TechSpot

Google Redirect - Vundo - Avira and MWB can't remove I've looked all over for help

By BeachJoshua
May 12, 2010
  1. I've see these programs people run and post logs on here to get help with there problems, If someone can assist me, I'd be very happy, and thankful.

    Thanks
    -Josh

    Avira
    Guard: Malware found

    Date/Time: 5/12/2010, 4:49:25 PM
    Type: Detection

    A virus or unwanted program
    'TR/Crypt.XPACK.Gen2' was found in file
    'C:\Windows\System32\bywuut.dll'

    Access to this file was denied.

    Please select a further action:

    Remove --- Details
    __________________________________________

    Basically it won't do anything about it, neither will Malwarebytes, it shows 3 registry errors and it does it every time, I've ran in safe mode also..

    What do I do now?
     
  2. BeachJoshua

    BeachJoshua TS Rookie Topic Starter Posts: 49

    I have ComboFix, ran TFC, Have that program that runs a dos window and supposed to end all malware programs [IDK what it's called because I renamed it already], also have Avira, and Malwarebytes.
     
  3. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Welcome to TechSpot, Josh. Allow me to help get your system in order.

    You begin by running preliminary virus and malware removal stead found HERE.

    Some malware will be found and removed and the logs that you leave for our review will show us what's on the system and help guide us in helping you.

    You stop running random program without guidance. You don't run any other cleaning programs or scans unless we direct you to. you don't use a Registry cleaner or make any changes in the Registry.
    [/B You should not run Combofix unless we direct you to.

    Please begin that steps and leave the logs. We'll from from there.
     
  4. BeachJoshua

    BeachJoshua TS Rookie Topic Starter Posts: 49

    I've done that about 5 times now.

    Edit - Will get those logs sorry.
     
  5. BeachJoshua

    BeachJoshua TS Rookie Topic Starter Posts: 49

    I was going to run GMER and blue screen shut down.

    At bottom it says dumping physical memory

    I'm now in safe mode with networking.

    Running Scan

    Edit: Re-Read the 8-Step, and it's now running.
     
  6. BeachJoshua

    BeachJoshua TS Rookie Topic Starter Posts: 49

    GMER and DDS attatched.
     

    Attached Files:

  7. BeachJoshua

    BeachJoshua TS Rookie Topic Starter Posts: 49

    bump? Help?
     
  8. BeachJoshua

    BeachJoshua TS Rookie Topic Starter Posts: 49

    This really sucks because I need to use my printer but I can't in safe mode...
     
  9. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    My Rule #1: You do not bump a thread unless you haven't had a reply in 72 hours. Everyone who posts in the forum has a problem and everyone wants it fixed yesterday.

    You may have run programs 5 times, but unless you leave the logs for us to review, it doesn't count!

    There are 2 parts to the DDS log- the other is named Attach.txt. Where is that?

    And since you now have Combofix on your desktop, please update and run again, leaving the report in your next reply with the Mbam log and the other part of DDS.
    You are asked to run Malwarebytes and leave the log- where is that.

    You would like help, then please follow the steps.
     
  10. BeachJoshua

    BeachJoshua TS Rookie Topic Starter Posts: 49

    I appologize, and I couldn't find the attatch file, and my mom decided it would be a good idea to reboot the comp and load it in normal mode, well I'm guessing the virus deleted the umbrella anti-virus, I'm currently on a computer at school, and when I get home at 3:45 eastern time, I'll just delete all the programs I don't need, restart the 8-step then go from there if that's a good idea.

    Thanks..

    Sorry for the bump and what not.
     
  11. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    That sounds good. Also keep in mind that if you need to change something in your reply and there is no post after it, you can use the Edit feature instead of a new reply.
     
  12. BeachJoshua

    BeachJoshua TS Rookie Topic Starter Posts: 49

    I have an issue... I rebooted in safe mode, Reinstalled avira, now the update has an error that gives random character sometimes Japanese symbols etc.. I'm assuming this is the virus seeing as after my mom booted it in normal mode, the avira had been uninstalled, what do I do now?
     
  13. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Okay, it's really tough to try and help someone when they want to go off and do their own thing! This is your mom's computer- is that right? Why do you go back and forth from Normal to Safe Mode?
    • "I have ComboFix"> - mistake. You don't run that unless a helper instructs you to.
    • ". ran TFC"- okay but just for cleaning temporary internet files.
    • " Have that program that runs a dos window and supposed to end all malware programs [IDK what it's called because I renamed it already]"
      IDK is a 'design and development site: http://www.idk.com/,
    • "also have Avira"- so why did you uninstall it?
    • " and Malwarebytes."- where is log?

    Could you put your mom on?
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...