Solved

virus 2nuk.com

Posted on 2009-07-04
5
721 Views
Last Modified: 2013-11-22
sir
PC gets hanged and drastically slowa the pc. checked the PC and found out this particular file hidden "2nuk.com". i tried mcafee antivirus, stinger, spybot, nod32 but there was no success. i tried deleting the file manually, but it gets created again. i searched the registry for this file but nothing exists. can you please help me out in this matter.
0
Comment
Question by:khalidgaffar
  • 2
5 Comments
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 24776634
It's a PWS trojan and it comes with other files as well that's why when deleting that one file it gets recreated.
Use MalwareBytes and ComboFix and show us the log file... .

Download Malwarebytes' Anti-Malware to your desktop, check for the tool's Updates before running a scan.
http://www.malwarebytes.org/mbam.php 
 

Or just run Combofix
Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe 
You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.


If needed, here's the Combofix tutorial which includes the installation of the Recovery Console:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix 
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 24776654
It's a password and info stealer, so I would suggest changing all passwords that have been used in the infected system(using another clean pc).

Also scan with Flash_Disinfector.exe and follow the prompts.
http://download.bleepingcomputer.com/sUBs/Flash_Disinfector.exe
0
 
LVL 13

Accepted Solution

by:
JeremySBrown earned 500 total points
ID: 24777149
You might want to scan with Dr. Web Anti-Virus too...
http://www.freedrweb.com/
0
 

Author Closing Comment

by:khalidgaffar
ID: 31599751
k
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
svg file 10 96
Is this virus ? 6 41
obsev.719 virus in win 7 pc 9 38
My Asus router (with Trend Micro on it) says a certain web site may have malware on it 4 73
HOW TO REMOTELY CLEAN MEROND.O WITH ESET SILENTLY PROBLEM       If you have the fortunate luck to contract the Merond.O virus on your network, it can be quite troublesome to remove as it propagates to network shares on your network. In my case, the …
It started not too long ago. It was at first annoying. My keystrokes seemed to be randomly generated, not the ones I typed on the keyboard. For some reason this only happened in certain applications (especially browsers such as IE11, Firefox and Chr…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question