Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Urgent Help Needed --- New Trojan Variant never before seen by Symante


  • This topic is locked This topic is locked

#1
I need help fast

I need help fast

    New Member

  • Member
  • Pip
  • 1 posts
Help! I originally posted this problem on majorgeeks.com who where completely unsuccessful in helping me.

I really need help with this fast! This machine is a super fast P4 that has never been sluggish in the past and is still brand new. I had some dialer installed on my computer without my permission, and got some Winfixer/Vundo variant -- a new one that has never happened before. What it did was install all these memory resident scripts all over my machine, and added itself to threads within main system functions. The following is happening I really need someone's help to get rid of it. I got rid of all traces of the virus/trojan, but it's like pulling up weed stems and not the roots, there is without a doubt remnants of this script resident that I can't locate and get rid of! I don't want to do any damage and all the diagnostics say everything is fine but it's so obvious it is still slow and part of it remains and I need help from someone that has some type of understanding and experience that can track down the rest of the trojan/virus to get the machine back into it's original condition without forcing me to lose information or time, because it just seems things are getting worse. I've never posted on these forums before but I am all out of hope, resources, and time relative to upcoming projects to figure out what needs to be done. Please help!

1) Windows used to loads lightening fast (4 seconds) now it takes about 20-30 minutes to finish loading. I can't reformat the machine because there is simply way too much material on the machine and it would take months and months to rebuild and I have 3 days to finish a project that requires all of that software --- it's not an option! I have no idea what scripts are responsible for this!

2) Whenever I turned system restore *ON*, the configuration from the infection date returns -- it may be hidden somehow in C:\System Volume Information, which seems impossible --- something is stored somewhere and I don't know what is causing this!

3) My Antivirus and my firewall keep getting disabled then are turned on, this is solid proof something is happening.

4) There is a weird window that pops up when Windows loads in Japaneese that I have to click "OK" to in order to continue.


Once again I cannot reformat my computer, the configuration, software, and information cannot be backed up right now and it would take forever to get it back to it's optimum configuration for me which I am very happy with on an absolute level and am afraid of having to start over because it would take way to long at the expense of so many upcoming projects and opportunities -- and I had an infection, but remnants from it still remain obviously and I need someone to recognize that and help me get the machine back in its original configuration and position.

Thank you! I attached tons of supporting screenshots and information -- please help!

Attached Files


  • 0

Advertisements


#2
Linkmaster

Linkmaster

    Visiting Staff

  • Member
  • PipPipPip
  • 940 posts
Hi I need help fast, Welcome to GTG !!
Sorry for the delay in reviewing your post

You may wish to print out a copy of these instructions to follow while you complete this procedure

Please create a folder on your C:\ and give it a name (example:HJT)
Download HijackThis 1.99.1© by Merijn
Unzip it in the folder you just created

HijackThis examines certain key areas of the Registry and Hard Drive and lists their contents. These are areas which are used by both legitimate programmers and malicious hijackers

Click on HijackThis.exe
Put a check in "Don't show this frame again when I start HijackThis" at the bottom
Click "None of the above, just start the program"
Click on the Scan button
It will scan your system Do Not remove anything with HiJackThis until instructed!
When finished, Click on Save Log button, save the log to the file you put HijackThis in.
Double-click the log and Copy then Paste the entire contents here

After the log is posted I can then help you more efficiently !!

Thank you !
  • 0

#3
Linkmaster

Linkmaster

    Visiting Staff

  • Member
  • PipPipPip
  • 940 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP