4 replies to this topic

[helpmycomputer]

I started getting a Vundo Virus about a week ago. I think I was successfully able to remove it using AVG and a Symantec Vundo removal program.

However, when I log onto my computer it is displaying two "files not found" boxes labled "rundll". The files have the name gevikeyi.dll and nenafuvu.dll

Anyhelp in fixing this is appreciated!

Thanks in advance,

[helpmycomputer]

helpmycomputer, on Apr 19 2009, 09:07 PM, said:

I started getting a Vundo Virus about a week ago. I think I was successfully able to remove it using AVG and a Symantec Vundo removal program.

However, when I log onto my computer it is displaying two "files not found" boxes labled "rundll". The files have the name gevikeyi.dll and nenafuvu.dll

Anyhelp in fixing this is appreciated!

Thanks in advance,

What Malwarebytes' Anti Malware found is shown in the attached picture.

Help anyone?

[helpmycomputer]

Sorry the results didn't attach in the last post because it was too big. Basically it found about 8 of "Registry Value" and "Registry Value" category things. The Vendor is Trojan.Vundo. The items were all HKEY_LOCAL_MACHINE/SOFTWARE/Micro...

One was Vendor "Disabled.Security...", Category "Registry Data".

[helpmycomputer]

I just figured out how to get the log file on the forum:

Malwarebytes' Anti-Malware 1.36
Database version: 2013
Windows 5.1.2600 Service Pack 3

4/19/2009 9:46:56 PM
mbam-log-2009-04-19 (21-46-53).txt

Scan type: Quick Scan
Objects scanned: 67194
Time elapsed: 9 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 2
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{add64a4f-3069-434e-8861-db9d6d4fc030} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{add64a4f-3069-434e-8861-db9d6d4fc030} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nadazupatu (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\705586e5 (Trojan.Vundo.H) -> No action taken.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[helpmycomputer]

Thanks for the help guys. This was the last scan:
Malwarebytes' Anti-Malware 1.36
Database version: 2013
Windows 5.1.2600 Service Pack 3

4/19/2009 10:21:54 PM
mbam-log-2009-04-19 (22-21-54).txt

Scan type: Quick Scan
Objects scanned: 67240
Time elapsed: 9 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)