Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Some clean-up and Vundo


  • Please log in to reply
No replies to this topic

#1 tipped_a

tipped_a

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 18 April 2009 - 08:54 PM

OS: Windows XP

1: Relating to the fake Trojan.Zlob.G/Defender 2009 alert crap
This was FIXED, but I wanted to know what else I should get rid of that was left behind by it. Some people have mentioned exe files like merman, losi, etc. in Application Data folders, which I have noticed. I'd guess that's about it?

It appeared around December 2008 on the 7th, I think. The main problem files and prefetch were removed on that day or the next, so I haven't had any issues since then.

2: Vundo/Vundo.H
MBAM seems to have cleared this up, as well as some adware. I ran it as soon as I could.

This one happened a few days ago on the 15th. I was getting junky pop-ups through IE even though I was using Firefox. Norton was blocking things trying to come through, maybe through Vundo, but ended up hanging on something that it couldn't manage. After that, I ran quick and full scans with it, which only caught tracking cookies. Then, I ran MBAM on full scan, and that got rid of things. I ran it a second time (again on full scan) and it found nothing. CCleaner also doesn't list the items in startup anymore.

I just want to make sure that traces of it (and the other) are completely cleared whether they're actually a threat or not. I was considering getting ComboFix, but read that only someone who knows what they're doing should instruct on using it.

Not sure if this is relevant: There was an error that appeared a few times in a row while Vundo was still getting detected by MBAM. I didn't manage to copy down the name because I was trying to steadily get rid of the problem. However, after looking through Prefetch, I think it was icwconn1.

Other Notes: I'm already figuring out what needs to be updated - specifically Acrobat/Adobe which may or may not have been connected to both problems. The dumb thing is I wasn't even using it either time, but I know I saw the process running during the more recent one. I don't know whether I want to switch off to Foxit or install the new version. I think I might need some help on removing all of the older versions of Acrobat files no matter which way I go. Other than that, I did update Java RE, and I'll try Secunia afterward.

Edit: Tried to unclutter it a bit more and fixed some things. Still a little tired, so I hope it makes sense.

Edited by tipped_a, 19 April 2009 - 08:17 PM.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users