Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virtumonde/vundo Infection


  • Please log in to reply
5 replies to this topic

#1 Alanpfds

Alanpfds

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 02 May 2008 - 06:58 PM

Mcafee indicated I was infected by the Vundo trojan horse. I was receiving pop-ups urging me to download anti-virus software, and pop-ups windows advertising various other sites began appearing on my machine. Additionally, both IE7 and Firefox attempting to open up tabs pointing to IP addresses (and not URLs) continuously.

I following the instructions for running Combofix and have done so and would like to post the Combofix and Hijackthis logs here. It seems that the pop-ups have stopped and my system/browsers are very responsive, and so I would appreciate comfirmation that the problems have been resolved and all malware has been removed.

Many thanks,
Alan in Montreal

BC AdBot (Login to Remove)

 


#2 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:06:35 PM

Posted 03 May 2008 - 02:01 AM

If you think it's clean then why not do a scan or two and verify it is and then not waste the time of the experts who have too much on their hand already

If you post a combo fix log or a hjt one you will automatically be put into the que for their help.

And furthermore noone is encouraged to run combofix except under the supervision of a trained expert.

It's a very dangerous tool, it has to be, kind of like chemotherapy or radiation treatment for cancer.

http://www.kaspersky.com/virusscanner

this is a good online scanner and the log may tell us what has gone on?
Chewy

No. Try not. Do... or do not. There is no try.

#3 Alanpfds

Alanpfds
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 03 May 2008 - 08:59 AM

Well, I was following the instructions in the Combofix FAQ on this site, which indicates how to run the software, and then at the end, encourages users to post their logs, but to ask for permission to do so first. I will run the scan that you suggest, but I'm perplexed as to why the FAQ about Combofix instructs users to do what I did, when you don't believe it is what I should be doing. I'll post the log from Kapersky when the scan is done. Thanks.

#4 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:11:35 PM

Posted 03 May 2008 - 05:41 PM

When posting your problem, do not run and post a ComboFix logs. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.


erm..one can read up about running a tool as I do with some of them ;BUT to actually RUN them on one's computer is another matter
DO post your log from Kapersky though ; what other protection programs are on board and when did you last run THEM ( NOT the combofix though)??

#5 Alanpfds

Alanpfds
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 03 May 2008 - 08:21 PM

OK - I was wrong on this one. The FAQ does say to only run the tool upon the advice of an expert. Sorry about that.

Edited by Alanpfds, 03 May 2008 - 08:24 PM.


#6 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:11:35 PM

Posted 04 May 2008 - 08:44 AM

what other protection programs are on board and have you yet run THEM on full computer scans?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users