TechSpot

Can't Remove Virus: trojan.vundo

By bruhahaa
Sep 24, 2009
  1. Hi,
    I can't seem to remove Virus: trojan.vundo from my PC. Malwarebytes' Anti-Malware, Spybot Search and Destroy, and AVG have all found it and removed it several times but it seems to keep coming back. Please help me remove the root of the virus so that it doesn't reinstall on reboot. I am attaching my hijackthis.log file.
     
  2. Tmagic650

    Tmagic650 TS Ambassador Posts: 20,911   +167

    Have you followed the 8-Step Virus & Malware removal instructions?
     
  3. bruhahaa

    bruhahaa TS Rookie Topic Starter

    I saw 8-Step Virus & Malware removal instructions right after I posted as a related thread. I started going through it but I have not yet completed all the steps. I will finish it tonight and send new log files.
     
  4. bruhahaa

    bruhahaa TS Rookie Topic Starter

    8 steps complete

    I completed the 8 steps. Please review my log files and let me know if there is anything else I need to do to make sure my PC is clean. Thanks in advance for your help.

    I am also getting a file not found on startup. I know it was part of the vundo but how to I stop windows from looking for this file? I am attaching a bmp of the pop up.
     
  5. Tmagic650

    Tmagic650 TS Ambassador Posts: 20,911   +167

    You have to delete or quarantine anything found in the mbam log. Aslo you are going to stop, disable or uninstall the following entries in the hijack log:


    AppInit_DLLs: fuledipu.dll c:\windows\system32\yetugayu.dll
    HKLM\..\Run: [pejejemuy] Rundll32.exe "c:\windows\system32\yetugayu.dll",a
    HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.