Jump to content

Vundo Virus


Recommended Posts

I started getting a Vundo Virus about a week ago. I think I was successfully able to remove it using AVG and a Symantec Vundo removal program.

However, when I log onto my computer it is displaying two "files not found" boxes labled "rundll". The files have the name gevikeyi.dll and nenafuvu.dll

Anyhelp in fixing this is appreciated!

Thanks in advance,

Link to post
Share on other sites

I started getting a Vundo Virus about a week ago. I think I was successfully able to remove it using AVG and a Symantec Vundo removal program.

However, when I log onto my computer it is displaying two "files not found" boxes labled "rundll". The files have the name gevikeyi.dll and nenafuvu.dll

Anyhelp in fixing this is appreciated!

Thanks in advance,

What Malwarebytes' Anti Malware found is shown in the attached picture.

Help anyone?

Link to post
Share on other sites

Sorry the results didn't attach in the last post because it was too big. Basically it found about 8 of "Registry Value" and "Registry Value" category things. The Vendor is Trojan.Vundo. The items were all HKEY_LOCAL_MACHINE/SOFTWARE/Micro...

One was Vendor "Disabled.Security...", Category "Registry Data".

Link to post
Share on other sites

I just figured out how to get the log file on the forum:

Malwarebytes' Anti-Malware 1.36

Database version: 2013

Windows 5.1.2600 Service Pack 3

4/19/2009 9:46:56 PM

mbam-log-2009-04-19 (21-46-53).txt

Scan type: Quick Scan

Objects scanned: 67194

Time elapsed: 9 minute(s), 29 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 5

Registry Values Infected: 2

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{add64a4f-3069-434e-8861-db9d6d4fc030} (Trojan.Vundo.H) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{add64a4f-3069-434e-8861-db9d6d4fc030} (Trojan.Vundo.H) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nadazupatu (Trojan.Vundo.H) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\705586e5 (Trojan.Vundo.H) -> No action taken.

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Thanks for the help guys. This was the last scan:

Malwarebytes' Anti-Malware 1.36

Database version: 2013

Windows 5.1.2600 Service Pack 3

4/19/2009 10:21:54 PM

mbam-log-2009-04-19 (22-21-54).txt

Scan type: Quick Scan

Objects scanned: 67240

Time elapsed: 9 minute(s), 34 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.