HELP!!! vundo/zlob/smitfraud trojan on my PC!

[nihil]

Well,

At the end of the day just run HijackThis! and post the log file. We will give it a look?

http://www.majorgeeks.com/download5554.html

[Cider]

http://<a rel="nofollow" href="http:...vescan.com</a>

Otherwise post the HJ logs..

[delstar]

He's already posted the HJ logs....

[dinowuff]

Wow Googlist.. whatever your very first post is a clean HJT log Then along comes alavardo with the solution - in his very first post.

This Eset antivirus program named Nod32 has increasing rapidly in popularity because is very useful in detection of trojans,viruses,worms and other intruders.Nod32 in available for a 30 day trial period while you can test and ensure if is ok for your sistem security protection .Spyware and phishing are detected too.

Yummy SPAM - I love spam.

[nihil]

It isn't spam. Both Nod32 (Rset) and Antivir (Avira) are well established and respected products, and don't use those marketing methods.

I am somewhat surprised that googlist is running McAfee Virus Scan Enterprise, and got infected by this sort of crap. That is a fairly heavy duty security package.

I would suggest that googlist updates it and boots into safe mode before running it. Also follow the other suggestions. Then do as I said and run a HijackThis! log with a version downloaded from a reputable site. From the log already posted:

D:\sudasoft\HijackThis.exe

Anyone trust "sudasoft" as a reliable source of security software tools?

It would seem pretty obvious to me that this is a business/commercial setup, so he isn't eligible for a lot of the free tools that might help.

Time to format and reinstall IMO.

[googlistics]

Greetings, people!


I'm terribly sorry for the delay in posting this thank you message but here goes.
Thank you for the suggestions and inputs. I've been successful in getting the nasty SOB off my machine the very next day I posted here!!

I heavily relied on google (googlistics is a big google fanboi :P) and came to one conclusion-
NONE of the current antivirus packages are any good for SmitFraud/ Vundo/ Zlob (yes, including McAfee Enterprise). It is such an obnoxious SOB that even KillBox-ing the mutant dlls wont work.

Finally I found a few specialized standalone apps like SmitFraudFix and VundoRemoval. However, ony a tool called ComboFix was effective and sent the slimy little monster right into the depths of hell. I had to boot to Safe Mode and unplug my LAN cable to do that though.

And yeah, this is a corporate setup and I am a computer engineer where I could've gotten into trouble had I reported the virus to the Support Dept. :P
I have very limited access to the machine and the internet, however, I am lucky enough to have administrator privileges assigned!!! :P Thank god for small mercies!

(Note to myself- Never, never download exes from obscure websites. )

[googlistics]

Wow Googlist.. whatever your very first post is a clean HJT log Then along comes alavardo with the solution - in his very first post.




Yummy SPAM - I love spam.

Hi Dinowuff,

Unfortunately though, my first post wasn't spam. The HJT log seems to be clear because I had already deleted the dlls and registry entries I could, before taking the HJT log.

Going to such extreme lengths to spam as posing as a victim in one post and then proposing your product in the other, I think, is highly unlikely. Whatcha say?

[nihil]

The HJT log seems to be clear because I had already deleted the dlls and registry entries I could, before taking the HJT log.

Which is why we wanted you to run another one after it had re-infected you

Going to such extreme lengths to spam as posing as a victim in one post and then proposing your product in the other, I think, is highly unlikely.

Far more common than you would imagine. Spamming discussion forums is pretty much a global pastime these days However, as I pointed out, not with reputable products.

[AngelicKnight]

Spamming discussion forums is pretty much a global pastime these days

Indeed. My site used to get hammered by 'em to high heaven. As certain people here are well aware of.

[ChristinaF]

Hi googlistics, I would suggest you to download an anti-virus software, a free one or a trial version. Both will help you out. I would recommend you to download AVG or AVAST as they are very used by most users, but take my advice and don't download the latest version of AVG because it's crap!! so not worth having it although it's the latest version, haha