Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Vundo and google redirect/jump issue

  • Please log in to reply
2 replies to this topic

#1 skidexa


  • Members
  • 12 posts
  • Local time:10:18 AM

Posted 05 May 2009 - 07:58 AM

Hi there, recently got infected with the Vundo trojan, I used MBAM and Super Anti Spyware to get rid of it. However I'm still getting redirects from google. Also I ran a HJT log and theres a suspicious entry in there:

O20 - AppInit_DLLs: ,C:\WINDOWS\system32\nohopeka.dll c:\windows\system32\pasamomu.dll,C:\WINDOWS\system32\tuyedote.dll

Please find the full HJT log attached

I will also do another Super Anti SPyware and MBAM scan and post up the logs tomorrow.

Thanks guys

NB I have had the vundo problem before so I suspect it was backed up in my system restore point.

Attached Files

BC AdBot (Login to Remove)


#2 skidexa

  • Topic Starter

  • Members
  • 12 posts
  • Local time:10:18 AM

Posted 08 May 2009 - 10:16 AM

Here are the logs from the DDS program. Disregard my HJT attachment if you guys want.

Attached Files

#3 SifuMike


    malware expert

  • Members
  • 15,385 posts
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:08:18 AM

Posted 17 May 2009 - 10:33 PM

Hi skidexa,

If you still need help then please download Malwarebytes' Anti-Malware from one of these places:

Double Click mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Quick Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy&Paste the entire MBAM report (even if it does not find anything) in your next reply along with a fresh HijackThis log.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!

Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users