i cant get rid of this resident Vundo !!

Discussion in 'malware problems & news' started by justmex, Jun 22, 2008.

Thread Status:
Not open for further replies.
  1. justmex

    justmex Registered Member

    Joined:
    May 19, 2008
    Posts:
    23
    help me please; the NNNNNNHK.dll just wont be removed
     

    Attached Files:

  2. Kosak

    Kosak Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    711
    Location:
    Slovakia
    Hi!

    Use UnDLL in safe mode.
     
  3. ASpace

    ASpace Guest

  4. justmex

    justmex Registered Member

    Joined:
    May 19, 2008
    Posts:
    23
    thanks so much

    was so desperate i didnt even see the safe mode advice still it kille dit :D
     
  5. justmex

    justmex Registered Member

    Joined:
    May 19, 2008
    Posts:
    23
  6. Kosak

    Kosak Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    711
    Location:
    Slovakia
    Virtumonde (Vundo) has got a lot of new variants every day and creators make everything for undetection by famous AV systems. Thanks for submission!

    Regards
     
  7. Philippe_FR22

    Philippe_FR22 Registered Member

    Joined:
    Sep 6, 2007
    Posts:
    249

    Hello,
    As far as I saw, there is a procedure to kill Vundo.

    -> Malwarebytes anti-malware (scan and remove)
    -> Then, there exists a tool to detect and fix vundo : combofix.exe
    - First run and check option 1 to generate a log
    - analyse the log (internet help, eventually) and if it's confirm that your are infected with vundo, you will need to run again combofix (safe mode or not, I don't remember) and to check option 2... There is somewhere a tutorial...

    Typing combofix in any search engine, will help you in downloading the tool and getting explainations...


    Regards
     
  8. Kosak

    Kosak Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    711
    Location:
    Slovakia
    Hi!

    Cleaning computer by ComboFix isn't very good for standard user, eg. because CF can caused damage OS. After automatic cleaning procedure is shown log, which provides other informations - last created/edited files and Registry keys/values. This is message for advanced user. Now, we don't provide advanced cleaning services here on the forum.

    Regards
     
  9. SUPERAntiSpy

    SUPERAntiSpy Developer

    Joined:
    Mar 21, 2006
    Posts:
    1,088
    Submit a support request here and we can update the definitions to remove what's likely re-installing the infection upon reboot:
    http://www.superantispyware.com/support.html
     
  10. jhowellMBL

    jhowellMBL Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    2
    My tried/tested method for getting rid of stuff like this is:

    - Install MalwareBytes & update it
    - Boot the PC in Safemode, where the program doesn't place itself in memory
    - Run MalwareBytes's full scan
    - Reboot in normal mode
    - Reboot in safemode w/Networking, repeat steps 2&3. Also run an ESET online scan afterwards.

    After that, you should have all (or at least 99%) of it, if its malware/viral. The pieces left won't be very harmful to your PC and your antivirus should pick up the rest of the pieces.
     
  11. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    A simple way of doing it is running ComboFix from HERE and follow the prompts.
    Disable your antivirus guard while performing this action and also close your browser and other running programs.

    This should help.
     
Loading...
Thread Status:
Not open for further replies.