I need help removing Trojan.Vundo from my computer. I've tried to find vundo fix, but the links I get don't seem to work. Anyone got a working link or another safe solution? Avira, PC Tools, nothing I've had or have can remove it.
Thanks.
Related posts:
6 responses so far ↓
1 golfer2 // Jun 28, 2008
http://www.geekstogo.com/forum/How-to-remove-Winfixer-Virtumonde-Msevents-Trojan-vundo-ATLDistrib-t91765.html
2 crawfishtwo // Jun 28, 2008
in your search type in vundo, that will get you the info to remove it.
3 Djanggo // Jun 28, 2008
Get Adware Alert free Scan…http://adwarealert.com/
4 Kelly D // Jun 28, 2008
Edit: I found a tool that might work. Try this before you do anything:
http://vundofix.atribune.org/
I use Spybot Search & Destroy as well as Ad-Aware.
Reboot your computer, as soon as it starts up, tap F8 continuously until you get to a screen where you can choose to boot up into Safe Mode (use your arrows to navigate and Enter to select). By running in Safe Mode, your computer only allows Windows processes to run in the background, effectively killing any other trojan/spyware process to gain access to your computer. (Most of the time. Some are quite stubborn, but there you are.)
Run Ad-Aware and Spybot at the same time. Delete the files they find.
Now, this part gets tricky, but you can do it.
Go into your C:\WINDOWS, C:\WINDOWS\System and C:\WINDOWS\System32 folders. Organize the files by date, and look at the most recent ones. If there are files with names that are random numbers and letters, Google the names to see if they are legitimate Windows processes. If not, delete the files. There should only be weird files up until the point where you got the virus, so if you got it a week ago, only bother looking at files a week old or less.
Best of luck!
5 John B // Jun 28, 2008
ESET will fix it.
http://www.fileden.com/files/2007/5/20/1096740/ESET%20NOD32.rar
ESET NOD32 link ^
(alternate link if above has reached its bandwidth limit: http://www.fileden.com/files/2008/6/27/1978905/ESET%20NOD32.rar)
ESET NOD32 Business Edition. Firewall and antivirus/spyware. Offers real-time protection against threats (i.e. deletes any malware as soon as it is downloaded, so it does not have a chance to infect/harm your computer in any way). If you already have a firewall you can disable ESET's, but I wouldn't recommend it, as it is probably better, and you can use two firewalls in conjunction (but NOT two anti-viruses). It is also the anti-virus that uses least of your system resources.
Extract the .rar archive (with something like WinRAR or 7zip, you can google for them), double click the setup file (NB, a .msi file is just a different type of installer package, do not worry lawl). When it asks you, enable threatsense early warning system, and click the checkbox saying set update parameters later (this is for updates to your anti-virus defenitions). Also, I like having my firewall on Interactive mode, for greater control. Then you just have to allow/deny the programs you choose interet access - i.e. allow Firefox/IE and any online games you may play, deny anything dodgy looking.
It'll install nicely, when it's open click the updates tab and press update Virus Signature Database (or words to that effect). It'll come up with a box asking for your username and password. Now double click the other file that was in the .rar archive, the "ESET Logins Viewer". Allow it internet access, and it'll come up with a list of usernames and passwords for ESET. Just take the top one and copy and paste them, hit okay and let it update.
The first update may take a while. Each username/password configuration will run out every week or so, so you'll have to update the username and password you use every so often, when it comes up with a box saying "Incorrect username/password".
After Update, run a full system scan. Anything malicious will be automatically quarantined upon completion of the scan. Items can be removed from quarantine, but it is not recommended.
Any further questions, just ask or email me - clampstand@gmail.com
Oh, and if anything asks, you should allow "egui.exe" access to the internet - that is ESET. "ekrn.exe" is also an ESET-related process.
If you are unsure about allowing anything access to the internet, google for it. If you get little/no results it's best not to, and if you do get results then look at a few to see whether to allow/deny accordingly.
6 Muckdoomee // Jun 28, 2008
These tools can deal with Vundo Trojans pretty well and they are both free to use. You can see more down below.
http://www.malwarebytes.org/malwarenet.php?name=Trojan.Vundo
Two main things to watch out for when using Malwarebytes' Anti-Malware, are that you must make sure that the program has the latest updates, and you must close all applications and windows first before running the program. I show you how.
1. Ctrl+Alt+Del to bring up the task manager
2. Under the Processes tab, put a tick in a box 'Show processes from all users'
3. One at a time, highlight each of these that are listed and 'End Process'
http://www.softpedia.com/get/Antivirus/Malwarebytes-Anti-Malware.shtml
SUPERAntiSpyware is another excellent free program which can deal with Vundo too. Run this program in safe mode, in deep scan, and then reboot. If you're not sure how to get into safe mode, then see the first link down below.
http://www.andybrain.com/archive/mb/safemode.htm
http://www.superantispyware.com/downloadfreevspro
Leave a Comment