WinFixer Vundo Trojen possible rootkit

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by jgsketch, Apr 19, 2007.

  1. jgsketch

    jgsketch Private E-2

    Hello,
    I ran into some issues trying to get rid of what I thought was a winfixer/Vundo trojen. I'm still not sure if that is what is left after my cleaning. I also had ClickSpring, SurfSideKick and somehting else. I have run through the whole procedure listed on this forum as well as a couple of the special procedures to clean an infected computer. Some of the other programs I ran were, sidekickfix.bat, OiUninstaller.exe, VundoFix.exe, VirtumundoBeGone.exe. I have ran through Spybot, Adaware, CCleaner and Symantec Antivirus.

    My current syptoms are popups for various subjects, mostly for other sypware programs.

    Here is my Hijackthis log.
     

    Attached Files:

    jgsketch, Apr 19, 2007
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    There are 6 logs requested in the READ & RUN ME. You must attach all of them! HijackThis is that last log that is rquested since it only shows very specific processes and registry keys and does not show very many of the kinds of infections that exist in today's malware world. Based on your HJT log, it does not look like you ran all steps in the READ ME. Especially when you got to step 6. You even still have a very old outdated version of Sun Java installed and step 6 clearly asks you to uninstall old versions and update. It also asks for the online scans to be run.
     
    chaslang, Apr 19, 2007
    #2
  3. jgsketch

    jgsketch Private E-2

    Wow, there are more procedures than I thought from the last time I was here. I'm sorry. I will go over the post again and include all materials. Thanks.
     
    jgsketch, Apr 20, 2007
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I'm not sure what you mean! This is only your second post! You were not here before.
     
    chaslang, Apr 20, 2007
    #4
  5. jgsketch

    jgsketch Private E-2

    I was able to solve my problem using the tools provided and using the additional scans page. I was still get a error upon boot, trying to load a dll file that was deleted during the scan process. I just went into msconfig to solve that last problem. Allthough I hope there is not a virus or something else still left over that was looking for it's dll file. But since there are no longer popups, I'm happy.

    As for being here before, I was talking a couple of years ago. I had to create a new account.

    Thanks for the resources though. There is alot here to look through and great tools.
     
    jgsketch, Apr 20, 2007
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You should not being using MSconfig to control startups. You are only masking potential problems this way and not removing the source of the problem. In addition, MSconfig was not designed for that purpose. It is only meant to be a temporary debugging tool.


    If you complete the steps we can tell you if you are really clean. If you really had a Vundo infection, there could be a load of other infected files hanging around that will not show in just a HijackThis log.

    Why didn't you just log in with your original account? Accounts are not deleted accepted when requested or when they are abused.
     
    chaslang, Apr 20, 2007
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds