Solved

virus 2nuk.com

Posted on 2009-07-04
5
725 Views
Last Modified: 2013-11-22
sir
PC gets hanged and drastically slowa the pc. checked the PC and found out this particular file hidden "2nuk.com". i tried mcafee antivirus, stinger, spybot, nod32 but there was no success. i tried deleting the file manually, but it gets created again. i searched the registry for this file but nothing exists. can you please help me out in this matter.
0
Comment
Question by:khalidgaffar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 24776634
It's a PWS trojan and it comes with other files as well that's why when deleting that one file it gets recreated.
Use MalwareBytes and ComboFix and show us the log file... .

Download Malwarebytes' Anti-Malware to your desktop, check for the tool's Updates before running a scan.
http://www.malwarebytes.org/mbam.php 
 

Or just run Combofix
Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe 
You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.


If needed, here's the Combofix tutorial which includes the installation of the Recovery Console:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix 
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 24776654
It's a password and info stealer, so I would suggest changing all passwords that have been used in the infected system(using another clean pc).

Also scan with Flash_Disinfector.exe and follow the prompts.
http://download.bleepingcomputer.com/sUBs/Flash_Disinfector.exe
0
 
LVL 13

Accepted Solution

by:
JeremySBrown earned 500 total points
ID: 24777149
You might want to scan with Dr. Web Anti-Virus too...
http://www.freedrweb.com/
0
 

Author Closing Comment

by:khalidgaffar
ID: 31599751
k
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Forget those services on TV trying to sell you software – that’s step one.  Almost all of the software you need should be available for free.  The tricky part is doing the work.  If you are not comfortable performing these steps yourself, contact a …
Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question