Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infection Pakes/Vundo/Internet security 2010


  • Please log in to reply
3 replies to this topic

#1 kingmaxpower

kingmaxpower

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:12 PM

Posted 14 February 2010 - 05:01 PM

I had AVG come up with a pakes.EOX detection earlier today. I removed it to the virus vault, then ran superantispyware which came up with 4 entries (vundo variant, trojan.dropper/GEN PHP).

I tried running malewarebytes but it is non-responsive, tried downloading but it is says the files are corrupt, and won't let you go to a website to download it.

Currently I keep getting Internet Security 2010 garbage popping up on my screen, and changed desktop background.

Help is appreciated.

Edited by Orange Blossom, 14 February 2010 - 09:46 PM.
Move to AII. ~ OB


BC AdBot (Login to Remove)

 


#2 Sashacat

Sashacat

  • Members
  • 372 posts
  • OFFLINE
  •  
  • Local time:06:12 PM

Posted 16 February 2010 - 03:54 PM

Rkill:
http://www.technibble.com/rkill-repair-tool-of-the-week/

Autoruns:
http://technet.microsoft.com/en-us/sysinte...s/bb963902.aspx

Remove Internet Security 2010 (Uninstall Guide)
http://www.bleepingcomputer.com/virus-remo...t-security-2010

For those having trouble running Malwarebytes Anti-Malware
http://www.bleepingcomputer.com/forums/t/267354/for-those-having-trouble-running-malwarebytes-anti-malware/

Please report back.
If we don't change the direction we are going,
We are likely to end up where we are headed.

#3 kingmaxpower

kingmaxpower
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:12 PM

Posted 17 February 2010 - 11:21 AM

Thanks,

I managed to start up the computer in safe mode and downloaded malewarebytes. In safe mode I was able to actually run it, which came up with infections that I cleared out. I ran mwb again until it stopped finding infections. I did this before your post, and ran Rkill and re-ran malewarebytes which came up with nothing. I'm no longer having popups from IS 2010, or seeing any effects.

#4 Sashacat

Sashacat

  • Members
  • 372 posts
  • OFFLINE
  •  
  • Local time:06:12 PM

Posted 17 February 2010 - 09:15 PM

Glad to hear your computer is better. That's great news :thumbsup:

Since infections were found/fixed, I would turn off System Restore (deleting ALL restore points, to ensure that no infected restore points remain on your computer).
To turn off System Restore, go to Control Panel, System, System Restore tab,
put a checkmark in "Turn Off System Restore" and hit Apply.

(After you are sure everything is fixed, you will probably want to turn System Restore back on. To turn System Restore back on, go to Control Panel, System, System Restore tab, click to take the checkmark out of "Turn Off System Restore" and hit Apply. Then hit OK to close. )

Anytime an infection is found/fixed, I would advise to run all scans again, to ensure ALL scans come up "clean" (zero infections).

If you don't already have/use CCleaner, it is a good program, and it's free. Take the tour, see what the program does, look at the screen shots. It not only cleans your computer, it also has a Registry tool that will check for/fix registry errors, and it also has an "uninstall programs" tool and a "startup" tool (you can remove items from Startup).
The website for CCleaner is: http://www.ccleaner.com/

If you don't have a firewall, you need a firewall running at all times.
Please see item #5 in this topic regarding use of a firewall:
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
ZoneAlarm offers a free firewall, and there's a link to it here:
Freeware Replacements For Common Commercial Apps
http://www.bleepingcomputer.com/forums/topic3616.html
I have used ZoneAlarm and like it.

You need to have an antivirus program running at all times.
You now have AVG. Make sure it is updated daily, scans daily, and DO check the scan results daily.

For me, personally, I run CCleaner DAILY (when I am done using the internet) because trash/junk accumulates, and makes my computer run slower, and that makes me CRAZY.
With regular use of CCleaner, you will see that AVG accumulates approx 50mb ea day that CCleaner will delete.
I used to use ATF Cleaner, and liked it. Then I found CCleaner, and liked that better. (Just a matter of personal preference. There wasn't anything wrong with ATF Cleaner.)

A good alternative (if you are interested) to AVG Free is Avast.
You can find a link to Avast here:
Freeware Replacements For Common Commercial Apps
http://www.bleepingcomputer.com/forums/topic3616.html
(I saw a comment from a Moderator on this site, that said they use Avast, so that means it is reputable.)

One of the most important tools of Prevention is KNOWLEDGE.
PLEASE take the time to read (and read again):
How Malware Spreads - How did I get infected

http://www.bleepingcomputer.com/forums/t/287710/how-malware-spreads-how-did-i-get-infected/

How Did I Get Infected?, With steps so it does not happen again!
http://www.bleepingcomputer.com/forums/t/2520/how-did-i-get-infected/


You don't have to have SUPERAntiSpyware or Malwarebytes' Anti-Malware running on boot, or running constantly.
They ARE good tools though, and you may want to consider taking the time to keep them updated, and scan every couple of days or so, just to be sure. You can always set either one of them to scan right before you go to bed, and leave the computer running (you can disconnnect the internet if that is a matter of personal preference to not leave the internet connected all night) to scan. That way, a scan with either SUPERAntiSpyware or Malwarebytes' can run when you are not actively using the computer.

It takes less time to do these preventative measures, than it does to fix these things.

:flowers: That's all folks :trumpet:
If we don't change the direction we are going,
We are likely to end up where we are headed.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users