Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adware.Vundo/Variant


  • Please log in to reply
3 replies to this topic

#1 senthilkumar_ks

senthilkumar_ks

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:22 AM

Posted 30 March 2009 - 05:28 PM

Attached File  scshot.GIF   31.05KB   11 downloadsHello all

Looks like my system is infected with Vundo variant and I am having trouble removing it. I tried using Super Anti Spyware and Malwarebytes Anti-malware without much help. Here are the symptoms:

1. Super anti-spyware detects it but cannot remove it even after reboot. See attached screenshot.
2. "out of context" ads keep appearing when I am connected to the internet.
3. My laptop is pretty slow.

I found this site from wikipedia and hopefully I would get some help here.

Thanks a lot for reading this post!

--Senthil

Edited by The weatherman, 30 March 2009 - 05:30 PM.
Moved to a more appropriate forum. TW


BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:22 PM

Posted 31 March 2009 - 02:22 AM

Did you run SUPERAntiSpyware in Safe Mode?

How to start Windows in Safe Mode
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 senthilkumar_ks

senthilkumar_ks
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:22 AM

Posted 31 March 2009 - 06:07 AM

Hi Budapest

Thanks for your response. Yes, this is what I did:

1. I updated super anti spyware and malware anti-bytes definitions
2. Booted my machine in safe mode w/o networking
3. Ran sas and mab. Even though sas and mab complain about the Vundo, the malware still remains even ater reboot.

BTW, here is a list of relevant software I have

1. Windows XP sp3 with latest updates.
2. Jdk 1.6 Update 6
3. Symantec Anti virus with real time protection on and latest virus definitions.

Thanks again for your time!

--Senthil

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:22 PM

Posted 31 March 2009 - 04:38 PM

Please print out and follow these instructions: "How to use SDFix". This program is for Windows 2000/XP ONLY.
When using this tool, you must use the Administrator's account or an account with "Administrative rights"
  • Disconnect from the Internet and temporarily disable your anti-virus, script blocking and any real time protection programs before performing a scan.
  • When done, the SDFix report log will open in notepad and automatically be saved in the SDFix folder as Report.txt.
  • If SDFix is unable to run after rebooting from Safe Mode, run SDFix in either Mode, and type F, then press Enter for it to finish the final stage and produce the report.
  • Please copy and paste the contents of Report.txt in your next reply.
  • Be sure to renable you anti-virus and and other security programs before connecting to the Internet.
-- If the computer has been infected with the VirusAlert! malware warning from the clock and the Start Menu icons or drives are not visible, open the SDFix folder, right-click on either the XP_VirusAlert_Repair.inf or W2K VirusAlert_Repair.inf (depending on your version of Windows) and select Install from the Context menu. Then reboot to apply the changes.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users