Vundo Trojan

spencerarts

I had a Vundo trojan which, although Bit Defender Plus 10 picked up & quarentined, still kept reappearing.

The latest problem was erroe messages coming up immediately on re-starting computer

"Cannot Find c:\Documents & Settings", "C/Adobe.exe", & a few others.

I ran Vundofix, & Combofix. Combofix seems to have fixed the proble, as all the annoying messages have gone.

I have attached Combofix Quarentie file.

I ran Bit Defender & it found Vundo trojan again, & put the following files into Qaurentine: -

_dqceekek.dll_.vir

_embyovqp.dll_.vir

_iifcASJA.dll._.vir

_iomtfxud.dll_.vir

_irfskl.dll_.vir

_ttkfaoxy.dll_.vir

_wvUliiFX.dll_.vir

Are these files renambed by Combofix after it's scan, if not, what should I do with them.

/applications/core/interface/file/attachment.php?id=2995" data-fileid="2995" rel="">ComboFix_quarantined_files.txt

Niels

Hello wyelander,

Combofix renames the files so they can't be executed by renaming the files by adding .vir. But to be sure that there aren't any leftovers I need to see a new combofix log.

Kind regards,

Niels

csalgau

Dear sir. In situations like these it is best that you provide us with an AVIS log or equivalent so we can see what the actual problem is.

You probably have an undetected dropper somewhere and logs could show us what files you should submit for analysis.