dec 2007
Location: Croatia
Age: 16
Posts: 3,936
Default
Lol ComboFix Script would be a great idea...too bad it can't be used

Pocket Killbox deletes files that cannot be erased from Windows Explorer. Get rid of files that stubbornly refuse to allow you to delete them. Usage Information: Download this file, extract it, and run the killbox.exe file. When it loads type the full path to the file you would like to delete in the field and press the Delete File button (looks like a red circle with a white X). It will prompt you to reboot, allow it to do so, and hopefully your file will now be deleted.

Download it here and delete those files].
__________________
dznutz:
Quote:
a firewall is like a gate. it keeps the bad people out and the dog in but it's not fool proof. but lets say you download and run an infected program. that will be like letting in a "friend." if it's infected you run that program you can get malware. that's like a friend raping your family and stealing your money.
GameMaster is offline   Reply With Quote
Old 05-23-2008, 08:55 PM   #14 (permalink)
Diamond Member
 
g25racer's Avatar
 
Join Date: Feb 2008
Location: Hamilton, MI
Posts: 3,852
Default
What about the drivers?
__________________
CPU - AMD Athlon 64x2 5200+ @ 2.6ghz
Ram - 2GB Stock clock
HD - 320gb seagate & Samsung 750gb 32mb cache
GPU - XFX 8600GT XXX Zalman @ 680 or 700mhz
PSU - Ultra X-finity 600watt
OS - Vista Home Premium(32) & Ubuntu (8.04) Ultimate Ed
Audio - JVC 460watts
Control - Logitech G25 Wheel & Logitech Rumblepad 2
Games - GTR2 and LFS
-- Race Sim's for Life --
g25racer is offline   Reply With Quote
Old 05-23-2008, 08:58 PM   #15 (permalink)
Diamond Member
 
g25racer's Avatar
 
Join Date: Feb 2008
Location: Hamilton, MI
Posts: 3,852
Default
So all of those files I was able to delete just by right clicking them and deleting except for the driver. I didnt attempt to delete it yet so what shall i do with it?
__________________
CPU - AMD Athlon 64x2 5200+ @ 2.6ghz
Ram - 2GB Stock clock
HD - 320gb seagate & Samsung 750gb 32mb cache
GPU - XFX 8600GT XXX Zalman @ 680 or 700mhz
PSU - Ultra X-finity 600watt
OS - Vista Home Premium(32) & Ubuntu (8.04) Ultimate Ed
Audio - JVC 460watts
Control - Logitech G25 Wheel & Logitech Rumblepad 2
Games - GTR2 and LFS
-- Race Sim's for Life --
g25racer is offline   Reply With Quote


Old 05-23-2008, 08:58 PM   #16 (permalink)
Diamond Member
 
GameMaster's Avatar
 
Join Date: Dec 2007
Location: Croatia
Age: 16
Posts: 3,936
Default
Killbox doesn't make a difference, don't worry. That driver is also a file to get deleted.
__________________
dznutz:
Quote:
a firewall is like a gate. it keeps the bad people out and the dog in but it's not fool proof. but lets say you download and run an infected program. that will be like letting in a "friend." if it's infected you run that program you can get malware. that's like a friend raping your family and stealing your money.
GameMaster is offline   Reply With Quote
Old 05-23-2008, 09:03 PM   #17 (permalink)
Diamond Member
 
g25racer's Avatar
 
Join Date: Feb 2008
Location: Hamilton, MI
Posts: 3,852
Default
Killbox says the driver file does not exist so I guess its already gone.
__________________
CPU - AMD Athlon 64x2 5200+ @ 2.6ghz
Ram - 2GB Stock clock
HD - 320gb seagate & Samsung 750gb 32mb cache
GPU - XFX 8600GT XXX Zalman @ 680 or 700mhz
PSU - Ultra X-finity 600watt
OS - Vista Home Premium(32) & Ubuntu (8.04) Ultimate Ed
Audio - JVC 460watts
Control - Logitech G25 Wheel & Logitech Rumblepad 2
Games - GTR2 and LFS
-- Race Sim's for Life --
g25racer is offline   Reply With Quote
Old 05-23-2008, 09:05 PM   #18 (permalink)
Diamond Member
 
GameMaster's Avatar
 
Join Date: Dec 2007
Location: Croatia
Age: 16
Posts: 3,936
Default
Yeah! Only how...? Lol, I guess it's not important anymore.
Would you post a HijackThis log so I can see if it's all fixed?
Also, how is your computer running now? Any lags or virus notices?
__________________
dznutz:
Quote:
a firewall is like a gate. it keeps the bad people out and the dog in but it's not fool proof. but lets say you download and run an infected program. that will be like letting in a "friend." if it's infected you run that program you can get malware. that's like a friend raping your family and stealing your money.
GameMaster is offline   Reply With Quote
Old 05-23-2008, 09:09 PM   #19 (permalink)
Diamond Member
 
g25racer's Avatar
 
Join Date: Feb 2008
Location: Hamilton, MI
Posts: 3,852
Default
No lags or virus notices so far and I left my pc on all night last night to see if a avast would warn me. Thanks for the help once again. I am fairly good at diagnosing with hijackthis but heres my clean log anyway.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:11:51 PM, on 5/23/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.06\RivaTuner.exe" /S
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Logitech Gaming Software.lnk = ?
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 3356 bytes
__________________
CPU - AMD Athlon 64x2 5200+ @ 2.6ghz
Ram - 2GB Stock clock
HD - 320gb seagate & Samsung 750gb 32mb cache
GPU - XFX 8600GT XXX Zalman @ 680 or 700mhz
PSU - Ultra X-finity 600watt
OS - Vista Home Premium(32) & Ubuntu (8.04) Ultimate Ed
Audio - JVC 460watts
Control - Logitech G25 Wheel & Logitech Rumblepad 2
Games - GTR2 and LFS
-- Race Sim's for Life --
g25racer is offline   Reply With Quote
Old 05-23-2008, 09:11 PM   #20 (permalink)
Diamond Member
 
GameMaster's Avatar
 
Join Date: Dec 2007
Location: Croatia
Age: 16
Posts: 3,936
Default
Yeah lol, clean. Get back if you get some virus warning.
__________________
dznutz:
Quote:
a firewall is like a gate. it keeps the bad people out and the dog in but it's not fool proof. but lets say you download and run an infected program. that will be like letting in a "friend." if it's infected you run that program you can get malware. that's like a friend raping your family and stealing your money.
GameMaster is offline   Reply With Quote
Reply
Page 2 of 3 < 1 2 3 >

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Scans clean, still saying 1 spyware infection. hijackthis log Washrag Computer Security 17 04-14-2008 11:51 AM
HJT Log (vundo) Ceewi1 please vroom_skies Computer Security 5 03-27-2008 07:47 AM
I cant seem to get rid of this virus! please help dwarfy.mafia Computer Security 14 10-17-2006 08:43 PM
how do i get rid of this at boot Jarbilong Operating Systems 2 06-21-2006 08:49 AM
cant get rid of work off line pop up? rhondas Operating Systems 6 01-28-2006 11:47 AM

All times are GMT +1. The time now is 08:39 PM.

Contact Us - Computer Forum - Sitemap - Top

Powered by: vBulletin Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 ©2008, Crawlability, Inc.
Copyright © 2002-2008 Computer Forum and Web Design Forum