Vundo...what a pain in the arse

  rossgolf 00:15 04 May 08
Locked

how annoying is the vundo virus/trojan.
none of the "removals" worked ....so then i had to go through the boring excercise of turning off system restore.....loading up winternals ERD Commander....(((i did this becuase the vundo was making the explorer.exe file end every 3 seconds, literally. gets anoyin) then i booted that up had to manually go to the infected system32 files and delete them...go to the infected registry values and keys and delete them...wat a long nite. :@:@

  rdave13 00:29 04 May 08

Question is how you got infected in the first place?

  rossgolf 00:30 04 May 08

i found out it was something to do with java apparently......but the weird thing is...it was behaving fine at 9pm last nite but when i turned it on at 6pm tonite it started to go belly-up lol

  rdave13 00:39 04 May 08

Funny you can't put a finger on where this vundo virus was picked up. A pain I'm sure. Have you no idea where or which site you got infected?
Seems now that a variant of vundo will try to hide from a hijackthis log; click here

  rossgolf 00:42 04 May 08

aint got a clue lol....dont have HJT so it definately is not in the log lol. but the thing that was so anoyin was the explorer.exe going literally every 2-3 seconds...

  rdave13 01:26 04 May 08

Good you got rid of it.

  mfletch 11:36 04 May 08

Have you deleted all the old java downloads the latest one is version 6 old jave is prone to infections

  rossgolf 11:53 04 May 08

yes went through everythink that said Sun or Java and pressed my favorite button, delete

  UncleP 02:32 05 May 08

Recently had a Trojan attack including a Vundo variant click here
which was detected and apparently cured quite simply by SuperAntiSpyware.

I still haven't worked out where they came from and how they got in, although it is possible that they were attached to an e-mail.

  rossgolf 16:58 05 May 08

SAS couldnt delete mine as they kept coming back...could of been through system restore, but i decided to delete them the ERD Commander route anyway lol

  UncleP 18:30 05 May 08

Could be - I use Acronis TI for back-up, so system restore is switched off.

This thread is now locked and can not be replied to.

What is ransomware and how do I protect my PC from WannaCry?

What I learned from my mentor, Oscar-winning VFX supervisor Phil Tippett

Siri vs Google Assistant