Undo Variant is killing me

Discussion in 'Malware Help (A Specialist Will Reply)' started by ploizzo, Apr 6, 2009.

  1. ploizzo

    ploizzo Private E-2

    Hello,

    This is my first time posting and I followed the instructions on the READ & RUN ME FIRST page.

    I noticed my computer has been slower than normal over the last month or so and within the last three weeks, the copmuter would sparatically reboot with no warning. The big hit was Sunday April 5 when the backgound image changed to a warning that I was infected and multiple pop ups.

    The logs are attached, please help! Thank you very much...

    Pete
     

    Attached Files:

    ploizzo, Apr 6, 2009
    #1
  2. ploizzo

    ploizzo Private E-2

    Sorry mistype in the topic, It should read "Vundo" not Undo. Thanks
     
    ploizzo, Apr 6, 2009
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Uninstall the below old versions of software:
    J2SE Runtime Environment 5.0 Update 6
    Java(TM) 6 Update 12
    Java(TM) 6 Update 7

    Now we need to use ComboFix to remove a bunch of malware files.
    • Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
      • If it is not on your Desktop, the below will not work.
    • Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
    • Open Notepad and copy/paste the text in the below quote box into it:
    • Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
    • At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
    • You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
    • Now use your mouse to drag CFscript.txt on top of ComboFix.exe
    • Follow the prompts.
    • When it finishes, a log will be produced named c:\combofix.txt
    • I will ask for this log below
    Note:

    Do not mouseclick combofix's window while it is running. That may cause it to stall.


    After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment

    Now run Ccleaner to clean out only temp files and nothing else!

    Now download the current version of MGtools and save it to your root folder. Overwrite your previous MGtools.exe file with this one.

    Run MGtools.exe ( Note: If using Vista make sure UAC is still disabled. Also don't double click on it, use right click and select Run As Administrator )

    Now attach the below log:
    • C:\ComboFix.txt
    • C:\MGlogs.zip
    Make sure you tell me how things are working now!
     
    chaslang, Apr 9, 2009
    #3
  4. ploizzo

    ploizzo Private E-2

    Thanks for replying, here are the new logs. No more popups and things seem back to normal. Just want to make sure I am completely rid of it.
     

    Attached Files:

    ploizzo, Apr 9, 2009
    #4
  5. ploizzo

    ploizzo Private E-2

    Are you still helping or do I need to re-post?
     
    ploizzo, Apr 11, 2009
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You should read the stickies, especially this one Don't Bump! It Only Hurts You!!! which was also given in READ & RUN ME. It explains our work methods. This post cost you 3 days of additional waiting time. We have several hundred active threads going on and each day 30 to 50 new requests for help. Thus as you can see we are extremely busy providing free support.
     
    chaslang, Apr 14, 2009
    #6
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member


    Now we need to use ComboFix to remove one more bad driver
    • Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
      • If it is not on your Desktop, the below will not work.
    • Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
    • Open Notepad and copy/paste the text in the below quote box into it:
    • Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
    • At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
    • You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
    • Now use your mouse to drag CFscript.txt on top of ComboFix.exe
    • Follow the prompts.
    • When it finishes, a log will be produced named c:\combofix.txt
    • I will ask for this log below
    Note:


    Now attach the new C:\Combofix.txt log.
     
    chaslang, Apr 14, 2009
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds