PLEASE LEAVE COMMENTS IF THIS HELPED. THANKS!
I recently had this horrible Trojan attack my work computer. It has been on the loose for quite some time now. It is part of the new generation of trojans which are more difficult to remove thanks to their cloning important system files and also attacking the Boot records themselves and having multiple copies in the registry.
SAV was unable to remove the trojan though it did detect the Trojan’s presence. Spybot Search and destroy helps to a certain extent.
Here is Symantec’s threat assessment of this creepy Trojan!!!
The scary part is that this Trojan is also designed to transmit personal info from our computers to its masters. Though am not sure if it is also a keylogger like the formidable trojan “Sinowal” which will be described in a blog post of its own since I ran into it also recently.
So if you annoying pop-ups and if your system behaves slowly or weirdly(freezes from time to time), then you have the Vundo. Congratulations!!! These pop-ups may ask you to buy some anti malware programs. DO NOT BUY!!! ITS A FREAKING SCAM!!!!
Also this trojan affects Win XP more seriously than Vista. So there…Vista users finally have something good to say about Vista!!!!
So how to remove this??
Steps:
1. Update the Java JRE ASAP. Vundo alias Virtumonde targets vulnerabilities present in Java JRE 1.4. The latest version is Java JRE 1.6 version 11(as of the date of this blog)
2. Download the special fix for Vundo from Symantec!!!
3. Save the file in an easily accessible location like your desktop or C drive.
4. Reboot your computer and get into safe mode. This can be done by pressing F8 when the computer starts up and selecting “Safe mode” from the list of options. Select “Safe mode with networking” if you are logging into a network domain like I had to.
5. After Windows boots up, locate the fix vundo exe and click it. Let it run. The scan takes a while to complete depending on the number of files. If you are lucky, it will detect the troublemaking files. If it asks you for further confirmation, say yes and kick out Vundo from your computer. Now thats truly Good Riddance.
6. You should see the following screen which will make you smile just as it did to me.
Get lost you dirty vundo creeps!!!
P.s: Forgive me for that cluttered desktop but thats how I usually am!!!
6. Boot up normally this time and run the scan again.
IMPORTANT: While running this scan in safe mode/normal mode, disconnect yourself from the Internet and don’t run any other programs.
The worst thing you can do is surfing while the scan is progressing!!!
7. You should now be free of Vundo.
8. There is also another acclaimed tool for Vundo removal by “Atribune”. Its called VundoFix!!!
Also to prevent Vundo attacks in future, update your antivirus and stay clear of suspicious mails and links. Also try to invest in a good malware detection/removal tool.
For any comments/help…feel free to drop me a comment for this post. Thanks!!!!
