Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Something Weird About Vundo


  • This topic is locked This topic is locked
1 reply to this topic

#1 WISDOM01

WISDOM01

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:03:39 AM

Posted 08 June 2007 - 10:54 AM

Hi all...

A few days back I had uninstalled jdk and re-installed the latest version. May be due to these changes and some loophole in java version, a Vundo virus entered my computer.

To remove it, I have alreay gone through the instruction at http://www.bleepingcomputer.com/forums/t/18610/how-to-remove-winfixer-virtumonde-msevents-trojanvundob/

I ran VundoFix and VirtumunoBegone. I also used the norton removal tool for Vundo as I have norton anti virus installed on my computer and no other anti-spyware etc After that, I also ran an online scan from http://www.ewido.com/en

Although after doing all this, I dont get any virus-detected warnings from NORTON yet THE PROBLEM IS I AM NOT ABLE TO OPEN ANY WEB PAGE OR ANY DOCUMENT WHICH HAS TROJAN VUNDO NAME ON IT.

Which means I am not able to open any of the web page similar to the following
http://www.bleepingcomputer.com/forums/t/18610/how-to-remove-winfixer-virtumonde-msevents-trojanvundob/
http://www.ewido.com/en
web page of norton removal tool for vundo
and many others which have anti spyware, vundo etc. on it

I tried opening these web pages on another computer and then saved them and tried to open the saved file on my computer. The result was same - as soon as I open the page, it is closed. I tried to open the html file using notepad, wordpad etc but everytime it is closed no matter which utility I use.

Not only this, when I ran the norton removal tool which i downloaded using another computer, even it was not allowed to run by the virus and it was automatically cancelled.

Hell frustrated with all that, I tried various things like starting in safe mode, closing the processes through control panel whic hwere unknown to me etc NOTHING WORKED UNTIL I closed EXPLORER.EXE

After closing explorer.exe, I can open any web page or any file which was earlier not allowed and this is how I ran norton removal tool etc and also using this forum.

SO, CAN ANY ONE HERE VERY KINDLY TELL ME WHAT IS THE REASON FOR THIS(AUTOMATIC CLOSING OF WEB PAGES and DOCUMENTS NOT LIKED BY VIRUS) AND HOW TO GET RID OF IT?

I checked the C:\windoes\system32\etc\hosts file and it is ok. Also, I saw many unknown application added to C:\windows\prefetch folder like CLCR.EXE, sprtcmd.exe etc.

PLEASE HELP ASAP. Thx.

Hope I have made my problem clear. Otherwise feel free to ask any specific question.

I HAVE MADE A THREAD FOR LOG FILES RELATED TO THE ABOVE PROBLEM
http://www.bleepingcomputer.com/forums/t/95291/may-be-its-mr-vundo/
(Check out this thread)

Edited by WISDOM01, 08 June 2007 - 02:34 PM.


BC AdBot (Login to Remove)

 


#2 rigel

rigel

    FD-BC


  • Members
  • 12,944 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina - USA
  • Local time:06:09 PM

Posted 08 June 2007 - 10:09 PM

Hi Wisdom01,

I see you have an active HJT log being worked by a member of the HJT team. Please follow ONLY their advice. Doing otherwise will delay your fix and complicate the job of the team member trying to help you.

Please be patient. Some fixes are complicated and take a little time to solve.

rigel
BleepingComputer Forums Moderator

"In a world where you can be anything, be yourself." ~ unknown

"Fall in love with someone who deserves your heart. Not someone who plays with it. Will Smith





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users