Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

virus 2nuk.com

Posted on 2009-07-04
5
Medium Priority
?
728 Views
Last Modified: 2013-11-22
sir
PC gets hanged and drastically slowa the pc. checked the PC and found out this particular file hidden "2nuk.com". i tried mcafee antivirus, stinger, spybot, nod32 but there was no success. i tried deleting the file manually, but it gets created again. i searched the registry for this file but nothing exists. can you please help me out in this matter.
0
Comment
Question by:khalidgaffar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 24776634
It's a PWS trojan and it comes with other files as well that's why when deleting that one file it gets recreated.
Use MalwareBytes and ComboFix and show us the log file... .

Download Malwarebytes' Anti-Malware to your desktop, check for the tool's Updates before running a scan.
http://www.malwarebytes.org/mbam.php 
 

Or just run Combofix
Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe 
You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.


If needed, here's the Combofix tutorial which includes the installation of the Recovery Console:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix 
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 24776654
It's a password and info stealer, so I would suggest changing all passwords that have been used in the infected system(using another clean pc).

Also scan with Flash_Disinfector.exe and follow the prompts.
http://download.bleepingcomputer.com/sUBs/Flash_Disinfector.exe
0
 
LVL 13

Accepted Solution

by:
JeremySBrown earned 1000 total points
ID: 24777149
You might want to scan with Dr. Web Anti-Virus too...
http://www.freedrweb.com/
0
 

Author Closing Comment

by:khalidgaffar
ID: 31599751
k
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most PC repair technicians (if not all) always start their cleanup process by emptying the temp folders before running any removal tools. It makes sense because temp folders are common places for malware installers to lurk and removing all the junk …
Some of the most commonly posted questions in the "Virus & Malware" Zones are related to the family of rogue malware with the date "2012" somewhere in the title. Examples: XP Antispyware 2012 XP Antivirus 2012 XP Security 2012   XP Home Sec…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question