Vundo Trojan found, please help
- Thread starter willydawg
- Start date
touch
Posts: 976 +0
Hello willydawg
It looks like you have to run combofix -
Please download Combofix:
http://subs.geekstogo.com/ComboFix.exe
And save to the desktop.
Close any open browsers.
Open notepad and copy/paste the text in the quotebox below into it:
Name the file as CFScript
and Save it on the desktop
http://www.fromsej.saknet.dk/billeder/cfscript.gif
Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe.
Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
It looks like you have to run combofix -
Please download Combofix:
http://subs.geekstogo.com/ComboFix.exe
And save to the desktop.
Close any open browsers.
Open notepad and copy/paste the text in the quotebox below into it:
Name the file as CFScript
and Save it on the desktop
http://www.fromsej.saknet.dk/billeder/cfscript.gif
Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe.
Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
Just finished ComboFix
Hi Touch...
I ran ComboFix, attached it the log. One thing I noticed is that the Firefox homepage was changed and when opening the browser it asks to be the default browser. Also, the Internet Explorer shortcut keeps appearing on desktop even though I keep deleting it.
Should I run Avira again?
Thanks!
Will
Hi Touch...
I ran ComboFix, attached it the log. One thing I noticed is that the Firefox homepage was changed and when opening the browser it asks to be the default browser. Also, the Internet Explorer shortcut keeps appearing on desktop even though I keep deleting it.
Should I run Avira again?
Thanks!
Will
I ran Avira & HJT, but the avira log file is huge for a txt file. It's over 20mb and this forum is not letting me upload. I noticed that the avira quarantine folder has tens of thousands of files in it, and that's probably why it's taking so long to scan and why the file is so big.
In avira, I'm going into the Quarantine section and deleting all the files. But it only shows 10,000 files at a time. Don't know how much more I have to go. Should I post just the hjt for now?
Thanks,
Will
In avira, I'm going into the Quarantine section and deleting all the files. But it only shows 10,000 files at a time. Don't know how much more I have to go. Should I post just the hjt for now?
Thanks,
Will
touch
Posts: 976 +0
Yes, please post fresh hijackthis log.
If you haven´t emptied Quarantine folder, I´ll suggest you do.
But first, create a New Restore Point ->
Go to Start > All Programs > Accessories > System Tools > System Restore
Select Create a restore point, and Ok it.
Next, go to Start > Run and type in cleanmgr
Select the More options tab
Choose the option to clean up system restore and OK it.
This will remove all restore points except the new one you just created.
If you haven´t emptied Quarantine folder, I´ll suggest you do.
But first, create a New Restore Point ->
Go to Start > All Programs > Accessories > System Tools > System Restore
Select Create a restore point, and Ok it.
Next, go to Start > Run and type in cleanmgr
Select the More options tab
Choose the option to clean up system restore and OK it.
This will remove all restore points except the new one you just created.
touch
Posts: 976 +0
Sounds good, and clean log´s 
Now your computer problems are solved, it is time for the clean-up procedure
Please download OTCleanIt
Save it to desktop.
This will remove all the tools we used to clean your computer.
Double-click OTCleanIt.exe. Click CleanUp. Say Yes to the "Begin cleanup Process?"
When asked if you want to proceed with the cleanup process, click Yes. Restart your computer when prompted.
Please note. It will NOT remove Mbam, Ccleaner and SuperAntispyware.
To learn more about how to protect yourself while on the internet, please read Tony Klein´s guide:
How did I get infected in the first place
If you have any cooments or questions, feel free to post back.
Otherwise, happy and safe surfing :wave:
Now your computer problems are solved, it is time for the clean-up procedure
Please download OTCleanIt
Save it to desktop.
This will remove all the tools we used to clean your computer.
Double-click OTCleanIt.exe. Click CleanUp. Say Yes to the "Begin cleanup Process?"
When asked if you want to proceed with the cleanup process, click Yes. Restart your computer when prompted.
Please note. It will NOT remove Mbam, Ccleaner and SuperAntispyware.
To learn more about how to protect yourself while on the internet, please read Tony Klein´s guide:
How did I get infected in the first place
If you have any cooments or questions, feel free to post back.
Otherwise, happy and safe surfing :wave:
Similar threads
