1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Vundo trojan

Discussion in 'Virus & Other Malware Removal' started by Kalanemi, Apr 1, 2010.

Thread Status:
Not open for further replies.
  1. Kalanemi

    Kalanemi Thread Starter

    Joined:
    Apr 1, 2010
    Messages:
    2
    So, I'm usually careful, but I got infected by the Vundo trojan through an ad on a site I go to all the time.

    I managed to get Malwarebytes running, and it recognized and deleted the trojan, but I'm still having problems (Photoshop not opening, MSN Messenger not working)

    Here's my last Malwarebytes log - I'm running Vista 64bit.

    Malwarebytes' Anti-Malware 1.45
    www.malwarebytes.org

    Database version: 3930

    Windows 6.0.6001 Service Pack 1
    Internet Explorer 7.0.6001.18000

    4/1/2010 9:10:18 PM
    mbam-log-2010-04-01 (21-10-18).txt

    Scan type: Full scan (C:\|)
    Objects scanned: 94745
    Time elapsed: 24 minute(s), 31 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 1
    Folders Infected: 0
    Files Infected: 7

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\Windows\System32\dokakuru.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\Windows\System32\farakive.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\Windows\System32\hukodare.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\Windows\System32\jujiyaki.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\Windows\System32\losesafa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\Windows\System32\ziwotuha.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
     
  2. Kalanemi

    Kalanemi Thread Starter

    Joined:
    Apr 1, 2010
    Messages:
    2
    Update:

    I apparently managed to remove the viruses after two Malwarebytes scans and computer restarts (Malwarebytes scans come up with 0 threats), but Photoshop still doesn't work, and now I'm unable to change my Automatic Update settings. I get an error message when I try (Something like "Windows Update can't change your automatic update settings").
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/914165

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice