Page 6 of 9 FirstFirst ... 23456789 LastLast
Results 51 to 60 of 82

Thread: win32/vundo and others

  1. #51
    Member
    Join Date
    Oct 2007
    Posts
    78

    Default

    Ken

    I came accross this after last posting. This appears to be at least one of the infections that I had (have). I'm still experiencing the error messages as described in the ca article, and the virus did remove the tabs as it says.

    Thought I'd post the link incase it helps, or can help others. Would be great if someone knew how to restore the tabs, and reverse the damage done.

    http://www.ca.com/us/securityadvisor...78120#section4

    Mark

  2. #52
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Try this removal tool

    http://www.removeonline.com/remove-w...s-out-of-date/

    I am going to ask one of the registry experts to write me a script to restore your icons and such
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  3. #53
    Member
    Join Date
    Oct 2007
    Posts
    78

    Default

    Thanks Ken

    I ran the tool as suggested and it found 5 items: 4 tracking cookies and 1 Trojan (Trojan/Bifrost HKEY_CURRENT_USER Software\wget )

    The tool would only search, you had to purchase the product to delete detected items, so I have made a note of where they are and will use the CA link that I posted and download their fix as I have CA installed on the machine already.

    Thanks again

    Mark

  4. #54
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Mark,

    Lets hope CA gets it, it should. That tool was a stab in the dark as I have not run into this codec thing before

    Let me know how it went??
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  5. #55
    Member
    Join Date
    Oct 2007
    Posts
    78

    Default

    Ken

    I spoke with CA because I wasnt sure which signature file to download, they suggested I wait and have one of their malware specialists talk me through removal, and I wasnt going to argue!....I'll post when I've done it..maybe tomorrow.

    I started a new case for the other pc if you get a chance.

    Thanks for the help

    Mark

  6. #56
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    After your finished with the removal with the help of CA, if your desktop and icons are still out of whack you can do this.


    REGEDIT4

    [HKEY_CLASSES_ROOT\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "NoDispAppearancePage"=dword:00000000
    "NoDispBackgroundPage"=dword:00000000
    "NoDispSettingsPage"=dword:00000000
    Copy the entire contents inside the Quote box and Paste it into Notepad ( this will only work with Notepad ) name the file Regfix.reg and in the drop down box, save it as All Files. Save it to your desktop. Then Rightclick on the Regfix.reg file and click on Merge, when it asks you to merge with the Registry, say yes.

    If you saved the file correctly it should look like this
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  7. #57
    Member
    Join Date
    Oct 2007
    Posts
    78

    Default

    Thanks Ken, still waiting for the callback "within 24 hours"...I'll let you know. Thanks for the fix also I'll tell you how I get on with it.

    Other pc useless and offline, did open a new thread, but no response yet, probably because it looks like some of the "evidence" was destroyed, as I didnt refer to this thread.

    If you can help there I would appreciate it...been unproductive for 2 days

    Thanks

    Mark

  8. #58
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    You need to enable windows to Show All Files and Folders.
    Instructions Here


    Go to VirusTotal and submit this file for analysis, just use the browse feature and then Send File, you will get a report back, post the report into this thread for me to see.

    c:\windows\SYSTEM32\DRIVERS\c1002347.sys
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  9. #59
    Member
    Join Date
    Oct 2007
    Posts
    78

    Default

    Ken

    I wasnt sure if your last post here related to this issue or the other thread.

    I answered your request in the other thread, haven't done the above yet...I'll wait to hear back

    Thanks for picking this up, much appreciated.

    mark

  10. #60
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Mark,

    Working like this will keep this thread seperate
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •