Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan.vundo, Downloader And Trojan Hours Help


  • Please log in to reply
23 replies to this topic

#1 smartsites

smartsites

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 27 September 2007 - 01:13 PM

Hi,

I did a Nortan scan and It found these 3 but can't quaranteen them or clean them. I've seen many people here do something with a Hijack this or something. This is my first time here so please help me get these off my system.

BC AdBot (Login to Remove)

 


#2 phantom_18

phantom_18

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:54 AM

Posted 27 September 2007 - 01:15 PM

Do you have Norton scan full version?

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,479 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:54 AM

Posted 27 September 2007 - 02:14 PM

Follow the the instructions for using Vundofix in BC's self-help tutorial "How To Remove Vundo/Winfixer Infection".
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 smartsites

smartsites
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 27 September 2007 - 03:16 PM

yes full version. Actually I did the vundofix and it said no virus found, then i did a scan and it said no virus found. But the Norton dialup window keeps popping up telline me I have the following viruses:


Trojan.Vundo 127
Trojan.Horse 129
Downloader 2
WinFixer 92

#5 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:54 AM

Posted 27 September 2007 - 03:27 PM

Run the two programs below. Let us know if they find Vundo and which location it was found in.

Install Super Antispyware. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

Run the online scan for Bit Defender in normal mode. Allow it to quarantine whatever it finds.
http://www.bitdefender.com/scan8/ie.html

How to Start Windows in Safe Mode:
http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 smartsites

smartsites
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 27 September 2007 - 03:50 PM

I have to leave now but I will do that tonight and post back here in the morning. Thanks for the help.

#7 smartsites

smartsites
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 28 September 2007 - 08:52 AM

Is there anyway to run bitdefender locally? I can't plug into the internet cuz i'm on a network and I don't want to infect anyone else so I don't have internet right now.

#8 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:54 AM

Posted 28 September 2007 - 09:38 AM

The Bit Defender scan is an "ONLINE scan".
Have you run the Super Antispyware scan? Did it find Vundo?
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 smartsites

smartsites
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 28 September 2007 - 10:43 AM

How about spybot search and destroy? I'm told because this is a business computer this is the only freeware we can use?

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,479 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:54 AM

Posted 28 September 2007 - 10:59 AM

You can try as Spybot will detect/remove some vundo related files but it doesn't usually get all of them.

Some variants of vundo may not be detected by vundofix so the "add more files" option is another way of ridding this malware. These files need to be identified and posting a hijackthis log will enable an expert to advise you which files to add if you continue to have problems. If the infection remains after following the steps in the self-help guide, then you should post a hijackthis log.

If you can download and use Hijackthis on your computer, then do this.

Please read and follow all instructions in the pinned topic titled "Preparation Guide For Use Before Posting A Hijackthis Log". You may have performed some of these steps already. If you can't perform a step, then skip and continue with the next. In step #9 there are instructions for downloading HijackThis and creating a log. (This is a self-extracting version which will automatically install HJT in the proper location.)

However, you need to rename HijackThis before using it and saving a log as some variants of this malware will hide certain entries in a hijackthis log to prevent detection.
  • Open Windows Explorer and navigate to the HijackThis Folder.
  • Right-click on the HijackThis.exe file and select "rename".
  • Type Scanner.exe and hit "Enter".
  • Double-click on Scanner.exe (which is still HijackThis) to run a scan, save the log file and copy/paste it into a new topic in the HijackThis Logs and Analysis Forum, NOT here, for assistance by the HJT Team Experts.
Give your topic, a relevant title and post your log along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. Please include the top portion of the HijackThis log that lists version information. An expert will analyze your log and reply with instructions advising you what to fix.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:54 AM

Posted 28 September 2007 - 11:28 AM

Are you the administrator of this computer? If not, then you will have problems removing the malware. Installing programs require admin rights.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#12 smartsites

smartsites
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 01 October 2007 - 12:47 PM

I'm sorry for not getting back to you guys. I am the adminstrator of this computer. I'm currently running norton antivirus full on this system and I will let you know what I find.

#13 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:54 AM

Posted 01 October 2007 - 01:14 PM

You can download, legally, the full free trial version of Super Antispyware.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#14 smartsites

smartsites
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 01 October 2007 - 01:46 PM

Windows XP
Ok It found trojan.byteverify and cleaned it and one with no name attached to file loaderadv721.jar-30038fb2-59257fba.zip

Threat type compressed file

Windows 2000
this is on one computer and on my other computer has
W32.RICbot (12) times

#15 smartsites

smartsites
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 01 October 2007 - 01:50 PM

On the Windows 2000 computer it says all 12 were quarantined succcessfully, so do I take action to delete them or what?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users