Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Viruses: [vundo] [wuamgrd.worm] [rdll Backdoor]


  • Please log in to reply
10 replies to this topic

#1 AnonymousUser

AnonymousUser

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:14 PM

Posted 29 June 2008 - 04:24 PM

Well turns out I downloaded a program that gave me a massive vundo spread all over my PC as well as RDLL Backdoor and Wuamgrd.worm. I spent a couple hours yesterday trying to fix them before I had to go to sleep. No luck so far.

What have I done to try to fix it?
  • Vundo: I've searched several times and the majority of the information I've pulled up has been to download "VundoFix" and another similar program if that doesn't work. In regards, neither of those programs even recognize that vundo exists on my PC. Upon reboot Windows Defender always alerts me that Vundo is still there. I used another "free" virus scanner and it's taken out some of the vundo files I believe, but I don't think it resolved everything.
  • RDLL Backdoor. I've searched all over the place and no luck on anything to get rid of this virus. The only things I've pulled up to get rid of it were "you need to pay lolololol virus scanners."
  • Wuamgrd.worm. Not much. I just got back from work and haven't had the time to research into it as much. I was more concerned with getting rid of the Backdoor. I only realized I had it this morning.
Basically with Vundo I'm not even being effected by it as normal users would. I read that it initiates constant pop-ups on one's PC, but however, for me, the only thing that's happening with my PC is that everytime I open a folder it closes it within 3-5 seconds. So.. honestly if anyone has any advice that involves me going into my PC to remove things, unless there is a way for me to stop the folders from closing themself, then there's no way I'll be able to. =/

The only thing that isn't closing itself is internet browsers, messengers, and programs I pull up.

Anyhow. Thanks in advance.

Edited by AnonymousUser, 29 June 2008 - 04:39 PM.


BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:14 PM

Posted 29 June 2008 - 05:25 PM

Run the following fix:

How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo

After that run a full system scan with Malwarebytes' Anti-Malware.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 AnonymousUser

AnonymousUser
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:14 PM

Posted 29 June 2008 - 06:51 PM

[quote name='Budapest' date='Jun 29 2008, 05:25 PM' post='867504']

How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo


Not to be rude, but did you not read the first post of mine?

Quoted by first post: Vundo: I've searched several times and the majority of the information I've pulled up has been to download "VundoFix" and another similar program if that doesn't work. In regards, neither of those programs even recognize that vundo exists on my PC.

The URL you gave me provides the same information I said in my first post that doesn't work for my Vundo infection. Vundo Fix and VundoBeGone are not detecting the infection on my PC.

I'll try to see what happens when I scan with the second link.

Thank you

----

Also now my PC is running much slower. CPU % keeps going up to 90 and back down to 1. When I try to close or stop programs, they open back up. Regardless none of these programs that are running are viruses, but I think the viruses are making them run in the background anyhow.
I'm having issues pulling up everything from files over processing.

Also I have dll files missing out of my system32 folder. When I boot up my computer it's telling me that they're missing.

Edited by AnonymousUser, 29 June 2008 - 07:00 PM.


#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:14 PM

Posted 29 June 2008 - 07:07 PM

Not to be rude, but did you not read the first post of mine?

Seems like i missed that bit - sorry :thumbsup:

After the Malwarebytes scan run a full system scan with SuperAntiSpyware in Safe Mode.

How to start Windows in Safe Mode
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 AnonymousUser

AnonymousUser
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:14 PM

Posted 30 June 2008 - 12:28 PM

Okie 9 hours scanning so far and it's only gone through 44,000 files. I know it's going to have to scan atleast 1.2 Million files to get through everything. It seems to be taking 2 minutes on EACH even relatively small files now. It didn't do that in the beginning. It doesn't seem to be making much progress. =/ It's detected 4 files so far.. Should I just abort, kill the 4 its picked up, and try to scan with super anti spyware? If it keeps going this slow, even if I leave my computer on for 24/7 it wont be done for over a week...

Edited by AnonymousUser, 30 June 2008 - 12:28 PM.


#6 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:14 PM

Posted 30 June 2008 - 04:30 PM

Yeah - I think I'd move on to the SuperAntiSpyware scan (in Safe Mode) if the first one is taking too long.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#7 AnonymousUser

AnonymousUser
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:14 PM

Posted 30 June 2008 - 08:05 PM

All right I moved onto it and scanned it while I was at work. It did fine in safe mode and picked up 4 more viruses and about 134 spyware entries. I restarted and my computer is still going VERY slow. It can still barely process anything.

I think the folders closing themself have been resolved.
I'm not getting anymore "files missing from system32" errors anymore.
The Worm is gone.

I don't know if vundo still exists on my PC. I did a scan with Bazooka and RDLL Backdoor still exists. Doesn't seem SuperAntiSpyware got rid of that. I don't think I should bother with Malwarebytes at the moment, because it doesn't seem my computer can handle it... Or should I also run that in safemode? .. It doesn't seem my computer can run any virus scanner unless it's in safemode actually.

#8 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:14 PM

Posted 30 June 2008 - 08:55 PM

Malwarebytes is designed to be run from Normal Mode. You can run it from Safe Mode, but it may not be as effective. However, seeing that you're having problems running it in Normal Mode you may as well try running it in Safe Mode.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#9 AnonymousUser

AnonymousUser
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:14 PM

Posted 01 July 2008 - 12:11 AM

All right. I'll try that tonight.

I'm starting to wonder if I even have vundo and if I'm having a worm called vundo instead-- that really isn't. This virus seems to be constantly multiplying itself. I've run 3 other scanners. The recent one picked up 10 duplicates of vundo. x_x'

My computer seems to SLIGHTLY be booting up better now, but it's still so ridiculously slow =/.

Other thing.. I checked my task manager and there was something that was taking up 63 or so CPU. Curious on if that would be a virus or.. what? *Doesn't know honestly*

Also this isn't normal is it? 10 multiple files or something:

Posted Image I'm also having files come into my task manager every so often. I stopped one of them that was running at 63~ cpu and that made my computer run much faster. It hasn't come back. CPU Usage was running to 90% beforehand.

Also seems with me closing the memory eating process I can run things while in normal mode.

Edited by AnonymousUser, 01 July 2008 - 12:30 AM.


#10 AnonymousUser

AnonymousUser
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:14 PM

Posted 02 July 2008 - 02:51 AM

Hmm I think the majority of the viruses are gone... if not almost all of them. Backdoor was my main problem it seems.

I'm guessing other issues I'm having would be that I need to defrag my computer or such? Should I do that or what should I do after my computer is cleaned of viruses?

Thank you for the help by the way.

#11 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:14 PM

Posted 02 July 2008 - 04:25 PM

Can you run the Malwarebytes scan in Normal Mode now?
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users