Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan: win32/Conhook.D and Vundo.gen!y


  • This topic is locked This topic is locked
2 replies to this topic

#1 Jim J

Jim J

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:12:27 PM

Posted 25 December 2008 - 12:40 AM

Windows defender is giving me the warning I have Trojan:32/Conhook.D but it is not able to remove them. This is after using SDFix to remove the virtumonde trojan.

With Virtumonde I was getting a lot of popups, prevented from getting Windows updates, McAfee Antivirus was acting strange. Spybot search and dsetroy could tell me I had Virtumonde and Vundo but could not remove them.

SDFix seemed to remove the virtumonde but appears it is leaving the Conhook. I ran SDfix in the safe mode and it rebooted and ran in the regular mode and gave me a cdlean beill of health then defender notified me of the Conhook. D and Vundo.

After that the intenet browser came on and the computer locked up or is busy backgroound scanning something, I can't make it fo anything. There is no ahrd drive activity gooing on. Juast an Hour glass when the cursor is in the tray.

I am typing this on another computer now, I am concerned about hooking my infected computer to the internet.

I have attached SDFix and DDS reports

Attached Files



BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:01:27 PM

Posted 06 January 2009 - 05:53 PM

Hello Jim J,

Posted Image

Sorry about the delay.:thumbsup: If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Please do this:
1. Download HijackThis™ here:
http://www.trendsecure.com/portal/en-US/th.../hijackthis.php

2. Click 'Do a System Scan and Save log'.
The HJT log will open in notepad.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:01:27 PM

Posted 23 January 2009 - 04:50 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users