Victim of Seneka/Vundo rootkit

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by jaber007, Apr 2, 2009.

  1. jaber007

    jaber007 Private E-2

    Its funny I got the flu virus and my computer got the Seneka/Vundo rootkits. I was downloading a file from a torrent and I got screwed by this. It was constantly redirecting my links in google. Tried to use other browsers but had the same issue.
    I followed all the steps in the 'read before you post'. Ran all the tools and I think my computer is cleaned up. But I would like one of you experts to double-check my logs JUST to be 100% sure. You're help and advise is greatly appreciated. I love this site!
     

    Attached Files:

    jaber007, Apr 2, 2009
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Note: AVG7 is due to stop updating in April this year. Consider updating to a new antivirus soon.



    Uninstall the below old versions of software:
    Java 2 Runtime Environment, SE v1.4.2_13
    Java(TM) 6 Update 4

    Did you knowingly install Ask Toolbar, if not then we suggest that you uninstall it.

    Now we need to use ComboFix
    • Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
      • If it is not on your Desktop, the below will not work.
    • Also make sure you have shut down all protection software (antivirus [AVG], antispyware [Ad-Aware Ad-Watch] ...etc) or they may get in the way of allowing ComboFix to run properly.
    • Open Notepad and copy/paste the text in the below quote box into it:
    • Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
    • At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
    • You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
    • Now use your mouse to drag CFscript.txt on top of ComboFix.exe
    • Follow the prompts.
    • When it finishes, a log will be produced named c:\combofix.txt
    • I will ask for this log below
    Note:

    Do not mouseclick combofix's window while it is running. That may cause it to stall.

    Now run Ccleaner to clean out only temp files and nothing else!

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

    Then attach the below logs:
    • C:\ComboFix.txt
    • C:\MGlogs.zip
    Make sure you tell me how things are working now!
     
    chaslang, Apr 5, 2009
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds