|
Trojan.Vundo and Malware.Trace ... anyone have specific instructions to remove?
Driving me fucking nuts.
Popping ads in both IE and FF at different intervals. Going to Google or yahoo generally triggers them. Just can't find anything to get rid of 'em for good HELP :winkwink: LOL Malwarebytes' Anti-Malware 1.31 Database version: 1559 Windows 5.1.2600 Service Pack 2 12/28/2008 3:18:08 AM mbam-log-2008-12-28 (03-11-08).txt Scan type: Quick Scan Objects scanned: 60603 Time elapsed: 6 minute(s), 39 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) |
Hey man.. I had that shit a whilE back and it took me about 2 days too get rid of it.
start here... http://www.symantec.com/business/sec...112210-3747-99 run both tools (unless you know which vundo you have) reboot in safe mode, run the tool again reboot in safe mode run Windows Defender... http://www.microsoft.com/windows/pro...r/default.mspx reboot in safe mode run spybot search and destroy. reboot in safe mode and go through each item that runs on start up, run each item 1 at a time, if you dont know the process, do not allow it to run Run the symantec program again reboot normal and run all 3 programs again Cross your fingers and good luck. I had to repeat this process several times until I found all files that were auto running and reinstalling the malware |
MBAM wont and cannot remove all spyware that is currently out.
http://www.gofuckyourself.com/showth...ght=virtumonde Theres my thread about recent infection, it will take you a full day to remove it. the programs out for free do not remove this stuff, the processes in memory cannot be killed by MBAM or spybot or any free stuff, you need to start dissecting and killing registry keys and go until you nip it all... most processes or files will remanifest itself as a copy if you delete the original .dll files etc... so you have yto fight it and try to remove as much as you can to stop it from running so you can kill it all. ps i just removed the MS Juan from my bros computer,... |
i've had this shit three times now - finally learned my lesson, don't visit sites that end in .RU !
go to Fletch's thread - the MajorGeeks guide has bailed me out each time - it's going to take at least half a day to clean it up so consider re-formatting and re-installing Windows. and Fletch - those .dll files that u had left in your registry are harmless, they're just remnants i just don't know how we let these fuckers get away with the mass destruction they are responsible for - it's not like this shit is hidden - the servers that these trojans connect to are known - so tracking down the people behind it should not be hard. |
i use spyware doctor and registry mechanic, both by PC Tools. they work very well for me. there was only one infection that i had trouble with but i got it solved. sometimes its just easier to make sure your files are back up periodically and just use a seperate account from the adminstrator. then you can delete the infected account and put your old files back on it free and clear, and it wont take all day.
|
how do you get infected with this trojan?
|
Quote:
just visit a webpage and thats it! the bloody thing attaches itself to your machine |
format + reinstall.
|
google malwarebytes
|
Buy a new computer. That usually worked for me.
|
You might want to try the free online virus scan at http://www.pandasoftware.com/
It sometimes cleans things that Norton and McAfee can't touch. |
Quote:
|
Quote:
|
Update your java or you will just keep getting it :2 cents:
|
this and just this...
http://www.greatis.com/unhackme/ |
Quote:
|
Try "Malwarebytes" - Anti-Malware, you can download it for free. This cleared up my problems...and I had some nasty stuff.
If a program was downloaded on your computer, you might have to manually remove it from "add/remove programs" in your control panel. I usually get my problems checking sigs on GYF, it seem their website is safe, but once you start clicking on their Photo Galleries..."it's like a box of chocolates...you don't know what your going to get." The pain in the ass spyware/virus lately is a PDF pop up...you just visit the infected website and it just pops up. I avoided it a couple more times by quickly hitting CTL ATL DELETE...and ending the process. Hope this helps... |
Looking through this thread again ic you already tried Malwarebytes, you can go to download.com and try several other programs...many are free or offer a free trial...and try to find their updated versions.
In the past I was able to search and manually delete the files, but now these viruses are smarter and seem to be hidden and you might delete something that you need to make the computer function correctly. If you do try deleting manually...don't empty your recycling bin right away. Just incase you need to restore the files. |
fixvundo.exe will permanently remove it
If you cant find a copy hit me up and I'll upload it for you |
hey there Johnatan, i got that fucker myself too and took a lil while to clean it, if i recall correctly ive used the specific cleaner.... as well as Malwarebytes' Anti-Malware several times... and be careful since some of the cleaners that pretend do clean the infection, they will only charge you $$$ and do nothing.
i had a link with the instructions but cant find it :/ |
have you tried running HijackThis ?
|
Quote:
|
That's fucked up!
|
| All times are GMT -7. The time now is 11:33 PM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123