Vundo, and ConHook

By jwholt0402
Jan 12, 2009
  1. Hello,

    I'm running a WindowsXP computer that was last reformatted back in November 2008. I was using AVG Free as an antivirus program and AdAware 2008 as a Spyware program. Lately I've been having trouble with Firefox opening up windows sometimes to porn sites, sometimes to dating sites, some game sites and occasionally a blank screen with in the address bar.

    About a week back I got a notice pop up saying I have Virtumonde and various other Trojan Horse droppers/agents. I researched Virtumonde and found the VundoFix program. Which has turned up empty handed each time.

    Since then I've been running virus scans nightly and each night I get anywhere from 3-11 infection notices of various Trojan Horses. I always delete them. They are usually moved to the Virus Vault and sometimes my computer is required to restart for this to take effect.

    Lately the popups have become so annoying that I decided to do some research. I found your 8 Step Thread and Step says to download Anvira AntiVir Personal Free. Upon doing so it updated fine and started scanning. I have received multiple of the following:

    TR/Vundo.gfb.2 at C:\WINDOWS\System32\deyhvm.dll
    TR/Vundo.D.15 at C:\WINDOWS\System32\xxyvvtt.dll
    TR/ConHook.D.18 (sorry failed to grab the place of infection for this one)

    Every time I try to either Move to quarantine, delete or deny access it keeps popping back up. I actually just have the windows moved off screen for now.

    I've looked through this site and found several tips and programs to use but I'm unsure exactly which ones will work for me. I don't know how to get you these logs everyone posts...

    I appreciate any help that you can give me.
  2. jwholt0402

    jwholt0402 TS Rookie Topic Starter


    I finished reading the 8 Step Thread and did all the steps. Here's my logs.

    I forgot to mention that I have a Windows Security Alert in my right hand tray that shows up red with a white x. When I click on it it says Automatic Updates are off and I may be at risk.

    No matter how many times I click to change it nothing happens. I don't know if this is virus related or something else.

    Thanks again for any help.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...