Vundo Removal Please Help Me mum is gonna kill me

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by gilly_uk, Feb 10, 2006.

  1. gilly_uk

    gilly_uk Private E-2

    Hi I have tried many virus removal programs from FixVundo to VundoFix etc and others I have found across the web. Ran spybot and microsoft anti spyware and have cleaned the computer thoroughly. I have attached my Hijackthis log as im completely stuck now. The infected Dll is in the System32 folder and it just doesn't get detected. Please can someone help !!! Thanks in advance.

    Edit by bjgarrick: Inline log attached!
     

    Attached Files:

    Last edited by a moderator: Feb 10, 2006
    gilly_uk, Feb 10, 2006
    #1
  2. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Welcome to MajorGeeks.com!

    Please follow forum guidelines and perform cleaning steps in the sticky thread before posting HijackThis logs.

    You have the newest variant of the Vundo infection. As of right now there is no removal tool for this so I why I work up a fix for you please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

    [​IMG] Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

    • Make sure you check version numbers and get all updates.
    [​IMG] Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

    [​IMG]After doing ALL of the above and you still have a problem, make sure you have booted to normal mode and run the steps in the below thread to properly use HijackThis and attach the log:

    [​IMG] Downloading, Installing, and Running HijackThis
     
    bjgarrick, Feb 10, 2006
    #2
  3. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Also, I would like to you navigate to and manually locate the following two files. Once you have located them I would like for you to ZIP both files and upload them to your post so they can be investigated.

    C:\WINDOWS\system32\holdapi.dll
    C:\WINDOWS\system32\oktmkpyk.dll

    To prevent anyone else from downloading them I will remove the attachment once I have them downloaded.
     
    bjgarrick, Feb 10, 2006
    #3
  4. gilly_uk

    gilly_uk Private E-2

    Hi, Tried to upload them its not possible, Cant zip them either throws an error. Very weird. Is this a new strand of the virus then? I will continue to try and upload them tho
     
    gilly_uk, Feb 10, 2006
    #4
  5. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Locate the files manually, copy them and paste to your desktop. Try again to ZIP them and attach them as a ZIP file.

    Yes, this is the newest variant of the Vundo Trojan. To my knowledge there is no removal tool available for this so I am making a manual fix for you. The reason I need the files is to investigate and see if we can get enough information to get this in a removal tool.
     
    bjgarrick, Feb 10, 2006
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds