Computer virus question...

LeeH · 12-01-2008, 08:18 PM

So I'm working away at my computer today and suddenly a box pops up warning me that I have a virus. Of course it's the real virus that is warning me about other nonexistant viruses. Send $50 (to Russia, it seems) and it will be fixed. The program is called Winweb Security.

I found the .exe file and deleted it, but it reappeared on reboot. A full McAfee scan found a few items, but not the winweb.

There's a real company, winweb.com, that's having a bad week as this thing is popping up all over and folks are calling them all pissed off. They're actually doing their best to help.
http://www.sme-blog.com/winweb/how-to-fixremove-winweb-security-virusmalware

I did a system restore back to a couple of days ago and so far everything seems fine. Can I expect this to reappear or should that take care of it?

HardDrive · 12-01-2008, 08:37 PM

You and me both brother.

I had the 'vundo' trojan on my machine all day. I think have it sorted, but it was a pain in the rear. Killed the .dlls that were causing it, but there is still a entry somewhere in the registry thats kicking off rundll.exe.

***** waste of time.

slodave · slodave's Garage

Quote:

Originally Posted by HardDrive

You and me both brother.

I had the 'vundo' trojan on my machine all day. I think have it sorted, but it was a pain in the rear. Killed the .dlls that were causing it, but there is still a entry somewhere in the registry thats kicking off rundll.exe.

***** waste of time.

Get one of the fix Vundo tools and be one with it.
http://www.bleepingcomputer.com/malware-removal/remove-vundo-virtumonde

slodave · slodave's Garage

Malwarebytes is alright as well for both issues.

http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

Hi Mule!

nynor · 12-01-2008, 08:45 PM

the system restore should work. i just did this fix for a friend of mine.

dtw · 12-02-2008, 07:38 AM

I got rootkit'd over the weekend and spent most of Saturday trying to shut the trojan down. Malwarebytes wouldn't run. I tried to reinstall and the reinstaller kept crashing. My anti-virus programs couldn't access their home sites to update themselves. Browser was hijacked. The computer was basically useless. I couldn't even really download anything, but I could transfer files over from another computer on the network that I used to download installers.

Anyway, the only thing that ultimately worked was making a Linux boot disk with a strong anti-virus sweeper. It worked perfectly.

http://www.avira.com/en/pages/index.php

DavidB911 · 12-02-2008, 11:23 AM

a good program to run is 'hijack this'. this program looks at all registry, system, etc changes (ie. homepage changed to pelican

) and asks which ones u want to 'fix'. this program should show what is causing the problems. there used to be a forum that would help people if you posted up your .txt log file. they would say which ones to fix and which to leave alone. the really great thing about it is that its only like 100k.

ruf-porsche · ruf-porsche's Garage

Get a virtual computer and you won't have these problems.

Or quit going to the porn sites.

LOL

Arizona_928 · 12-02-2008, 08:46 PM

Quote:

Originally Posted by ruf-porsche

Or quit going to the porn sites.

LOL

when I got mine I actually wasn't on a porn site.
It was pretty stupid though, I thought I could fight it but in the end I did a restore.