How is your computer running now?
Vundo infection! Help! [Solved]
Started by
mtrigact
, Dec 09 2008 10:02 PM
#16
Posted 14 December 2008 - 11:27 PM
How is your computer running now?
#17
Posted 15 December 2008 - 05:09 PM
Jimmy2012,
It is running better. Thank you so much for all your help so far. I don't get any pop ups or any infection alerts from symantec but in the windows task manager under CPU usage it is still bouncing around like crazy. Even when I am sitting idle it bounces between 0-40% and when I run any program it bounces up to 80-100% consistently. I don't remember it doing that before. Is that a sign that something else might be going on?
T
It is running better. Thank you so much for all your help so far. I don't get any pop ups or any infection alerts from symantec but in the windows task manager under CPU usage it is still bouncing around like crazy. Even when I am sitting idle it bounces between 0-40% and when I run any program it bounces up to 80-100% consistently. I don't remember it doing that before. Is that a sign that something else might be going on?
T
#18
Posted 15 December 2008 - 06:05 PM
Hello mtrigact,
What program is taking up the CPU when it does this?Even when I am sitting idle it bounces between 0-40%
#19
Posted 15 December 2008 - 08:34 PM
It looks to be the ones listed below. It is hard for me to tell. Are these normal? If they are then that's great. I haven't had a virus pop up since you did whatever magic you did. Thanks again for waliking me through everything. It was a real help.
iexplore.exe
lexplore.exe
explorer.exe
S24EvMon.exe
DLG.exe
svchost.exe
iexplore.exe
lexplore.exe
explorer.exe
S24EvMon.exe
DLG.exe
svchost.exe
#20
Posted 15 December 2008 - 11:15 PM
Hello mtrigact,
One thing I was thinking was that your Symantec could also do this, it sometimes can take up alot of your CPU. To test this and see if that is what is causing this turn off your Symantec program and see if it still does this. After trying this please turn it back on and let me know.
Yes, the ones you listed are legit files.Are these normal?
One thing I was thinking was that your Symantec could also do this, it sometimes can take up alot of your CPU. To test this and see if that is what is causing this turn off your Symantec program and see if it still does this. After trying this please turn it back on and let me know.
Edited by Jimmy2012, 15 December 2008 - 11:15 PM.
#21
Posted 16 December 2008 - 09:02 PM
Jimmy2012-
So I turned it off and it bounces 0-20. Which seems better. I think that it was probably that. Thank you so much for all your help and patience walking me through everything. It is really great of you to take the time to help those of us less computer inclined
Thanks so much. You rock.
mtrigact
So I turned it off and it bounces 0-20. Which seems better. I think that it was probably that. Thank you so much for all your help and patience walking me through everything. It is really great of you to take the time to help those of us less computer inclined
Thanks so much. You rock.
mtrigact
#22
Posted 16 December 2008 - 10:12 PM
Hello mtrigact,
Lets go ahead and remove the tools used and update a few things.
Please download JavaRa to your desktop and unzip it to its own folder
You are using a old version of Adobe Acrobat Reader, please update it here.
Follow these steps to uninstall Combofix and tools used in the removal of malware
Please download OTCleanIt and save it to your Desktop.
Please remove any leftover tools used to clean your computer.
The following is a list of tools and utilities that I like to suggest to people. This list is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.
1. Spywareguard: Is realtime protection from spyware.
2. Spywareblaster: Helps protect against any bad ActiveX from installing on your computer.
3. SuperAntiSpyware: Use this program to help remove any spyware that may have gotten on your computer.
4. FireFox: This is a great alternate browser over Internet Explorer. Firefox is much more secure then Internet Explorer and also has a bulilt in pop up blocker.
5. ATF Cleaner: This program cleans out your temporary files. This is a great tool that can help speed your computer up.
6. Trillian or Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)
7. Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein
Your welcome.Thanks so much.
Lets go ahead and remove the tools used and update a few things.
Please download JavaRa to your desktop and unzip it to its own folder
- Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
- Accept any prompts.
- Open JavaRa.exe again and select Search For Updates.
- Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.
You are using a old version of Adobe Acrobat Reader, please update it here.
Follow these steps to uninstall Combofix and tools used in the removal of malware
- Click START then RUN
- Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.
Please download OTCleanIt and save it to your Desktop.
- Double-click OTCleanIt.exe
- Click the CleanUp! button to begin removing tools used to clean your computer
- If you are prompted to Reboot during the cleanup, please select Yes
Please remove any leftover tools used to clean your computer.
The following is a list of tools and utilities that I like to suggest to people. This list is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.
1. Spywareguard: Is realtime protection from spyware.
2. Spywareblaster: Helps protect against any bad ActiveX from installing on your computer.
3. SuperAntiSpyware: Use this program to help remove any spyware that may have gotten on your computer.
4. FireFox: This is a great alternate browser over Internet Explorer. Firefox is much more secure then Internet Explorer and also has a bulilt in pop up blocker.
5. ATF Cleaner: This program cleans out your temporary files. This is a great tool that can help speed your computer up.
6. Trillian or Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)
7. Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein
#23
Posted 18 December 2008 - 08:18 PM
Jimmy 2012,
Thank you SOOOOO much. I can not tell you how great your help was. Things seem to be running great. I took care of cleaning everything up and have switched over to Firefox. You help was amazing!
Thanks again.
Thank you SOOOOO much. I can not tell you how great your help was. Things seem to be running great. I took care of cleaning everything up and have switched over to Firefox. You help was amazing!
Thanks again.
#24
Posted 18 December 2008 - 09:22 PM
Your welcome.
#25
Posted 18 December 2008 - 09:22 PM
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users