cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Trojan - Vundo.gen.d - how to remove

Received warning that Mcafee has detected an infected file (file path C:\window\system32\efcAPHYO.dll) that cannot be repaired. Could not quarantine. Tried to remove file by clicking on the McAfee warning window "remove" and restarting computer. Did not remove. Cannot activate auto-updates on SC. I am using a different computer to contact you because the infected computer is working very, very slow and cannot access the internet. Please advise how to remove. Thank you.

MS - Windows XP
SP2
RAM - 1G
File System: FAT32
broadband
SC v 8.1
VS v 12.1
Firewall v 9.1
Labels (1)
9 Replies
Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 2 of 10

RE: Trojan - Vundo.gen.d - how to remove

First of all your file system needs to be changed from FAT32 to NTFS as it is more secure that way.
Once you've got rid of Vundo I would do that. It's easy enough and you can do it without the need to back up anything.

First to Vundo, which is extremely prolific and difficult to avoid without additional tools as new versions appear almost daily.

Try running the free version of this anti-spyware tool: http://www.superantispyware.com/superantispywarefreevspro.html

If that fails to remove it completely then download Hijackthis and post its log on one of the following forums for expert advice:

Do not post the log here, we can't help!

DOWNLOAD HIJACKTHIS

Post the logs at a specialist Forum:

AUMHA FORUM

BLEEPING COMPUTER FORUM

CASTLECOPS FORUM

GEEKS TO GO FORUM

MAJOR GEEKS FORUM

MALWARE REMOVAL FORUM

SPYWARE INFO FORUM

TECH SUPPORT GUY FORUM

WHAT THE TECH FORUM (Formerly Tom Coyote)

Be sure to read all the sticky announcements/instructions at the top of each malware forum!

To change your file system from FAT32 to NTFS do the following:

Just go to the Command Prompt (Go to Start/Run and enter cmd then click OK or hit the Enter key) and type the command:

Vol C: (Assuming it is volume C that you are converting. Click OK or hit the Enter key). then type....

convert c: /fs:ntfs

Where C: is a name of the drive you want to convert. Note the spaces are intentional. (If you want to convert any other drive, change the c: to the drive of choice.)

After machine re-boots the conversion process will start and you'll have your FAT32 converted to NTFS without any data loss.
Reply Y each time to set up conversion to happen at the next boot when asked and click Enter, then restart the machine. (If you are converting a partition other than the operating system’s partition, you may find that it runs without rebooting.) After returning to Win XP, the hard disk will work for two or three minutes, tidying up. Leave things alone during this time.

Some of the differences between FAT32 and NTFS:

NTFS
1)Allows access locally to 95, 98, W2k, W2k3, XP and later.
2)Maximum size of partition is 2 Terabytes & more.
3)Maximum File size is up to 16TB.
4)File & folder Encryption is possible only in NTFS.
5)File and Folder Compression is possible.

FAT 32
1)Fat 32 Allows access to win 95, 98, Win Millenium, Win2k, XP on local partition.
2)Maximum size of partition is up to 2 TB.
3)Maximum File size is up to 4 GB.
4)File & folder Encryption is not possible.
5)File and folder Compression only possible using external utility.

RE: Trojan - Vundo.gen.d - how to remove

First, huge thank you for intro to superantispyware. It removed Vundo.gen, in addition to 50 other files that needed to be expelled. Easy to use and highly effective.

Re changing file system from FAT32 to NTFS, I was not successful. I followed your instructions and when I typed the command "Vol C:" I received "Volume in drive C has no label. Volume Serial Number is B832-EF92." It would not allow me to type in "convert c: /fs:ntfs.

Thank you again for your support.
Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 4 of 10

RE: Trojan - Vundo.gen.d - how to remove

I need more information about your system. How many drives or partitions do you have and what is the drive letter?


Going to My Computer should illustrate that quite clearly.

That reaction your gave above would be the normal response, but then you should have seen a blinking cursur where you could enter the next item.

RE: Trojan - Vundo.gen.d - how to remove

Sorry for the delay in getting back to you. I am on Hong Kong Time.

Local Disk C, 48.8 GB, free space 10.9 GB
Local Disk D, 183 GB, free space 183 GB
Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 6 of 10

RE: Trojan - Vundo.gen.d - how to remove

Try getting up the command prompt again and this time just go straight into..

convert c: /fs:ntfs press Enter or OK and then follow the prompts.

Do the same for 😧

RE: Trojan - Vundo.gen.d - how to remove

Following your instructions, I received this message:

Convert cannot run because the volume is in use by another process. Convert may run if this volume is dismounted first. ALL OPENED HANDLES TO THIS VOLUME WOULD THEN BE INVALID. would you like to force a dismount on this volume (y/n)?

I will await your advices. Thank you!
Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 8 of 10

RE: Trojan - Vundo.gen.d - how to remove

At that prompt you enter Y and click OK or hit the Enter key. Just keep OK-ing until the process is done.

RE: Trojan - Vundo.gen.d - how to remove

Conversion to NTFS was successful on both C: & D:. Thanks Peter for all your assistance on this situtation. It was most appreciated!
Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 10 of 10

RE: Trojan - Vundo.gen.d - how to remove

You're most welcome. Moved to the "Solved" area.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community