So I've been getting popups for the last week now. I downloaded Panda AntiVirus and SpyBot search and destroy. It deleted everything and I was fine for about a day or two. Just today I stared getting popups again. I ran Panda Antivirus. It found some stuff and it deleted it. I ran Sy Bot and it found "Virtumonde" with the file path C:\WINDOWS\system32\jkhff.dll. It couldn't delete it.
I ran Panda again and everything was fine. I just have that one file but it duplicates itself when the internet is connected. SpyBOt is abe to delete the duplicates but not the original file.
Can I manually delete C:\WINDOWS\system32\jkhff.dll safely?
Is it safe t delete this: C:\WINDOWS\system32\jkhff.dll ?
Best rule of thumb when you are infected like this is to totally reinstall everything. Make sure your data is backed up, then format the hard drive and then re-install your O/S and all applications. Even if the system acts like it has been throughly cleaned odds are there is a stray bot lurking in the registry waiting to pounce.
Reply:shut off your windows restore so your problem wont restore.now run you scan and reboot. Allso you can turn your system restore back on
Good luck
BTW chris h is way off the target Thumbs down for Chris
Reply:Look here.
Reply:It may be in use. Try deleting it in safe-mode by pressing F8 during boot.
or
Try Online scanner GarbageClean http://www.GarbageClean.com it does pretty good cleaning.
Reply:NOOOOOOO!!!!!!!!!its a system file its infected you can quarinetine it ...and eventullly you will have to reformatt you computer!!...quarintine it then back up you data and then reformatt...happend to me before..
Reply:virtumonde is a nasty one good luck
Reply:Yes because I don't have that on my computer and it works fine.
Reply:"Your PC is infected. The file called JKHFF.DLL is considered unsafe..."
http://www.prevx.com/filenames/113676928...
______________________
VundoFix.exe is a specialized removal tool developed to remove Vundo (aka Virtumonde) infections.
VundoFix removal tool is here:
http://vundofix.atribune.org/
It's free.
Good luck.
Reply:no you can't,, its a system file.
try using another antivirus program that could fixed the infected file.
Reply:The only tool that comes close to removing it is vundofix.
http://www.atribune.org/content/view/24/...
Reply:You can try, but it's probably in the registry, thats why it keeps coming back. you might try and see if this works
http://siri.urz.free.fr/Fix/SmitfraudFix...
Reply:It is a nasty worm that reinstalls itself. The removal is tough. Go to this website and follow instructions:
http://discussions.virtualdr.com/showthr...
Reply:1. Download and run firefox to protect your from future spyware attacks and pop ups which are coming in through internet explorer (Trojan downloaders, win32 ) .Then update your windows through firefox
http://securitynewsfromthenet.blogspot.c...
2. Run the vundo and combo fix
http://securitynewsfromthenet.blogspot.c...
3. Run the anti spyware remove programs spybot
http://securitynewsfromthenet.blogspot.c...
and superantispyware
http://securitynewsfromthenet.blogspot.c...
to get rid of the nasties
4. Run a free online virus scan to be sure you computer is virus and spyware free.
http://securitynewsfromthenet.blogspot.c...
download and run McAfee Avert Stinger
Stinger is a stand-alone utility used to detect and remove specific viruses
http://vil.nai.com/vil/stinger/stinger.h...
5. Get the clean up tools to clean up the spyware from your temp folder (the place they are stored when downloaded by internet explorer)
http://securitynewsfromthenet.blogspot.c...
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment