Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Thanks! (win32.brontok fake)


  • Please log in to reply
No replies to this topic

#1 creat0r

creat0r

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 10 July 2009 - 04:16 PM

Just wanted to show my gratitude towards the guys who are helping 'infected' people around here.
You really are helping people out in a nice (and expert) kind of way.
I got this fake brontok infection a couple of days ago which redirected me to perfect defender 2009 and keeps shutting down my IE and firefox. It all happened after an unexpected shutdown.
Thanks to the hard working people around here I found the solution on this forum. There were multiple topics dealing with this problem.

Here's what i did:
download combofix, rename and execute
once done I ran combofix (renamend) /u
(result: fake virus seemed to be gone)

afterwards my computer kept on rattling (but was working nonetheless), this was due to my virusscanner (avira free) which didn't react the way it should. So i removed it, restarted the computer and reinstalled it.
(result: no more rattling)

Then i downloaded ATF cleaner, malwarebytes (nothing found) and superantispyware (found some, don't know if it was related to the fake brontok virus). Afterwards I updated my windows xp (still on SP2 though) and JAVA to the latest version.

Hijackthis doesn't show any suspicious entries
Everything seems to be the way it should, but maybe I'm still missing something?

Thanks again!

Jan (Netherlands)

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users