Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
i had some pop up ads then ran my virus/malware/spyware programs and it found files that say vundo. i downloaded the vundofix program and it didnt find any files. what can i do to fix this?
this is my malwarebytes after I ran the vundo fix.exe from vundofix.org
Malwarebytes' Anti-Malware 1.34
Database version: 1887
Windows 5.1.2600 Service Pack 33/22/2009 8:51:48 PM
mbam-log-2009-03-22 (20-51-48).txtScan type: Full Scan (C:\|)
Objects scanned: 185934
Time elapsed: 1 hour(s), 21 minute(s), 37 second(s)Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 7
Registry Values Infected: 5
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 2Memory Processes Infected:
(No malicious items detected)Memory Modules Infected:
C:\WINDOWS\system32\bowajd.dll (Trojan.Vundo) -> Delete on reboot.Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f700871f-a33c-401e-bd55-e13db59756e9} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f700871f-a33c-401e-bd55-e13db59756e9} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{04f1db7b-ed0e-4e7a-a40c-2806a059cdd9} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{04f1db7b-ed0e-4e7a-a40c-2806a059cdd9} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04f1db7b-ed0e-4e7a-a40c-2806a059cdd9} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\75a17511 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm7692468d (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bofinamima (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.BHO) -> Quarantined and deleted successfully.Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.Folders Infected:
(No malicious items detected)Files Infected:
C:\WINDOWS\system32\bowajd.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\yupabeda.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
0 
i didn't turn off the system restore, i will do that. i have a couple of files i haven't been able to delete, hopefully that will work.
0
i've got the system restore off and i still have a couple things in my registry that when i delete them and they come back when i refresh, these are the files:
hkcr\clsid\{f700871f-a33c-401e-bd55-e13db59756e9}
hklm\software\microsoft\windows\currentversion\run\
bonfinamimahow can i get rid of these. also when i get online i get messages from my antivirus that things are trying to install on my computer. so i don't know if its because of these files or if the programs i am using are not catching everything.
i have run webroot antivirus w/antispyware, spyhunter and malwarebytes, each of them pick up different files
0
i have followed the instructions on the www.pcthreat.com and still can't get rid of this. i am not able to delete the files and none of my programs are able to either. is there anything else i can do?
0
try removing vundo manually, follow the manual removal instructions
http://security-threads.com/trojan-...
0
thanks for the advice. i tried that and it seems like i got everything. i also ran a program called exterminateit and that found mostly everything. my computer seems to be working better now and i was able to delete the files i couldn't get deleted before.
is there anything i can do to make sure everything is gone? i am just worried cause every program i used showed me different results but most of them are coming up as nothing found, except in malwarebytes it says that i have something disabled but isn't listed as the vundo virus
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
