Home > Need Help > Need Help - Vundo.gen Malware - Logs Posted

Need Help - Vundo.gen Malware - Logs Posted

As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged i need help TR/Vundo.Gen Started by iylegacy , Dec 16 2007 09:01 PM Please log in to reply #1 iylegacy Posted 16 December 2007 - 09:01 PM iylegacy New Member Member I have OneCare and it finds Vundo.gen!ah and Vundo.gen!G which it says it cleans but they keep coming back.I installed Spybot and it found about 50 things which it removed, I If this proves to be unsuccessful then we may need to seek out infected files on the system that are going undetected.

Notice the space between the "x" and "/". Jump to content Resolved Malware Removal Logs Existing user? Sign In Sign Up Browse Back Browse Forums Guidelines Staff Online Users Members Activity Back Activity All Activity My Activity Streams Unread Content Content I Started Search Malwarebytes.com Back Malwarebytes.com Malwarebytes button. http://newwikipost.org/topic/mCfJFBb3o72dAMLsGP16SZKB97aBMtIh/Need-help-Vundo-gen-malware-logs-posted.html

Finally, and definitely the MOST IMPORTANT step, click on the following tutorial and follow each step listed there:Simple and easy ways to keep your computer safe and secure on the InternetGlad If that's the case let's enable Artemis with "high sensitivity" and Virus Scan can do the same. Do you still get that error?

All rights reserved. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. The virus has evolved to a point where the infections load in explorer.exe, lsass.exe, and rundll32.exe in addition to the original winlogon.exe and iexplorer.exe processes. They should be gone now Post back with:-New DDS logsWith Regards,Extremeboy Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help.

If that's the case let's enable Artemis with "high sensitivity" and Virus Scan can do the same. I would suggest in addition to using a McAfee scanner to also check your computer with MalwareBytes (www.malwarebytes.org/mbam.php). Reboot the infected machine3. https://community.mcafee.com/thread/18674?tstart=0 I don't know how much more spelled out I can get, it's as easy as 1.2.3.

Message was edited by: marchant on 11/6/09 11:21 AM 11725Views Tags: none (add) This content has been marked as final. Read USB-Based Malware Attacks and Please disable Autorun asap!.If using Windows Vista, please refer to:"Disable AutoPlay in Windows Vista" "Preventing AutoPlay with Local Group Policy Editor or AutoPlay options panel"Note: When You can not post a blank message. Those were the results I wanted to see.

I am at work right now so can't run the programs that have been suggested. https://www.bleepingcomputer.com/forums/t/204918/trvundogen/?view=getlastpost Post the logs at a specialist Forum: AUMHA FORUM BLEEPING COMPUTER FORUM GEEKS TO GO FORUM MAJOR GEEKS FORUM MALWAREBYTES FORUM MALWARE REMOVAL FORUM SPYWAREHAMMER FORUM SPYWARE INFO FORUM WHAT THE Several functions may not work. This threat can perform a number of actions of a malicious hacker's choice on your PC.

Back to top #20 extremeboy extremeboy Malware Response Team 12,975 posts OFFLINE Gender:Male Local time:04:46 AM Posted 08 March 2009 - 02:46 PM Hello.What seems to be the problem? We will move that back and it should work again Create and Run batch scriptCopy the following into a notepad (Start>Run>"notepad"). REG.EXE VERSION 3.0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MSCONFIG.EXE REG_EXPAND_SZ %systemroot%\pchealth\helpctr\Binaries\MSCONFIG.EXEVSearch.txt:not found in a:\not found in b:\c:\I386\MSCONFIG.CHMc:\I386\MSCONFIG.EX_c:\WINDOWS\$NtServicePackUninstall$\msconfig.exec:\WINDOWS\Help\MSCONFIG.CHMc:\WINDOWS\ServicePackFiles\i386\msconfig.exenot found in d:\not found in e:\not found in f:\not found in g:\not found in h:\not found in Run 1st command as Jennifer?

Sign In Use Facebook Use Twitter Use Windows Live Register now! This will prevent the virus from starting up and protecting itself the next time the system is started even if the bad files cannot be detected by the scanners. Sign In Sign Up Browse Back Browse Forums Guidelines Staff Online Users Members Activity Back Activity All Activity My Activity Streams Unread Content Content I Started Search Malwarebytes.com Back Malwarebytes.com Malwarebytes Scan & clean with the current DAT files and engine (the Window launched in step 3 above) [there will be clean failures, that is expected]so it might be a good idea

jmisterActiveScan.txtmbam_log_2009_01_03__14_24_54_.txtActiveScan.txtmbam_log_2009_01_03__14_24_54_.txt Share this post Link to post Share on other sites Tigger93    Forum Deity Experts 1,668 posts ID: 2   Posted January 3, 2009 Hello.Please read and follow the instructions True story - Barney Stinson Its gonna be legen.. Register now!

This applies only to the original topic starter.

Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, Sign In All Activity Home Privacy Policy Contact Us Back to Top Malwarebytes Community Software by Invision Power Services, Inc. × Existing user? Sign In Sign In Remember me Not recommended on shared computers Sign in anonymously Sign In Forgot your password? Msconfig working now?

Uninstall ComboFixRemove Combofix now that we're done with it.Click on your Start Menu, then Run....Now type combofix /u in the runbox and click OK. We can always resort to MalwareBytes. This is normal please do not panic. Check out the forums and get free advice from the experts.

Another benefit to this program is the ability to recognize the registry entries and remove them. Again, thank you very much.... Sign in to follow this Followers 0 Go To Topic Listing Malwarebytes 3.0 Recently Browsing 0 members No registered users viewing this page. Run Process Explorer and suspend the Explorer.exe, Winlogon.exe, lssas.exe and rundll32.exe processes (right-click on these process names and choose suspend)5.