Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help! Can't Download Vundofix From Any Website!


  • Please log in to reply
5 replies to this topic

#1 redhead71

redhead71

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Location:Michigan
  • Local time:05:30 AM

Posted 29 January 2006 - 07:12 PM

trying to kill the winfix....

trying to download vundofix and ie shuts down - or pretends its downloading and then when I go to open vindofix there is a runtime error and there is nothing there....

should I try the virtumundobegone???? :thumbsup:

BC AdBot (Login to Remove)

 


m

#2 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,522 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:30 AM

Posted 29 January 2006 - 07:48 PM

Hi redhead71,

You can try VirtumundoBegone but you may get the same thing with it. This infection has recently started using a root kit, which makes it even harder to get rid of, and there were no guarantees in the first place, unfortunately.

Your best bet is to post a log so we can investigate and figure out what to do with some very specific information forund in the logs. Hey Vundo even gives the experts fits, so I wouldn't want to see you trying to deal with it by yourself. As Leurgry said in your other thread on this subject, it is better to be guided thru the process. It will be a rough road but the advanced knowldge of our HJT Team tends to smooth it out just a bit.

Be sure to follow the Preperattion guide and post your log in this forum:
http://www.bleepingcomputer.com/forums/f/79/security/

The fate of all mankind, I see

Is in the hands of fools

--King Crimson


#3 redhead71

redhead71
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Location:Michigan
  • Local time:05:30 AM

Posted 29 January 2006 - 09:41 PM

Thanks PapaKid - I did the hijack this log and posted it in the appropriate forum.

Question - should I worry about sending files (word, excel, powerpoint) or opening by work email (opens through a portal using inotes/outlook...

#4 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,522 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:30 AM

Posted 30 January 2006 - 02:02 AM

Well, WinFixer is just a front for Vundo that is an insidious Adware program. Their main goal is to force you to look at popups or make money in other ways, like trying to trick you into buying the useless Winfixer application. It doesn't spread like a true virus or worm. The reason it is so hard to remove is because those responsible won't get paid for showing ads if they made it easy to get rid of.

But they do make it easy for trojans to get in so I'm not going to tell you that it is completely safe. Spreading thru email and powerpoint is not what they are desgined to do as far as I know.

I just took a glance at your log and you definitely have Vundo. I thought I would let you know that the reason you couldn't get VundoFix and VirtumudoBegone to work is because your'e running 98 and those tools are designed for NT-based systems (XP, 2000, 2003). So you won't have to worry about a root kit, since root kits don't work on 98.

The fate of all mankind, I see

Is in the hands of fools

--King Crimson


#5 redhead71

redhead71
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Location:Michigan
  • Local time:05:30 AM

Posted 30 January 2006 - 01:01 PM

So is this a good thing or a bad thing???? Do I want the root thing????

#6 phawgg

phawgg

    Learning Daily


  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:02:30 AM

Posted 31 January 2006 - 11:21 AM

Though Papakid could (and might) explain it better ...
No, you do not want a rootkit of this nature.
It is good in a way that win98 is "immune" to this particular facet of the Vundo type of problem,
but your win98 is none the less infected and needs the attention
of a HJT Team member and your following the carefully
created guide to eradication of the Vundo problem.
patiently patrolling, plenty of persisant pests n' problems ...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users