Just ran a Windows Live safety scan, I need help removing winfixer and vundo PLEASE

Discussion in 'Malware Help (A Specialist Will Reply)' started by Ricta, May 9, 2008.

  1. Ricta

    Ricta Private E-2

    I've been trying to remove vundo for the past 2 days and nothing has worked, it keeps coming back scan after scan. My most recent live scan that I just ran shows these threats:

    exploit:Java/Byteverify.F,

    Trojan:Win32/Vundo.FBJ,

    Trojan:Win32/Vundo.gen!D,

    and program:Win32/Winfixer.



    It also found 10 registry items and some other things. Please though can I have help with removal of these and where to go from here. I haven't deleted the items off this scan yet. My computer has been going crazy slow the past 2 days.



    Thank you
     
  2. Ricta

    Ricta Private E-2

    Re: Just ran a Windows Live safety scan, I need help removing winfixer and vundo PLEA

    also I have ran vundofix and it shows no infected files
     
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Re: Just ran a Windows Live safety scan, I need help removing winfixer and vundo PLEA

    Welcome to Major Geeks!

    Please follow the instructions in the below link and attach the requested logs when you finish these instructions.

    READ & RUN ME FIRST. Malware Removal Guide
     
  4. Ricta

    Ricta Private E-2

    Re: Just ran a Windows Live safety scan, I need help removing winfixer and vundo PLEA

    Ok So I ran Superantispyware and got a log, then ran Spybot without a hitch. NOw when I went to run Malware Bytes I get a run time error 372: Fialed to load control 'imagelist' from COMCTL32.OCX. Your version of COMCTL32.OCX may be outdated. I don't know that this means. Next, Started the instructions on combo Fix. I printed all the instructions. That's what I'm working off of. I saved combo Six.exe to desktop . I renamed it cf.exe. Then I went to run and typed in the path exactly as written per instructions and got this error. Windows cannot find "C:\Documents and Settings\userprofile\desktop\cf.exe"/killall.

    The rest of the error said make sure you typed the name correctly and try again.
     
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Re: Just ran a Windows Live safety scan, I need help removing winfixer and vundo PLEA

    You would be better off copying and pasting the instruction instead of typing. Did you actually put in the word userprofile or did you enter it with the percent signs enclosing it?

    You have to enter the below into the run box exactly as given with the quotes and the percent signs.

    "%userprofile%\desktop\cf.exe" /killall
     
  6. Ricta

    Ricta Private E-2

    Re: Just ran a Windows Live safety scan, I need help removing winfixer and vundo PLEA

    I'm sorry man, I'm taking exactly what you have there "%userprofile%\desktop\cf.exe" /killall and copying it and pasting it into run. I still get the same error. I'm pretty sure I'm doing right, my combo fix icon is on the desktop and it's renamed cf.exe.
     
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Re: Just ran a Windows Live safety scan, I need help removing winfixer and vundo PLEA

    Just continue on with the rest of the instructions and attach the other logs that are requested. Since you also had an error with MBAM, you just need to attach the SUPERAntiSpyware log and the MGtools log. We will worry about ComboFix later.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds