vundo virus

  • Thread starter Thread starter richiegodsmack
  • Start date Start date
R

richiegodsmack

i got a virus may28 and it messed my laptop all up
and i cannot restore to a date before then?? -- how can i restore my pc to a
date between may14 and may29?????
richard
 
thanx.......but i dont have one!!!
richard


PD43 said:
(e-mail address removed)


Doesn't look like that's possible.

Better start looking for the restore disc.
 
From: "(e-mail address removed)" <[email protected]>

| i got a virus may28 and it messed my laptop all up
| and i cannot restore to a date before then?? -- how can i restore my pc to a
| date between may14 and may29?????
| richard

No, you do not have a "virus", you may have a Vundo "Trojan".

How do you know you have a Vundo Trojan ?
What have you done to mitigate it ?

That kind of information is important.
 
Unexplained computer behavior may be caused by deceptive software
http://support.microsoft.com/kb/827315

Run a /thorough/ check for hijackware, including posting your hijackthis log
to an appropriate forum.

Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine2.blogspot.com/
http://www.elephantboycomputers.com/page2.html#Removing_Malware

When all else fails, HijackThis v2.0.2
(http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware with
assistance from an expert. **Post your log to
http://forums.spybot.info/forumdisplay.php?f=22,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7,
http://aumha.net/viewforum.php?f=30, or other appropriate forums for review
by an expert in such matters, not here.**

If the procedures look too complex - and there is no shame in admitting this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.
 
i already detected and then delete it using avg anti virus....but it disabled
my cd drive and deleted and changed alot of my registry keys... i have a
system recovery disc that i got from hp but when i insert them into my cd
drive and restart my pc, the drive doesnt start the disc???? i cant get the
recovery disc to open??? thanx ahead for ur time and any help that u
may give to me...
 
i got a virus may28


How do you know.

and it messed my laptop all up
and i cannot restore to a date before then?? -- how can i restore my pc to a
date between may14 and may29?????


System Restore wouldn't fix the problem, anyway.
 
Hetch wrote *IMPRUDENT* advice :
Disable System Restore since it won't help at the best of times.
Download, install, update, and run SUPERAntiSpyware.

http://downloads2.superantispyware.com/downloads/SUPERAntiSpywarePro.exe

Would you rather have a leaky lifeboat or just sink it because it's leaky ?

System Restore should be Disabled WHEN THE SYSTEM HAS BEEN CLEANED UP
or, use DiskCleanup, which deletes all but the most recent restore
points, *AFTER* the system is free of malware.

As long as infected restore points are not used, there is *NO* danger of
reinfestation.

MowGreen [MVP 2003-2008]
===============
*-343-* FDNY
Never Forgotten
===============
 
"Disable System Restore ..." - bad advice
"..Run Superantispyware" - good advice, may need to run it in Safe
Mode.
 
From: "richiegodsmack" <[email protected]>

| i already detected and then delete it using avg anti virus....but it disabled
| my cd drive and deleted and changed alot of my registry keys... i have a
| system recovery disc that i got from hp but when i insert them into my cd
| drive and restart my pc, the drive doesnt start the disc???? i cant get the
| recovery disc to open??? thanx ahead for ur time and any help that u
| may give to me...



1. Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

2. Disable Notepad's word wrap:
In Notepad.exe; Format --> uncheck; "Word wrap"

3. Download/run Deckard's System Scanner:
http://www.techsupportforum.com/sectools/Deckard/dss.exe

4. Save the scan results (Main.txt and Extra.txt)

5. And then post the contents of Main.txt and Extra.txt in your post in one of the below
expert forums...


{ Please - Do NOT post the HJT and Deckard's System Scanner Logs here ! }

Forums where you can get expert advice for HiJack This! (HJT) and Deckard's System Scanner
Logs.

NOTE: Registration is REQUIRED in any of the below before posting a log

Suggested primary:
http://www.thespykiller.co.uk/index.php?board=3.0

Suggested secondary:
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html
http://www.malwarebytes.org/forums/index.php?showforum=7

Suggested tertiary:
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.atribune.org/forums/index.php?showforum=9
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.spywareinfo.com/index.php?showforum=18
http://forums.techguy.org/f54-s.html
http://forums.tomcoyote.org/index.php?showforum=27
http://forums.subratam.org/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://aumha.net/viewforum.php?f=30
http://makephpbb.com/phpbb/viewforum.php?f=2
http://forums.techguy.org/54-security/
http://forums.security-central.us/forumdisplay.php?f=13
 
richiegodsmack said:
I already detected and then deleted it using avg anti virus, but it disabled
my cd drive and deleted and changed a lot of my registry keys. I have a
system recovery disc that I got from HP but when I insert it into my cd
drive and restart my pc, the drive doesn't start the disc. I can't get the
recovery disc to open. Thanx ahead for your time and any help that you
may give to me.

Enter the BIOS and set the boot order to CD-ROM, Floppy (if you have
one), then hard drive. Or, press F10 during the boot cycle and select
the CD-ROM to boot from. HP didn't give instructions with the CD?
 
From: "Hetch" <[email protected]>


|
| Why is it bad advice?
|
| http://support.microsoft.com/kb/831829

Becuase if you are going to clean a PC you could do it out of sequence or make a mistake and
corrupt teh OS. You could then restore it, albeit infected. The PC wouldn't be corrupt and
you could have another go at it with a different motive operandi.

If you dump the System Restore cache prior to cleaning a PC, you have no fall back position.

Once the PC is considered clean, then you can dump the System Restore cache and manually
create a new restore point.
 
no instructions came with the two discs...one is sp2 software and drivers
andthe other is "application and driver recovery dvd...the website said to
insert disc while the pc is on and then shotdown restart pc and follow
instructions ...but the pc doesnt register it and goes to windows...and all
acces keys to cd drive to manually start and cd are all gone because of this
vundo trojan
 
HijackThis is a tool we use to diagnose infections. It doesn't remove
anything on its own. Make sure you posted your HijackThis log to an
appropriate forum for expert assistance.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads


Back
Top