Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Detected 3 Threats! Need Help Removing


  • Please log in to reply
7 replies to this topic

#1 UofM

UofM

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 22 May 2007 - 10:53 AM

Windows Defender has detected the following 3 threats on my system and I need help removing them:

Program: Win32/Winfixer
Spyware: Win32/C2Lop.A
Adware: Win32/Virtumonde.A


Can someone help me with the removal of these threats please?

Thanks SO much!

BC AdBot (Login to Remove)

 


#2 TMacK

TMacK

  • Members
  • 4,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B.C. Canada
  • Local time:07:09 PM

Posted 22 May 2007 - 11:26 AM

Follow the instructions in How to Remove WinFixer / Virtumonde .

Then download and install SUPERAntiSpyware. Run the scan in Safe Mode and allow it to quarantine whatever it finds.
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.

aaaaaaaa a~Suzie Wagner

#3 buddy215

buddy215

  • Moderator
  • 13,410 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:09 PM

Posted 22 May 2007 - 11:32 AM

Please download http://www.atribune.org/content/view/24/2/
to your desktop.
Double-click VundoFix.exe to run it.
Click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will reboot your computer, click OK.

Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above
instructions starting from "Click the Scan for Vundo button." when
VundoFix appears at reboot.

--------------------------------------------------------------------------------

Install Super Antispyware. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

Run the online scan for Bit Defender in normal mode. Allow it to quarantine whatever it finds.
http://www.bitdefender.com/scan8/ie.html

--------------------------------------------------------------------------------

Post a Hijack This log in the Hijack This Forum by following the directions in the link below if the programs above have not removed ALL malware. DO NOT post the log in this forum.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
--------------------------------------------------------------------------------

How To start Windows in Safe Mode
http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/
--------------------------------------------------------------------------------

Have you tried using the lop uninstaller I mentioned in your other post?

Try using Lop's own uninstaller. Link to uninstaller and information in link below.
Please let me know if the uninstaller works. There is also info there for manual uninstall.
http://www.pchell.com/support/opensearchweb.shtml
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#4 UofM

UofM
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 22 May 2007 - 05:00 PM

I did the aforementioned things but when I ran Windows Defender after doing them it still listed the 3 threats. I removed them all and am running SUPERAntiSpyware again now to see the progress.

Any ideas?

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,932 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:09 PM

Posted 22 May 2007 - 08:45 PM

Open Defender, click on History and let us know exactly what it is showing for these entries in the bottom pane.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 buddy215

buddy215

  • Moderator
  • 13,410 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:09 PM

Posted 22 May 2007 - 09:47 PM

Quietman7--He is referring to the three items in his first post, I think.

VirtumundoBegone (if VundoFix does not work)
http://www.bleepingcomputer.com/forums/t/18610/how-to-remove-winfixer-virtumonde-msevents-trojanvundob/
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 TMacK

TMacK

  • Members
  • 4,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B.C. Canada
  • Local time:07:09 PM

Posted 22 May 2007 - 10:13 PM

Duplication of removal instructions buddy215.
Provided UofM with that link in post #2.
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.

aaaaaaaa a~Suzie Wagner

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,932 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:09 PM

Posted 23 May 2007 - 04:16 AM

I want to know the details of those three entries mentioned in the first posting. The History section will provide that to include file path, resources and other information.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users