Vundo...what a pain in the arse

  rossgolf 00:15 04 May 2008
Locked

how annoying is the vundo virus/trojan.
none of the "removals" worked ....so then i had to go through the boring excercise of turning off system restore.....loading up winternals ERD Commander....(((i did this becuase the vundo was making the explorer.exe file end every 3 seconds, literally. gets anoyin) then i booted that up had to manually go to the infected system32 files and delete them...go to the infected registry values and keys and delete them...wat a long nite. :@:@

  rdave13 00:29 04 May 2008

Question is how you got infected in the first place?

  rossgolf 00:30 04 May 2008

i found out it was something to do with java apparently......but the weird thing is...it was behaving fine at 9pm last nite but when i turned it on at 6pm tonite it started to go belly-up lol

  rdave13 00:39 04 May 2008

Funny you can't put a finger on where this vundo virus was picked up. A pain I'm sure. Have you no idea where or which site you got infected?
Seems now that a variant of vundo will try to hide from a hijackthis log; click here

  rossgolf 00:42 04 May 2008

aint got a clue lol....dont have HJT so it definately is not in the log lol. but the thing that was so anoyin was the explorer.exe going literally every 2-3 seconds...

  rdave13 01:26 04 May 2008

Good you got rid of it.

  mfletch 11:36 04 May 2008

Have you deleted all the old java downloads the latest one is version 6 old jave is prone to infections

  rossgolf 11:53 04 May 2008

yes went through everythink that said Sun or Java and pressed my favorite button, delete

  UncleP 02:32 05 May 2008

Recently had a Trojan attack including a Vundo variant click here
which was detected and apparently cured quite simply by SuperAntiSpyware.

I still haven't worked out where they came from and how they got in, although it is possible that they were attached to an e-mail.

  rossgolf 16:58 05 May 2008

SAS couldnt delete mine as they kept coming back...could of been through system restore, but i decided to delete them the ERD Commander route anyway lol

  UncleP 18:30 05 May 2008

Could be - I use Acronis TI for back-up, so system restore is switched off.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Intel Coffee Lake release date and specifications

12 Amazing British Craft Beer Label Designs

watchOS 4 review

Les meilleurs navigateurs internet 2017