| |
 |  |  |  |
| |  | ||||||
 |
| | LinkBack | Thread Tools | Search this Thread | Display Modes |
08-23-2009, 01:09 PM
| |||
| |||
 Trojan.Vundo, PlatinumAdvertiser in firefox and more... I'm praying someone might be able to assist me, I've been working on this for two weeks now, and it's worse not better. I've encountered issues in past and now know enough to be dangerous and make it worse... LOL That's the last thing I want to do... My System: Windows XP PRO SPK2 (can't get SPK3 to install - fails) Partitioned HD on MacBook Pro (nothing going on with MAC side of system) Using Kaspersky Anti-Virus 2010 Symptoms: 1. system freezes and on re-boot to normal and safe mode I receive white screen with fuschia (yep, fuschia) squiggle lines then they were there if and when windows would boot, or if the screen is black (like in safe mode) they're a neon green. - Believe this may have to do with a an issue coming up as... PlatinumAdvertiser: Bookmark (Firefox:Sunny (default)) index.asp (http://reversephonesite.com/index.as...m&bid=&domain=) NOTE: Spybot S&D is the only one that locates this file. Yet it can't remove it. So also tried Live Chat with Mozilla Firefox - they had no clue or advise, as you can't locate it within the bookmarks on Firefox either... 2. Trojan.Vundo - located by Malware-bytes 3. Quick question... Found something called PROR do I need this or can I uninstall it? Googled and not really finding any applicable answers... 4. I notice I have a back up folder in my C Drive that says MYCYCLE which is were it appears a lot of serious vulnerabilities are registering with Kaspersky but not sure what to do with this folder. Whether its my actual back up or if it's something I can get remove with Secure File Shredding. - Please advise... ------------------------------------------------------- Previous Programs Ran to try to resolve the issues & created Logs: SuperAntispyware - Free Edition ad-Aware CCleaner Sbyboot S&D Malwarebytes Trojan Remover smithfaudfix RootRepeal MGtools DDS.scr Added & Installed Recovery Console ---------------------------------------------------------- In following the steps this is what I was able to accomplish while logged onto Safe Mode with Networking... (Normal Mode would only freeZe - not to mention the fuschia squiggles on the screen, even at re-boot, the usual white screen had the fuchia squiggles, though I found that this would be lime green ones in Safe Mode - it comes and goes...) Step 1. Emptying Kaspersky Quarantine Files: This is where I noticed I have a back up folder in my C Drive that says MYCYCLE which is were it appears a lot of serious vulnerabilities are registering with Kaspersky but not sure what to do with this folder. Whether its my actual back up or if it's something I can get remove with Secure File Shredding. - Please advise... for Kaspersky 2009 on Windows XP: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\QB and did a secure shred of these 14 files. Step 2. Ran CC Cleaner: CLEANING COMPLETE - (1512.464 secs) 57.1 MB removed. Now attempting to re-boot into normal mode to continue... Was able to reboot in normal mode: Step 4. Uninstalled all other software that I no longer needed or wanted. Quick question... This is where I found something called PROR do I need this or can I uninstall it? Googled and not really finding any applicable answers. TY Step 5. 1. Disabled Spybot S&D Teatimer - then rebooted At 1st re-boot Windows opened Windows XP Professional Setup, which had not displayed before and had to re-boot again and select Windows XP Professional to boot into. Another Note: Recovery Console no longer appears, though I previously installed. Once properly re-booted, Adobe Updater immediately started to run wanting to install updates - which all failed (again - haven't been able to update) Then received the error: Adobe Set Up Encountered a Problem and needs to Close. Report to Microsoft... Another Update for Microsoft appeared (not service pack 3) but for Windows Defender - not sure whether that update completed successfully, it disappeared from the task bar. So back to Windows XP Cleaning... Step 1. Download Tools: SuperAntispyware - Free Edition Malwarebytes Anti-Malwared RootRepeal MGTools: saved to c:/ Step 2: Installing Tools and Running Scans SUPERAntiSpyware: have log After running superantispyware for almost an hour after following all installation and configuration instructions it located two trojans (unknown locations) and the fuschia distortion started again and then the system completely froze. Also, Mozilla had an error message that appeared very briefly that stated that there was an error with 0x00012dde8 Hard shutdown and reboot completed and following the next set of instructions to try and re-scan to get a log... but noticed that my clock had been changed on my task bar to military time. Not a good sign... It found a trojan - but not the one that Spybot S&D had found. So unfortunately, after the reboot - the system froze when trying to get the log(s); the fucshia came back to the screen again and froze the system, so another hard shutdown and reboot into Safe Mode to try and get the log for superantispyware, but already know that the main issue on my system isn't resolved... ---------------------------------------------------------- Now on to Malwarebytes - have log In Safe Mode Successfully installed and updated. (I'm stuck in Safe Mode at this point) Going to attempt to reboot into normal mode and run the scan. Successfully was able to run malwarebytes and it found 1 more trojan, Trojan.Vundo --------------------------------------------------------- After re-boot the system immediately went into Windows Pro Startup - not Windows XP Professional so had to do second re-boot to select this... This has not been on my system previously, the Startup setting is new and what the system is trying to automatically re-boot into each time I have to boot. MGTools: Ran fine - have log Ad-Aware: Ran fine - have log DDs: Ran fine - have logs RootRepeal: Ran fine - have logs Re-Ran Spybot S&D again to see if it still picks up having PlatinumAdvertiser... It does, among other things still... I have the log... --------------------------------------------------------------------------------------------------------------------------------------------- Yesterday, I was online and opened a live chat that was web based for chatting on Bleeping Computer to try and find some assistance, as I've not had anyone respond to me since first posting on MajorGeek back on the 18th, apparently the live chat uses Java and all of a sudden the fuschia squigglies came back again, froze the screen and then shut down on its own and started to re-boot, but when re-booting, it went to the white screen but with the fuschia squigglies back, then when the screen went into the black screen with the neon green squigglies all over the screen, then a beautiful rainbow of colored blocks all over when it was going to the black screen where you would select either the recovery console or Windows XP Pro - but it will automatically go into Windows XP Pro Setup now (how do I get rid of that or change it?). Then it shut itself down automatically again and re-booted to a normal white screen, then the black screen without any squigglies on either and I was able to select the normal Windows XP Pro. -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- This Morning, I've followed the instructions for Preliminary Removal here and Disabled firewall & Kaspersky Anti-Virus Ran TFC.exe Rebooted - selected normal Windows XP Pro (Other current options are Recovery Console & Windows XP Pro Start Up (Setup) Disabled Firewall & kaspersky Anti-virus again Ran Malwarebytes, selected Remove and have log Rebooted - selected normal Windows XP Pro Ran RootRepeal and have log Updated & Installed Updated Java Uninstalled previous version Downloaded and installed Random's System Information Tool to desktop and ran... I have both logs. Any assistance to remove all of this stuff and figure out what MYCYCLE & PROR are and whether I can remove all of that too would be a massive life saver... Thank you so much for all of you who volunteer your time and expertise in advance... Last edited by kittikatt60; 08-23-2009 at 01:24 PM. Reason: attaching signature        |
|
09-01-2009, 12:08 PM
| ||||
| ||||
 kittikatt60, Sorry for the delay. If you are still having problems please let us know and somebody would be happy to help.
__________________ __________________  Check us out on Facebook!Useful Guides: Networking 101 Security 101 Disable Real Time Monitoring Virus/Malware Preliminary Removal Instructions |
|
| Tags |
| firefox, fuschia screen, platinumadvertiser, system freeze, trojan.vundo |
| Thread Tools | Search this Thread |
| Display Modes | |
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Firefox v3.5 NO Athena!! | Bobbye | Browsers | 5 | 08-28-2009 05:22 PM |
| [Solved] Win32/Heur Virus/Trojan | scotsteve | Virus and Malware Removal | 26 | 04-27-2009 02:41 PM |
| New Trojan == Ransomware! | jobeard | News and Links | 0 | 03-26-2009 09:18 PM |
| Tweaking Firefox settings | jobeard | Web Security | 0 | 02-03-2009 02:50 PM |
| Firefox was recently running slow for a few people | Blind Dragon | Browsers | 1 | 01-10-2009 05:39 PM |
Copyright © 2009 Tech-101.com. All rights reserved.
Linear Mode
