Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Win32/Vundo Infected Win XP

  • Please log in to reply
No replies to this topic

#1 Gmien


  • Members
  • 1 posts
  • Local time:12:46 PM

Posted 30 March 2010 - 05:05 PM

First off my computer is running Windows XP Pro version 2002 sp3, I am using Mcafee Virus scan console. For the last 5 days I have been dealing with the virtumonde/vundo trojan. I first detected it with Spybot Search and Destroy. I deleted all problems found and each time they returned. I then used Adaware Free anti-malware and detected the same trojans, I deleted and each time they returned. I then tried the tutorial on BC How to remove Winfixer/virtumonde/msevents/trojan.vundo. I downloaded Vundofix and ran the program, but it could not find anything. Please also note that I have tried each of these solutions upto 5 times. So then I tried Malwarebytes Anti-malware, which I have used in the past and seemed to work great, but I can't seem to get this program to work. I downloaded rkill and was able to stop the malware processes. I then downloaded MBAM and installed it. I also downloaded a random renamed mbam.exe file to get the program to open. But when I try to open the file I get error message "MBAM_ERROR_EXPANDING_VARIABLES (0, 453)", I then hit OK and another error "MBAM_ERROR_MISSING_FILE(3, 0, mbamswissarmy.sys)

Please help!


Edited by Orange Blossom, 30 March 2010 - 08:29 PM.
Move to AII as no logs posted. ~ OB

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users