![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Flogger23m
[H]F Junkie
- Joined
- Jun 19, 2009
- Messages
- 13,256
Got what I think is called the Vundo/Antivir Solution Pro virus yesterday. I had it a month ago, and must not have removed it completely... so I got it again yesterday.
So I went through the stickied thread again, I did a more thorough scanning.
I am pretty sure I deleted it this time, but i have one issue now:
At start up in Vista (non-safe mode), I get an error saying that addwp.dll can not start. What is this .dll, and how do I repair it if I need it?
As those interested in what I did, I did the following:
1) I noticed my PC was running a bit slow. So I figured I'd scan the Windows folder with Avira Free. Left it alone while it was scanning, and came back. It had found 10 or so infected files/trojans, and the Antivir Solution Pro virus popped up. I let Avira finish, and removed what it found.
2) Then went into safe mode, and deleted all the registry items and did everything else listed here:
http://www.spywareremove.com/removeAntivirSolutionPro.html
I restarted into Windows. All seemed fine.
3) I then scanned the Windows and Users folder with Malwarebytes. Found some stuff, and deleted them.
Then did the same with AVG and Super Anti Spyware Free, both came out clean.
Then I scanned the entire system with Spybot S&D. Found the following:
Adware.Adshot
Trojan Adware x 2
Hkey_Local_Machine\Software\Microsoft\CurrentVersion\run\Enipijo
Hkey_Local_Machine\Software\\avsuite
anezehujojolowu.dll
Deleted all the files fine.
4) Turned off system restore.
5) Went back into safe mode. Before I could go into Safe Mode, Spybot automatically did a 2nd scan.
6) Now I am in safe mode, and ran Avira and Malwarebytes over night, scanned the entire system.
Malwarebytes found some junk, deleted that. Avira came clean (maybe Malwarebytes found them first).
Ran Spybot a 3rd time in safe mode. Came clean.
Then I scanned the Windows folder in safe mode with AVG, came clean.
7) Booted back to normal Vista mode, and got the missing addwp.dll. Any insight on what this is would help.
What I will do next:
1) Run ESET online scanner, doing so at the moment.
2) Install and run Sophos anti rootkit (shall I do this in safe mode?).
3) Run rkill?
4) Full system scan with Super Anti Spyware and AVG Free in safe mode.
5) Run Combofix?
So I went through the stickied thread again, I did a more thorough scanning.
I am pretty sure I deleted it this time, but i have one issue now:
At start up in Vista (non-safe mode), I get an error saying that addwp.dll can not start. What is this .dll, and how do I repair it if I need it?
As those interested in what I did, I did the following:
1) I noticed my PC was running a bit slow. So I figured I'd scan the Windows folder with Avira Free. Left it alone while it was scanning, and came back. It had found 10 or so infected files/trojans, and the Antivir Solution Pro virus popped up. I let Avira finish, and removed what it found.
2) Then went into safe mode, and deleted all the registry items and did everything else listed here:
http://www.spywareremove.com/removeAntivirSolutionPro.html
I restarted into Windows. All seemed fine.
3) I then scanned the Windows and Users folder with Malwarebytes. Found some stuff, and deleted them.
Then did the same with AVG and Super Anti Spyware Free, both came out clean.
Then I scanned the entire system with Spybot S&D. Found the following:
Adware.Adshot
Trojan Adware x 2
Hkey_Local_Machine\Software\Microsoft\CurrentVersion\run\Enipijo
Hkey_Local_Machine\Software\\avsuite
anezehujojolowu.dll
Deleted all the files fine.
4) Turned off system restore.
5) Went back into safe mode. Before I could go into Safe Mode, Spybot automatically did a 2nd scan.
6) Now I am in safe mode, and ran Avira and Malwarebytes over night, scanned the entire system.
Malwarebytes found some junk, deleted that. Avira came clean (maybe Malwarebytes found them first).
Ran Spybot a 3rd time in safe mode. Came clean.
Then I scanned the Windows folder in safe mode with AVG, came clean.
7) Booted back to normal Vista mode, and got the missing addwp.dll. Any insight on what this is would help.
What I will do next:
1) Run ESET online scanner, doing so at the moment.
2) Install and run Sophos anti rootkit (shall I do this in safe mode?).
3) Run rkill?
4) Full system scan with Super Anti Spyware and AVG Free in safe mode.
5) Run Combofix?