Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Trojan Vundo - Stuck

  • Please log in to reply
1 reply to this topic

#1 gjv115


  • Members
  • 4 posts
  • Local time:05:49 PM

Posted 18 June 2007 - 03:44 PM

I just tried running Hijackthis to post to that forum. I can't save the file. I can't save any file using the explorer window.

How I got here:
I picked up a bunch of junk. I ran AdAware 2007, it picked up some. I ran Spybot and it cleaned a bunch of stuff but couldn't get everything.
I then ran Symantec Antivirus and it found more and cleaned most of it. It quarentined two of the six Vundo files it found but couldn't get the rest.
I managed to delete a couple more before I finally found a proper tool to remove the from Symantec. It didn't find the virus, though. Then I found this site and VundoFix.exe and Virtumundobegone.exe. Vundofix found the same files Symantec did and a few more, but got the blue screen of death when it tried to delete the files. It looks like is took down one more of the files, but there's at least


left, if not more.
I rebooted into safe mode with networking and ran Virtumundobegone and it also got the blue screen when it tried to delete.
I tried both a few times.

Which is when I tried to run Hijackthis and post, but I can't save the file.

Any ideas?

BC AdBot (Login to Remove)


#2 gjv115

  • Topic Starter

  • Members
  • 4 posts
  • Local time:05:49 PM

Posted 18 June 2007 - 06:40 PM

The key was to keep running the virus removers. Also, the instructions didn't say so, but Vundofix worked better in safe mode with networking. I had to repeat the process because it replicated.

I'm still verifying but it appears to be gone. Now, did I damage my PC or did it spread over the network...

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users