Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus/ Vundo Help


  • Please log in to reply
8 replies to this topic

#1 astronomeric210

astronomeric210

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:21 AM

Posted 06 November 2009 - 11:16 PM

Hello. Just earlier I noticed a bunch of things getting changed and Spybot search and destroy notified me. I went to open it to run a scan and it will not open. I also went to scan with Malware Bytes Anti-Malware and it was deleted. I used my last resort, SUPERanti spyware and it immediately found "Vundo Variant" or something like that so I immediately quarantined that. I need help to make sure my computer is free from this infection. I'm worried about restarting because I do not want this virus taking me over. Any help would be greatly appreciated!

Spybot search and destroys firewall is still asking me about more files being added in places and I keep denying them. This is giving me anxiety....

Any help is greatly appreciated.

BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,947 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:03:21 AM

Posted 06 November 2009 - 11:27 PM

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.

==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 astronomeric210

astronomeric210
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:21 AM

Posted 06 November 2009 - 11:48 PM

Okay, I managed to get S and D to run and it is searching. I think it has already found the s.o.b. It is listed under Virtumonde as I suspected. I will let it finish. I keep getting pop ups. This is still giving me anxiety though.

I just need to know that I will be able to eliminate this s.o.b. and how to knew when I definitely get rid of it.

#4 astronomeric210

astronomeric210
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:21 AM

Posted 06 November 2009 - 11:53 PM

I'm sorry I freak out about stuff like this. My heart starts to race and I go nuts. I'm not going to be able to sleep tonight.

I really appreciate anyones help, I know you guys do a kick ass job! I had a vundo variant before, and that was a huge pain in the neck.

Thanks so much.

#5 astronomeric210

astronomeric210
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:21 AM

Posted 07 November 2009 - 02:28 PM

Please I need help! I used S and D and it found the files. I then restarted the computer, and it would get the the XP page with the moving loading bar. After that, it would just start back as if it had just restarted, never making it to the end. I went into the HP recovery console and wanted to start that and it said restart the computer to load it, so I did, and it loaded it, but when I am at it I cannot use my mouse or keyboard so I have no control. I tried to load the computer in safe mode but when it gets to safe mode it says something like "Installation not complete, Reinstall"

I am freaking out! I hope this is reversible... Please, I would really appreciate any help.

#6 astronomeric210

astronomeric210
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:21 AM

Posted 07 November 2009 - 03:26 PM

What solutions do I have? Buy a new hard drive, and install windows on it? Would I be able to switch over my files from the old hard drive? Any help is greatly appreciated.

#7 dug_down_deep

dug_down_deep

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:21 AM

Posted 07 November 2009 - 03:38 PM

Symantec has a VundoFix tool you might want to try, if no one here responds to you.

eta: Sorry, I initially skipped over your post where you said you couldn't boot up.

Edited by dug_down_deep, 07 November 2009 - 03:46 PM.


#8 astronomeric210

astronomeric210
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:21 AM

Posted 07 November 2009 - 05:34 PM

Yeah it is set to start the system restore process before booting up now, but when I get to that page, my mouse and keyboard stop responding.

Please, someone has to have a solution.

Edited by astronomeric210, 07 November 2009 - 05:54 PM.


#9 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,107 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:10:21 AM

Posted 08 November 2009 - 05:10 AM

Hello astronomeric210,

To see if we can undo all damage, please try to answer my questions. Do NOT try anything on your own, this will only confuse things more!

What happens when you turn your computer on normally?

Can you access a command prompt from your HP recovery console?

Please answer those questions and we will see where we can start from.

Just as a re-assurance, no need yet to think about drastic solutions like buying a new harddrive :thumbsup:

Edited by elise025, 08 November 2009 - 05:13 AM.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users