Pesky trojan, IE pop ups
- Thread starter cheeseman
- Start date
- Status
momok
Posts: 2,127 +6
Hello and welcome to Techspot. =)
Your system is infected with a trojan.
Download Vundofix from HERE.
Double click the Vundofix.exe to run it.
Right click in the vundofix window and click add files.
Enter the following file path/s to the files you want Vundofix to delete and click the add files button, followed by the close window button:
C:\WINDOWS\system32\fccccdc.dll
C:\WINDOWS\System32\gebya.dll
Click the remove vundo button and let Vundofix do its stuff.
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will shutdown your computer, click OK.
Turn your computer back on.
After you are done, please post a fresh HJT, C:\vundofix.txt, AVG Antispyware log from normal mode as an attachment into this thread.
For AVG Antispyware instructions please see HERE.
PS. May I also suggest that you upgrade to Windows XP SP 2.
Regards,
Your friendly Momok =)
This thread is for the use of cheeseman only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Your system is infected with a trojan.
Download Vundofix from HERE.
Double click the Vundofix.exe to run it.
Right click in the vundofix window and click add files.
Enter the following file path/s to the files you want Vundofix to delete and click the add files button, followed by the close window button:
C:\WINDOWS\system32\fccccdc.dll
C:\WINDOWS\System32\gebya.dll
Click the remove vundo button and let Vundofix do its stuff.
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will shutdown your computer, click OK.
Turn your computer back on.
After you are done, please post a fresh HJT, C:\vundofix.txt, AVG Antispyware log from normal mode as an attachment into this thread.
For AVG Antispyware instructions please see HERE.
PS. May I also suggest that you upgrade to Windows XP SP 2.
Regards,
Your friendly Momok =)
This thread is for the use of cheeseman only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
momok
Posts: 2,127 +6
Hi,
I noticed some entries in your AVG log showed 'ignored'.
You may wish to copy and paste these instructions on notepad for easier reference later.
Boot into safe mode under your normal user name. See how HERE
Next turn on "Show all files and folders, including hidden and system". See how HERE
Open your task manager by pressing holding ctrl, alt and pressing del. Alternatively, use ctrl + shift + esc. Go to the processes tab, and end the following processes, if found:
Update.exe
asappsrv.dll
command.exe
After that, run HijackThis and fix the following entries, if found (do this by placing a tick in the check boxes beside these entries and clicking "Fix checked"):
O2 - BHO: (no name) - {8EBE6D20-55AE-4DE5-B9A6-C4530A3F4073} - C:\WINDOWS\system32\fccccdc.dll (file missing)
O2 - BHO: (no name) - {DF12B4E9-5EFB-4ECA-868C-782693EBFEC8} - C:\WINDOWS\System32\gebya.dll (file missing)
Close HJT.
Run an AVG scan again, and clean all infected files.
Navigate in Windows explorer and manually remove these files in bold (if found):
C:\Program Files\Common Files\{A092F97E-0960-1033-0717-06031706003d}\Update.exe
C:\WINDOWS\THVuaXRocmF4\asappsrv.dll
C:\WINDOWS\THVuaXRocmF4\command.exe
Reboot into normal mode and rehide your protected OS files.
Thereafter, please post a fresh HJT and AVG Antispyware log from normal mode as an attachment into this thread.
Regards,
Your friendly Momok =)
This thread is for the use of cheeseman only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
I noticed some entries in your AVG log showed 'ignored'.
You may wish to copy and paste these instructions on notepad for easier reference later.
Boot into safe mode under your normal user name. See how HERE
Next turn on "Show all files and folders, including hidden and system". See how HERE
Open your task manager by pressing holding ctrl, alt and pressing del. Alternatively, use ctrl + shift + esc. Go to the processes tab, and end the following processes, if found:
Update.exe
asappsrv.dll
command.exe
After that, run HijackThis and fix the following entries, if found (do this by placing a tick in the check boxes beside these entries and clicking "Fix checked"):
O2 - BHO: (no name) - {8EBE6D20-55AE-4DE5-B9A6-C4530A3F4073} - C:\WINDOWS\system32\fccccdc.dll (file missing)
O2 - BHO: (no name) - {DF12B4E9-5EFB-4ECA-868C-782693EBFEC8} - C:\WINDOWS\System32\gebya.dll (file missing)
Close HJT.
Run an AVG scan again, and clean all infected files.
Navigate in Windows explorer and manually remove these files in bold (if found):
C:\Program Files\Common Files\{A092F97E-0960-1033-0717-06031706003d}\Update.exe
C:\WINDOWS\THVuaXRocmF4\asappsrv.dll
C:\WINDOWS\THVuaXRocmF4\command.exe
Reboot into normal mode and rehide your protected OS files.
Thereafter, please post a fresh HJT and AVG Antispyware log from normal mode as an attachment into this thread.
Regards,
Your friendly Momok =)
This thread is for the use of cheeseman only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
- Status
Latest posts
-
Ford is losing boatloads of money on every electric vehicle sold- WhiteLeaff replied
-
8BitDo updates gamepads with drift-proof hall-effect analog sticks- GodisanAtheist replied
