Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: I'm having severe issues with Vundo, Iexplorer constantly running  (Read 24648 times)

0 Members and 1 Guest are viewing this topic.

daver23

    Topic Starter


    Rookie

    • Experience: Beginner
    • OS: Unknown
    Re: I'm having severe issues with Vundo, Iexplorer constantly running
    « Reply #30 on: November 15, 2011, 09:47:18 PM »
    The results of this last log

    C:\Documents and Settings\David L\Desktop\loaristrojanremover.exe   a variant of Win32/1AntiVirus application   deleted - quarantined
    C:\Documents and Settings\David L\My Documents\New Folder\setup-ltr1236.exe   a variant of Win32/1AntiVirus application   deleted - quarantined
    C:\Documents and Settings\David L\My Documents\New Folder\setup-ltr1239.exe   a variant of Win32/1AntiVirus application   deleted - quarantined
    C:\Program Files\Loaris\Trojan Remover\ltr12.exe   a variant of Win32/1AntiVirus application   cleaned by deleting - quarantined
    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1724\A0247188.exe   a variant of Win32/1AntiVirus application   cleaned by deleting - quarantined
    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1766\A0252201.exe   a variant of Win32/1AntiVirus application   cleaned by deleting - quarantined
    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1775\A0253547.exe   a variant of Win32/1AntiVirus application   cleaned by deleting - quarantined
    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1775\A0253565.exe   a variant of Win32/1AntiVirus application   deleted - quarantined
    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1806\A0265195.exe   a variant of Win32/InstallCore.D application   cleaned by deleting - quarantined
    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1811\A0270486.exe   Win32/Adware.OpenInstall application   cleaned by deleting - quarantined
    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1815\A0273502.exe   Win32/RegistryBooster application   deleted - quarantined
    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1827\A0277747.exe   a variant of Win32/Adware.OpenInstall application   cleaned by deleting - quarantined
    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1839\A0283627.sys   probably a variant of Win32/Agent.JMJMETP trojan   cleaned by deleting - quarantined
    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1843\A0283667.exe   a variant of Win32/1AntiVirus application   deleted - quarantined
    C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1843\A0283668.exe   a variant of Win32/1AntiVirus application   cleaned by deleting - quarantined

    daver23

      Topic Starter


      Rookie

      • Experience: Beginner
      • OS: Unknown
      Re: I'm having severe issues with Vundo, Iexplorer constantly running
      « Reply #31 on: November 15, 2011, 10:00:31 PM »
      and it's still doing the same thing :(

      SuperDave

      • Malware Removal Specialist


      • Genius
      • Thanked: 1020
      • Certifications: List
      • Experience: Expert
      • OS: Windows 10
      Re: I'm having severe issues with Vundo, Iexplorer constantly running
      « Reply #32 on: November 16, 2011, 12:29:33 PM »
      These issues? I'm having severe issues with Vundo, Iexplorer constantly running in background, searches in yahoo & google being hijacked
      Windows 8 and Windows 10 dual boot with two SSD's

      daver23

        Topic Starter


        Rookie

        • Experience: Beginner
        • OS: Unknown
        Re: I'm having severe issues with Vundo, Iexplorer constantly running
        « Reply #33 on: November 16, 2011, 03:57:00 PM »
        correct...that was the original message.   Internet explorer just continually shows up in the windows task manager even though I cancel it several times....and sends several files, cookies, etc in my internet explorer which I continually have to clean out with the Piriform CCleaner program.   Also, when I look up anything on yahoo or google re-directs me to a find answers.com search.   That's been the issue this whole time.

        SuperDave

        • Malware Removal Specialist


        • Genius
        • Thanked: 1020
        • Certifications: List
        • Experience: Expert
        • OS: Windows 10
        Re: I'm having severe issues with Vundo, Iexplorer constantly running
        « Reply #34 on: November 16, 2011, 06:54:18 PM »
        Please download aswMBR.exe ( 511KB ) to your desktop.

        Double click the aswMBR.exe to run it



        Click the "Scan" button to start scan

        Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives



        On completion of the scan click save log, save it to your desktop and post in your next reply
        Windows 8 and Windows 10 dual boot with two SSD's

        daver23

          Topic Starter


          Rookie

          • Experience: Beginner
          • OS: Unknown
          Re: I'm having severe issues with Vundo, Iexplorer constantly running
          « Reply #35 on: November 16, 2011, 09:07:19 PM »
          This program will not run on my computer.  Similar to the tdsskiller.exe not working the other day.

          SuperDave

          • Malware Removal Specialist


          • Genius
          • Thanked: 1020
          • Certifications: List
          • Experience: Expert
          • OS: Windows 10
          Re: I'm having severe issues with Vundo, Iexplorer constantly running
          « Reply #36 on: November 17, 2011, 01:29:03 PM »
          Let's try this one.

          Download the MBR Rootkit Detector to your desktop.

          * Doubleclick mbr.exe and follow prompts.
          * A black DOS window will quickly appear then disappear.
          * When mbr.exe is finished it will create a log on your desktop.
          * Copy and paste contents of that log file to your next reply.
          Windows 8 and Windows 10 dual boot with two SSD's

          daver23

            Topic Starter


            Rookie

            • Experience: Beginner
            • OS: Unknown
            Re: I'm having severe issues with Vundo, Iexplorer constantly running
            « Reply #37 on: November 17, 2011, 05:35:31 PM »
            Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
            Windows 5.1.2600 Disk: WDC_WD1600JB-75GVC0 rev.08.02D08 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

            device: opened successfully
            user: MBR read successfully
            kernel: MBR read successfully
            user & kernel MBR OK


            this is all that came up with the MBR

            SuperDave

            • Malware Removal Specialist


            • Genius
            • Thanked: 1020
            • Certifications: List
            • Experience: Expert
            • OS: Windows 10
            Re: I'm having severe issues with Vundo, Iexplorer constantly running
            « Reply #38 on: November 19, 2011, 12:15:07 PM »
            Please download MBRCheck.exe by a_d_13 from one of the links provided below and save it to your desktop.

            Link 1
            Link 2
            Link 3

            •Double-click on MBRCheck.exe to run it.

            •It will open a black window...please do not fix anything (if it gives you an option).

            •When complete, you should see Done! Press ENTER to exit.... Press Enter on the keyboard.

            •A log named MBRCheck_date_time.txt (i.e. MBRCheck_07.21.10_10.22.51.txt) will appear on the desktop.
            •Please copy and paste the contents of that log in your next reply.
            Windows 8 and Windows 10 dual boot with two SSD's

            daver23

              Topic Starter


              Rookie

              • Experience: Beginner
              • OS: Unknown
              Re: I'm having severe issues with Vundo, Iexplorer constantly running
              « Reply #39 on: November 19, 2011, 02:20:47 PM »
              MBRCheck, version 1.2.3
              (c) 2010, AD

              Command-line:         
              Windows Version:      Windows XP Home Edition
              Windows Information:      Service Pack 3 (build 2600)
              Logical Drives Mask:      0x0000001c

              Kernel Drivers (total 147):
                0x804D7000 \WINDOWS\system32\ntoskrnl.exe
                0x806EE000 \WINDOWS\system32\hal.dll
                0xF8D37000 \WINDOWS\system32\KDCOM.DLL
                0xF8C47000 \WINDOWS\system32\BOOTVID.dll
                0xF87E8000 ACPI.sys
                0xF8D39000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
                0xF87D7000 pci.sys
                0xF8837000 isapnp.sys
                0xF8DFF000 pciide.sys
                0xF8AB7000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
                0xF8D3B000 intelide.sys
                0xF8847000 MountMgr.sys
                0xF87B8000 ftdisk.sys
                0xF8ABF000 PartMgr.sys
                0xF8857000 VolSnap.sys
                0xF87A0000 atapi.sys
                0xF8867000 disk.sys
                0xF8877000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
                0xF8780000 fltmgr.sys
                0xF876E000 sr.sys
                0xF8887000 Lbd.sys
                0xF8758000 DRVMCDB.SYS
                0xF8897000 PxHelp20.sys
                0xF8741000 KSecDD.sys
                0xF872E000 WudfPf.sys
                0xF86A1000 Ntfs.sys
                0xF8674000 NDIS.sys
                0xF865A000 Mup.sys
                0xF8947000 \SystemRoot\system32\DRIVERS\intelppm.sys
                0xF8536000 \SystemRoot\system32\DRIVERS\ialmnt5.sys
                0xF8522000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
                0xF8B57000 \SystemRoot\system32\DRIVERS\usbuhci.sys
                0xF84FE000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
                0xF8B5F000 \SystemRoot\system32\DRIVERS\usbehci.sys
                0xF84ED000 \SystemRoot\system32\DRIVERS\GA311ND5.SYS
                0xF84B9000 \SystemRoot\system32\DRIVERS\HSFHWBS2.sys
                0xF8496000 \SystemRoot\system32\DRIVERS\ks.sys
                0xF8397000 \SystemRoot\system32\DRIVERS\HSF_DP.sys
                0xF82F0000 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
                0xF8B67000 \SystemRoot\System32\Drivers\Modem.SYS
                0xF8957000 \SystemRoot\system32\DRIVERS\serial.sys
                0xF8D33000 \SystemRoot\system32\DRIVERS\serenum.sys
                0xF82DC000 \SystemRoot\system32\DRIVERS\parport.sys
                0xF8967000 \SystemRoot\system32\DRIVERS\imapi.sys
                0xF8D65000 \SystemRoot\System32\Drivers\DLACDBHM.SYS
                0xF8977000 \SystemRoot\system32\DRIVERS\cdrom.sys
                0xF8987000 \SystemRoot\system32\DRIVERS\redbook.sys
                0xF8997000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys
                0xF829C000 \SystemRoot\system32\drivers\smwdm.sys
                0xF8278000 \SystemRoot\system32\drivers\portcls.sys
                0xF89A7000 \SystemRoot\system32\drivers\drmk.sys
                0xF81C5000 \SystemRoot\system32\drivers\senfilt.sys
                0xF8EF0000 \SystemRoot\system32\DRIVERS\audstub.sys
                0xF89B7000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
                0xF8625000 \SystemRoot\system32\DRIVERS\ndistapi.sys
                0xF81AE000 \SystemRoot\system32\DRIVERS\ndiswan.sys
                0xF89C7000 \SystemRoot\system32\DRIVERS\raspppoe.sys
                0xF89E7000 \SystemRoot\system32\DRIVERS\raspptp.sys
                0xF8B6F000 \SystemRoot\system32\DRIVERS\TDI.SYS
                0xF819D000 \SystemRoot\system32\DRIVERS\psched.sys
                0xF89F7000 \SystemRoot\system32\DRIVERS\msgpc.sys
                0xF8B77000 \SystemRoot\system32\DRIVERS\ptilink.sys
                0xF8B7F000 \SystemRoot\system32\DRIVERS\raspti.sys
                0xF8A07000 \SystemRoot\system32\DRIVERS\termdd.sys
                0xF8B87000 \SystemRoot\system32\DRIVERS\kbdclass.sys
                0xF8B8F000 \SystemRoot\system32\DRIVERS\mouclass.sys
                0xF8D69000 \SystemRoot\system32\DRIVERS\swenum.sys
                0xF8117000 \SystemRoot\system32\DRIVERS\update.sys
                0xF8611000 \SystemRoot\system32\DRIVERS\mssmbios.sys
                0xF33F0000 \SystemRoot\System32\Drivers\NDProxy.SYS
                0xF3480000 \SystemRoot\system32\DRIVERS\usbhub.sys
                0xF8D41000 \SystemRoot\system32\DRIVERS\USBD.SYS
                0xF6D51000 \SystemRoot\system32\drivers\MODEMCSA.sys
                0xF4E39000 \SystemRoot\System32\Drivers\i2omgmt.SYS
                0xB279D000 \SystemRoot\system32\DRIVERS\MpFilter.sys
                0xF27A6000 \SystemRoot\system32\DRIVERS\hidusb.sys
                0xF8A97000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
                0xF508B000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
                0xF8DC3000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
                0xF8A27000 \SystemRoot\system32\DRIVERS\DcCam.sys
                0xB0586000 \SystemRoot\system32\DRIVERS\EXPORTIT.SYS
                0xF2F60000 \SystemRoot\System32\Drivers\Null.SYS
                0xF8DC5000 \SystemRoot\System32\Drivers\Beep.SYS
                0xF8B9F000 \SystemRoot\System32\Drivers\DLARTL_N.SYS
                0xF8BAF000 \SystemRoot\System32\drivers\vga.sys
                0xF8DC7000 \SystemRoot\System32\Drivers\mnmdd.SYS
                0xF8DC9000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
                0xF8BA7000 \SystemRoot\System32\Drivers\Msfs.SYS
                0xF8BB7000 \SystemRoot\System32\Drivers\Npfs.SYS
                0xB27C4000 \SystemRoot\system32\DRIVERS\rasacd.sys
                0xB0553000 \SystemRoot\system32\DRIVERS\ipsec.sys
                0xB04FA000 \SystemRoot\system32\DRIVERS\tcpip.sys
                0xB04D2000 \SystemRoot\system32\DRIVERS\netbt.sys
                0xF4E35000 \SystemRoot\System32\drivers\ws2ifsl.sys
                0xB01E2000 \SystemRoot\System32\drivers\afd.sys
                0xF8AA7000 \SystemRoot\system32\DRIVERS\netbios.sys
                0xF88B7000 \??\C:\WINDOWS\system32\Drivers\SbcpHid.sys
                0xB01C0000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
                0xF8BBF000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
                0xB0195000 \SystemRoot\system32\DRIVERS\rdbss.sys
                0xB0125000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
                0xAEBFE000 \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DB9695E6-93B9-4CF1-B4CB-B5B97E79BDEF}\MpKsl7db636b9.sys
                0xAE392000 \SystemRoot\system32\DRIVERS\ipnat.sys
                0xAF3F5000 \SystemRoot\system32\DRIVERS\wanarp.sys
                0xAFEE5000 \SystemRoot\system32\DRIVERS\kbdhid.sys
                0xAF3E5000 \SystemRoot\System32\Drivers\Fips.SYS
                0xAFEDD000 \SystemRoot\system32\DRIVERS\mouhid.sys
                0xAF3B5000 \SystemRoot\System32\Drivers\Cdfs.SYS
                0xAE37A000 \SystemRoot\System32\Drivers\dump_atapi.sys
                0xF33C5000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
                0xBF800000 \SystemRoot\System32\win32k.sys
                0xAF9D8000 \SystemRoot\System32\drivers\Dxapi.sys
                0xAEBE6000 \SystemRoot\System32\watchdog.sys
                0xBF000000 \SystemRoot\System32\drivers\dxg.sys
                0xF2368000 \SystemRoot\System32\drivers\dxgthk.sys
                0xBF020000 \SystemRoot\System32\ialmdnt5.dll
                0xBF012000 \SystemRoot\System32\ialmrnt5.dll
                0xBF040000 \SystemRoot\System32\ialmdev5.DLL
                0xBF070000 \SystemRoot\System32\ialmdd5.DLL
                0xF8055000 \SystemRoot\System32\Drivers\DRVNDDM.SYS
                0xF8045000 \SystemRoot\system32\drivers\dcfs2k.sys
                0xF8F74000 \SystemRoot\System32\DLA\DLADResN.SYS
                0xAE364000 \SystemRoot\System32\DLA\DLAIFS_M.SYS
                0xF8D13000 \SystemRoot\System32\DLA\DLAOPIOM.SYS
                0xB27FE000 \SystemRoot\System32\DLA\DLAPoolM.SYS
                0xAEBDE000 \SystemRoot\System32\DLA\DLABOIOM.SYS
                0xAE34C000 \SystemRoot\System32\DLA\DLAUDFAM.SYS
                0xAE336000 \SystemRoot\System32\DLA\DLAUDF_M.SYS
                0xB0204000 \SystemRoot\system32\DRIVERS\ndisuio.sys
                0xAD19A000 \SystemRoot\system32\drivers\wdmaud.sys
                0xAEC2E000 \SystemRoot\system32\drivers\sysaudio.sys
                0xACDAF000 \SystemRoot\system32\DRIVERS\mrxdav.sys
                0xF8DAD000 \SystemRoot\System32\Drivers\ASCTRM.SYS
                0xF8DB1000 \SystemRoot\system32\DRIVERS\dsunidrv.sys
                0xACE1C000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
                0xACC8F000 \SystemRoot\system32\DRIVERS\srv.sys
                0xAC5BE000 \SystemRoot\System32\Drivers\HTTP.sys
                0xACA57000 \SystemRoot\system32\DRIVERS\asyncmac.sys
                0xF8BF7000 \??\C:\DOCUME~1\DAVIDL~1\LOCALS~1\Temp\mbr.sys
                0xAC45E000 \SystemRoot\system32\DRIVERS\szkg.sys
                0xF7CF6000 \SystemRoot\system32\drivers\szkgfs.sys
                0xAA868000 \SystemRoot\system32\drivers\kmixer.sys
                0xF8D8B000 \SystemRoot\system32\DRIVERS\LANPkt.sys
                0xAF9E4000 \SystemRoot\System32\Drivers\Diag69xp.sys
                0xF8D99000 \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
                0xB0E4E000 \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{53FC6F7F-B052-49DB-BCC0-4F869AECA196}\MpKslb065ec8d.sys
                0x7C900000 \WINDOWS\system32\ntdll.dll

              Processes (total 49):
                     0 System Idle Process
                     4 System
                   576 C:\WINDOWS\system32\smss.exe
                   648 csrss.exe
                   672 C:\WINDOWS\system32\winlogon.exe
                   716 C:\WINDOWS\system32\services.exe
                   728 C:\WINDOWS\system32\lsass.exe
                   900 C:\WINDOWS\system32\svchost.exe
                   976 svchost.exe
                  1072 C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
                  1108 C:\WINDOWS\system32\svchost.exe
                  1148 C:\WINDOWS\system32\svchost.exe
                  1432 svchost.exe
                  1612 svchost.exe
                  1964 C:\WINDOWS\system32\spoolsv.exe
                  1324 svchost.exe
                  1388 C:\Program Files\SUPERAntiSpyware\SASCore.exe
                  1416 C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
                  1500 C:\WINDOWS\system32\svchost.exe
                  1740 C:\Program Files\Java\jre7\bin\jqs.exe
                  2092 C:\Program Files\Dell Support Center\bin\sprtsvc.exe
                  2124 C:\WINDOWS\system32\svchost.exe
                  2860 alg.exe
                  3736 C:\WINDOWS\system32\hkcmd.exe
                  3756 C:\Program Files\Dell\Media Experience\DMXLauncher.exe
                  3816 C:\WINDOWS\system32\DLA\DLACTRLW.EXE
                  3840 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
                  3856 C:\Program Files\Dell Support Center\bin\sprtcmd.exe
                  3896 C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
                  3984 C:\Program Files\Common Files\Java\Java Update\jusched.exe
                  4012 C:\Program Files\Microsoft Security Client\msseces.exe
                  4052 C:\Program Files\DellSupport\DSAgnt.exe
                   220 C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
                  2644 C:\Program Files\NETGEAR GA311 Adapter\GA311.exe
                  2632 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
                  1020 C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
                  3272 C:\Program Files\HP\Digital Imaging\bin\hpqdirec.exe
                  3532 C:\WINDOWS\system32\dwwin.exe
                  2136 C:\WINDOWS\system32\LEXPPS.EXE
                   216 C:\WINDOWS\system32\LEXBCES.EXE
                  3424 C:\WINDOWS\system32\wuauclt.exe
                   140 C:\WINDOWS\system32\taskmgr.exe
                   424 C:\Program Files\Mozilla Firefox\firefox.exe
                  3300 C:\Program Files\Mozilla Firefox\plugin-container.exe
                  2224 C:\Program Files\Mozilla Firefox\plugin-container.exe
                  2232 C:\WINDOWS\system32\svchost.exe
                  1336 C:\WINDOWS\explorer.exe
                  3052 C:\Program Files\CCleaner\CCleaner.exe
                  3912 C:\Documents and Settings\David L\Desktop\MBRCheck.exe

              \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`02738a00  (NTFS)
              \\.\D: --> \\.\PhysicalDrive0 at offset 0x0000001b`27f4c800  (NTFS)

              PhysicalDrive0 Model Number: WDCWD1600JB-75GVC0, Rev: 08.02D08

                    Size  Device Name          MBR Status
                --------------------------------------------
                  149 GB  \\.\PhysicalDrive0   MBR Code Faked!
                          SHA1: B4B6B1E93E76CCFDFCAE6EA604FEB4717943141 3


              Found non-standard or infected MBR.
              Enter 'Y' and hit ENTER for more options, or 'N' to exit:

              Done!

              SuperDave

              • Malware Removal Specialist


              • Genius
              • Thanked: 1020
              • Certifications: List
              • Experience: Expert
              • OS: Windows 10
              Re: I'm having severe issues with Vundo, Iexplorer constantly running
              « Reply #40 on: November 19, 2011, 06:15:04 PM »
              Please give TDSSKiller another try. But you will have to rename it as in the following:

              •If TDSSKiller does not run, try renaming it.

              •To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
              Windows 8 and Windows 10 dual boot with two SSD's

              daver23

                Topic Starter


                Rookie

                • Experience: Beginner
                • OS: Unknown
                Re: I'm having severe issues with Vundo, Iexplorer constantly running
                « Reply #41 on: November 20, 2011, 05:36:35 PM »
                This might have actually fixed my problem. Since i've rebooted my computer after using the tdsskiller I haven't had iexplore come up in my task manager, and it appears my redirecting problem might be fixed also.   Thanks. If I end up having anymore issues i'll get back with you.

                SuperDave

                • Malware Removal Specialist


                • Genius
                • Thanked: 1020
                • Certifications: List
                • Experience: Expert
                • OS: Windows 10
                Re: I'm having severe issues with Vundo, Iexplorer constantly running
                « Reply #42 on: November 21, 2011, 12:49:51 PM »
                Quote
                If I end up having anymore issues i'll get back with you.

                We may as well do some cleanup now.

                To uninstall ComboFix

                • Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
                • In the field, type in ComboFix /uninstall


                (Note: Make sure there's a space between the word ComboFix and the forward-slash.)

                • Then, press Enter, or click OK.
                • This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.
                ************************************************
                To remove all of the tools we used and the files and folders they created do the following:
                Double click OTL.exe.
                • Click the CleanUp button.
                • Select Yes when the "Begin cleanup Process?" prompt appears.
                • If you are prompted to Reboot during the cleanup, select Yes.
                • The tool will delete itself once it finishes.
                Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
                ***************************************************
                Clean out your temporary internet files and temp files.

                Download TFC by OldTimer to your desktop.

                Double-click TFC.exe to run it.

                Note: If you are running on Vista, right-click on the file and choose Run As Administrator

                TFC will close all programs when run, so make sure you have saved all your work before you begin.

                * Click the Start button to begin the cleaning process.
                * Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
                * Please let TFC run uninterrupted until it is finished.

                Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.
                ****************************************************
                Looking over your log it seems you don't have any evidence of a third party firewall.

                Firewalls protect against hackers and malicious intruders. You need to download a free firewall from one of these reliable vendors.

                Remember only install ONE firewall

                1) Comodo Personal Firewall (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" and uncheck any HopSurf and/or Ask.com options if you choose this one)
                2) Online Armor
                3) Agnitum Outpost
                4) PC Tools Firewall Plus

                If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time.
                *******************************************************
                Go to Microsoft Windows Update and get all critical updates.

                ----------

                I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

                SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
                * Using SpywareBlaster to protect your computer from Spyware and Malware
                * If you don't know what ActiveX controls are, see here

                Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

                Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

                Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
                Safe Surfing!
                Windows 8 and Windows 10 dual boot with two SSD's

                daver23

                  Topic Starter


                  Rookie

                  • Experience: Beginner
                  • OS: Unknown
                  Re: I'm having severe issues with Vundo, Iexplorer constantly running
                  « Reply #43 on: November 23, 2011, 04:12:30 PM »
                  Thanks for everything.  So, do I need to download a firewall since I've got the Microsoft Security Essentials now? Do you recommend me getting something else?

                  SuperDave

                  • Malware Removal Specialist


                  • Genius
                  • Thanked: 1020
                  • Certifications: List
                  • Experience: Expert
                  • OS: Windows 10
                  Re: I'm having severe issues with Vundo, Iexplorer constantly running
                  « Reply #44 on: November 23, 2011, 04:49:33 PM »
                  Quote
                  Thanks for everything. So, do I need to download a firewall since I've got the Microsoft Security Essentials now? Do you recommend me getting something else?
                  If you want to protect your personal and financial information, a third-party firewall would give you that added protection. I'm running MSE and Comodo firewall. You're welcome. I will lock this thread. If you need it re-opened, please send me a pm.
                  Windows 8 and Windows 10 dual boot with two SSD's