Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Removed Trojan:Win32\Vigorf.A and Adware.DNSUnlocker, but think there’


  • Please log in to reply
3 replies to this topic

#1 nandina

nandina

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:20 AM

Posted 26 February 2018 - 06:44 PM

Microsoft Windows 7 Pro, 6.1.7601 Service Pack 1 Build 7601

Removed Trojan:Win32\Vigorf.A and Adware.DNSUnlocker.generic, but think theres more.

The abnormal behavior Ive found seems pretty varied to me, so I suspect some central source.
Id had remote access disabled previously, and confirmed that it was still off. Yet I felt someone else was performing actions.
Since, Ive been careful to have wi-fi disabled on the keyboard.

Please, could someone help me thoroughly vet my HP laptop after malware removal?

This was the sequence as near as I can remember it;
Could not finish downloading (hang) updates for MS Security Essentials. Did so in SAFE MODE, ran a scan and found:
Trojan:Win32\Vigorf.A

Next the mouse cursor jammed itself into upper right corner of screen.
Dont know if this was related or merely coincidental. Mouse worked for a while in SAFE MODE, but then misbehaved as it did in regular Window start.
I installed Smart Driver Updater Pro and it did the trick.

Malware bytes performed a scan and while scanning found 43 threats (PUPs and malware) but did NOT quarantine them. When I looked at the scan report it read no action taken. This was not normal behavior.

Found Adware.DNSUnlocker.generic Registry Value

Found cassiopesa had inserted itself in scan exclusions

I have now removed AVs and am trying to install BitDefender with their tech support because Im getting a server error.

Prior to this mess Id downloaded and installed Crazy Talk animation trial. I scanned the file before installing it and nothing was found.

Doing System Restore to pre Crazy Talk install seemed to make no difference.

Thank you BC!

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,406 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:20 AM

Posted 28 February 2018 - 06:38 AM

Please follow the instructions in the Malware Removal and Log Section Preparation Guide starting at Step 6.

  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running FRST which will create two logs.

When you have done that, post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team.

Start a new topic, give it a relevant title and post your log(s) along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. If you cannot produce any of the required logs...start the new topic anyway. Explain that you followed the Prep. Guide, were unable to create the logs, and describe what happened when you tried to create them. A member of the Malware Removal Team will walk you through, step by step, on how to clean your computer.

After doing this, please reply back in this thread with a link to the new topic so we can close this one.

 

DO NOT bump your new topic. Wait for a response from one of the Team Members.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 nandina

nandina
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:20 AM

Posted 05 March 2018 - 12:48 PM

Sorry for the delay. Windows will not now start.
This computer cannot be repaired automatically
ntoskrnl.exe is corrupted
Any advice?

#4 buddy215

buddy215

  • Moderator
  • 13,406 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:20 AM

Posted 05 March 2018 - 01:27 PM

Do you have a Repair Disk? If not...if you have access to another Windows 7 computer you can create one.

System Repair Disc - Create - Windows 7 Help Forums

 

 

 

2807d1231990641-system-repair-disc-creat


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users