Home > General > Generic.Vundo.C

Generic.Vundo.C

Installation Trojan:Win32/Vundo.gen!C uses RUNDLL32.EXE to execute the trojan's DLL.   The trojan creates the following mutexes during its installation: awx_mutantLocal_VMMainMutex_ConsprMutx   Trojan:Win32/Vundo.gen!C makes the following registry modifications: Adds value: @ With data: "have a peek here

Um die Logfiles in eine CODE-Box zu stellen gehe so vor: Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C. scanning hidden files ... Vundo Problem Started by uk_geezer , Aug 24 2008 05:35 PM Please log in to reply 7 replies to this topic #1 uk_geezer uk_geezer Members 4 posts OFFLINE Local time:08:46 The power of accurate observation is commonly called cynicism by those who haven't got it.--George Bernard Shaw Back to top #3 uk_geezer uk_geezer Topic Starter Members 4 posts OFFLINE Local check here

Business  For Home  Alerts No new notifications at this time. sys [08/02/08 17:45 ] R0 TfSysMon;TfSysMon;C:\WINNT\system32\drivers\TfSysM on.sys [08/02/08 17:45 ] R1 kbfilter;Keyboard Filter Driver;C:\WINNT\system32\drivers\kbfilter.sys [13/01/04 17:05 ] R1 moufiltr;Mouse Filter Driver;C:\WINNT\system32\drivers\moufiltr.sys [29/09/03 11:27 ] R3 usbhub20;USB 2.0 Root Hub Support;C:\WINNT\system32\DRIVERS\usbhub20.sys [19/06/03 Javascript Disabled Detected You currently have javascript disabled.

What do I do? 1 user(s) are reading this topic 0 members, 1 guests, 0 anonymous users Reply to quoted postsClear BleepingComputer.com → Security → Am I infected? TROJ_VUNDO.AXM Alias:Vundo (McAfee), Trojan.Vundo (Symantec), TR/Vundo.Gen (Avira), Trojan:Win32/Vundo.gen!A (Microsoft) TROJ_VUNDO.GKN Alias:Trojan.Win32.Monder.bbwg (Kaspersky), Vundo.gen.ab (McAfee), Trojan.Vundo (Symantec), TR/Vundo.Gen (Avira), Trojan:Win32/Vundo.gen!Y (Microsoft) TROJ_VUNDO.GOR Alias:Vundo.gen.ab (McAfee), Suspicious.Vundo (Symantec), W32/Vundo.C!Generic (F-Prot), Trojan:Win32/Vundo.D (Microsoft) TROJ_VUNDO.GOQ Alias:Vundo.gen.ab Sign in AccountManage my profileView sample submissionsHelpMalware Protection CenterSearchMenuSearch Malware Protection Center Search Microsoft.com Search the Web AccountAccountManage my profileView sample submissionsHelpHomeSecurity softwareGet Microsoft softwareDownloadCompare our softwareMicrosoft Security EssentialsWindows DefenderMalicious Zur Not aufteilen und mehrere Posts nutzen.

TROJ_VUNDO.FVQ Alias:Trojan-Downloader.Win32.Agent.bgrc (Kaspersky), Vundo.gen.s (McAfee), Trojan.Vundo (Symantec), TR/Vundo.Gen (Avira), W32/Vundo.A!Generic (F-Prot), Trojan:Win32/Vundo.JU (Microsoft) TROJ_VUNDO.FGQ Alias:Packed.Win32.Mondera.b (Kaspersky), Vundo.gen.s (McAfee), Trojan.Vundo (Symantec), TR/Vundo.Gen (Avira), W32/Vundo.A!Generic (F-Prot), Trojan:Win32/Vundo.gen!G (Microsoft) TROJ_VUNDO.FXM Alias:Trojan.Win32.Monder.azav (Kaspersky), Vundo.gen.ab (McAfee), mjc05-07-2008, 08:17 PMIt still exists in the image, right? But a person is only a Scotsman if he was born and raised in Scotland. http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?name=TrojanDropper%3AWin32%2FVundo.H Worm:Win32/Vundo.A (Microsoft); Vundo.gen.bf (McAfee); Trojan.Vundo (Symantec); Trojan-Downloader.Win32.Agent.bqxc (Kaspersky); Trojan.Win32...

I would try the Combofix in safe mode and see what happens... Top Threat behavior TrojanDropper:Win32/Vundo.H is a trojan that installs a variant of Win32/Vundo detected as Trojan:Win32/Vundo.gen!C. Zumindest die "free version". It does the usual thing of getting past step 43 and then sitting with a flashing cursor.

classicsoftware05-11-2010, 10:20 PMHey inspectorweb: This thread is almost 2 years old. have a peek at this web-site Installation This trojan may be installed by other malware. When ComboFix begins running, Threatfire [running in the background="Terminate and stay resident"] reports activity that might possibly be malicious. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Was beachten? - Anleitung: MyStartSearch.com entfernen - Anleitung: WebSearches lschen - Hilfe: iStartSurf entfernen so gehts! - Anleitung: Omiga Plus richtig entfernen - Browser Viren entfernen Zum Thema Generic.Vundo.C - http://itinfosecure.com/general/generic-pws-wow-b707e0e.php Second attempt failed also. TROJ_VUNDO.CRY Alias:Trojan.Win32.Monder.gen (Kaspersky), Trojan.Vundo (Symantec), TR/Vundo.Gen (Avira), TROJ_VUNDO.WG Alias:Trojan.Vundo,TR/Vundo.Gen, TROJ_VUNDO.GHY Alias:Vundo.gen.ab (McAfee), W32/Vundo.C!Generic (F-Prot), TROJ_VUNDO.GUV Alias:Vundo.gen.ac (McAfee), Trojan.Metajuan (Symantec), ADSPY/SuperJuan.jli (Avira), W32/Backdoor2.DXBA (exact) (F-Prot), Trojan:Win32/Vundo.KC (Microsoft) TROJ_VUNDO.BMQ Alias:Packed.Win32.Monder.gen (Kaspersky), Vundo (McAfee), Please re-enable javascript to access full functionality.

Der hat einen "Generic.Vundo.C" gefunden. (Bild) Nach einer kurzen recherche bei Google, ist dieser Trojaner/Virus ein ziemlich ernstzunehmender Kamerade. Worm:Win32/Vundo.B (Microsoft); Vundo.gen.w (McAfee); Trojan.Vundo (Symantec); Trojan.Win32.Vundo.Gen.2 (v) (Sunbelt); Trojan horse Vundo... Win32/Vundo.gen!C is a generic detection for a multi-component family of programs that deliver 'out of context' pop-up advertisements to the computer on which they are installed and may download and execute arbitrary files. Check This Out I never run videos on my PC.

Sylvander05-30-2008, 01:04 PMAn application is always a program. Threatfire could not be shut down, and various others produced strange warnings. That may have been because I ran the exe file from C:\00tmp\ComboFix instead of my Desktop folder at D:\Moved\Desktop\abb.

Is an APPLICATION an executable program that makes use of Windows software technology to complete tasks?

Back to Top View Virus Characteristics Virus Characteristics This is a Trojan File PropertiesProperty ValuesMcAfee DetectionVundo.gen.abLength46592 bytesMD5cce995a1a3c38908053d3dba9f564464SHA1f0f73abb66b982f33b6e16af5ea33a63164a224a Other Common Detection AliasesCompany NamesDetection NamesahnlabWin-Trojan/Boltolog.46592avastWin32:Rootkit-genAVG (GriSoft)SHeur2.PWIaviraTR/Crypt.XPACK.GenDr.WebTrojan.Virtumod.1465eSafe (Alladin)Suspicious fileF-ProtW32/Vundo.C!GenericMicrosofttrojan:win32/vundo.gen!cSymantecPacked.Generic.214EsetWin32/Adware.Virtumonde.NEE applicationnormanW32/DLoader.NEXOSophosTroj/Virtum-GenTrend MicroMal_Vundo-9vba32Trojan-Downloader.Win32.Boltolog.gmxOther brands Sylvander05-30-2008, 05:47 AMRan Avira Antivir scan last night and it began reporting various files related to ComboFix as infections. e.g. %WINDIR% = \WINDOWS (Windows 9x/ME/XP/Vista/7), \WINNT (Windows NT/2000) %PROGRAMFILES% = \Program Files The following files were analyzed: f0f73abb66b982f33b6e16af5ea33a63164a224a The following files have been added to the system: %TEMP%\rqRLEWoN.bat%WINDIR%\SYSTEM32\awtqnkki.dll The following Buy Home Office Online Store Renew Online Business Find a Partner Contact Us 1-877-218-7353 (M-F 8am - 5pm CST) Small Business Small Business Online Store Renew Online Find a Partner Contact

You dropped in from never never land to sell us your wares.... I'll have a 2nd attempt and try to get it right this time. :) Will copy ComboFix.exe to my Desktop folder. 2. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. http://itinfosecure.com/general/generic-atr.php i.e Can it only rightfully be called that if it can run within a Windows Operating System?