a recurring trojan:win32/vundo.gen!A virus
-
24 ธันวาคม 2550 3:46
WINDOWS LIVE KEEPS DETECTING a recurring trojan:win32/vundo.gen!A virus. hOW DO I GET RID OF IT? THANKS
ตอบทั้งหมด
-
24 ธันวาคม 2550 14:32ผู้ดูแล
fullerfalcon wrote: WINDOWS LIVE KEEPS DETECTING a recurring trojan:win32/vundo.gen!A virus. hOW DO I GET RID OF IT? THANKS
I suspect that the infection is within your System Restore points as it comes back regularly. You may want to try turning off System Restore and then turning it back on again - this will delete all Restore Points. Note that this also means you will be unable to use System Restore to go back to a time before this reset.
Before doing this, open OneCare, click on Change Settings, Logging Tab, and create a support log. Scroll down to the Virus and Spyware section to see where OneCare detected this infection.
You can also contact support for help since OneCare is not completely removing the threat and preventing its return.
How to reach support - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2
If it fails to validate your subscription, select the option that you are using a trial or beta copy and you can proceed to email support without validation once you've signed in.
-steve
-
25 ธันวาคม 2550 16:22
Hi!
Is there a way to have this problem solved more rapidly? Sorry, but I am going crazy and nothing I have tried works. It's christmas and instead of being in the living room and at my stupid computer trying to fix this. I can't let go! :-)
I have the same exact problem that the original poste has (or had) and I tried the system restore point thing and the trojan is still there. Actually, I'm starting to be more annoyed at Live OneCare virus pup-ups than the actual virus. It clutters the desktop! :-)
Seriously though, is someone at Microsoft working on a solution for OneCare to solve this problem? I suspect that it is doing something to my files as I have several programs now not working. They don't even start as if a file was missing for the program or game to lauch.
This is bad. I have this Virus for 4 days now. I need help getting rid of it and going back to my gaming life!!! :-)
Thanks,
-
25 ธันวาคม 2550 21:23ผู้ดูแล
The problem with Vundo is that it constantly changes, making removal that much more difficult. All of the antivirus vendors are constantly battling these things to update their signatures and removal routines to deal with each new variation.
Yes, I am certain that the antimalware team at Microsoft is working to deal with each new variant.
Vundo doesn't alter programs to the best of my knowledge, but it does use resources, potentially causing problems as it does its job to present you with popups.
-steve
-
26 ธันวาคม 2550 10:09
ive had the same one which i have no idea how i got it, i ran a windows xp repair and reloaded all the windows updates and even reloaded onecare and now i cant get my anti virus scan to work at all!!>!>!>>! what the F>!>!> its really irritating
ive tried all the help to get the antivirus scan to work and nothing any help?
-
26 ธันวาคม 2550 16:11ผู้ดูแล
th3pun15h3r wrote: ive had the same one which i have no idea how i got it, i ran a windows xp repair and reloaded all the windows updates and even reloaded onecare and now i cant get my anti virus scan to work at all!!>!>!>>! what the F>!>!> its really irritating
ive tried all the help to get the antivirus scan to work and nothing any help?
If you are not using Windows Live OneCare, you are off topic for this forum. This is not a general forum for viruses, spyware, or Windows Help. For help with spyware issues, you may want to try the forums here:
http://aumha.net/ For help with virus removal, contact the maker of your Antivirus program.
If you are in North America, you can call 866-727-2338 for help with virus and spyware infections. See http://www.microsoft.com/protect/support/default.mspx for details. For international information, see your local subsidiary Support site.
-
29 ธันวาคม 2550 3:17
Hello Everyone,
I am experiencing the same exact conditions with this Virus and the inability of the Microsoft software to either quit trying to fix something it can't handle or adaquately correct the condition.
I should ask for a rebate or reimbursement for over 8 hours of my personal time following the software's instructions to reboot and try other steps. Does anyone as of today know what can be done to get the product to work correctly, or even what tools will remove this virus?
<<<Mathew>>>
-
29 ธันวาคม 2550 15:16
Well that is a bust. Did fix anything. Oner care still comes up with scan report:
software: trojan:win32/vundo.gen!A
action: Failed to quarintine. I did what you suggested and still there. What can I do? -
31 ธันวาคม 2550 3:53ผู้ดูแล
If OneCare is not removing the infection please contact support for help.
How to reach support - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2
If it fails to validate your subscription, select the option that you are using a trial or beta copy and you can proceed to email support without validation once you've signed in.
-steve
-
7 มกราคม 2551 0:01
oh my gosh...my daughter and I have been fighting with our computer for days now, removing programs that we thought may have caused this...my one care has only completed a scan one time from the 2nd thru today and that was yesterday (Saturday) It is 7:00 p.m. right now and my virus scan started around 6:05. It will quarantine the trojan but then it is still there the next time we start the scan. I will try the suggestions you all have given and hope it works, this is nuts!!! Thank you!! -
7 มกราคม 2551 2:46
THANK YOU!!! I did what you said about turning off the system restore.....and it worked! My scans are going through now and we are virus free. Sure wish I would have checked here first...however, we did get a lot of downloads off our computer due to this thing.
-
8 มกราคม 2551 1:21ผู้ดูแล
I'm very happy to read that this helped your issue. :-)
Take care,
-steve
-
9 มกราคม 2551 19:10
i also have the same issues and tried to turn off restore points. That was inafective. I am curently running windowscare. Please help me stop these pop up windows. Yours truley Infected in Minnesota
-
10 มกราคม 2551 2:22ผู้ดูแล
Please contact OneCare support for help in completely removing the malware -
How to reach support - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2
If it fails to validate your subscription, select the option that you are using a trial or beta copy and you can proceed to email support without validation once you've signed in.
-steve
-
4 กุมภาพันธ์ 2551 20:26I had the same problem. I ran regedit and found it and deleted it from there touch wood it hasnt came back
-
17 กุมภาพันธ์ 2551 3:58
Stephen- sorry to bother you but you seem to know quite a bit about xp and may know who I can contact.
I logged on today and suddenly am told that I have 25 viruses and need to download and pay $50 for XP Antivirus 2008. I currently have Windows One Care, ran the virus scan, and it found nothing. I did a quick search and it appears that this XP Antivirus 2008 is a scam. I was able to remove part of the file but not all of it, as the bubble still pops up reminding me I have viruses.
Any suggestions?
Thanks
rick
-
17 กุมภาพันธ์ 2551 19:03ผู้ดูแล
No bother, Rick. Vundo is a particularly nasty infection of spyware/malware that is very hard to remove once it gets on the system. There are many variants of this junk. Please contact support for help with removal -
How to reach support (FAQ) - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2
If you are in North America, you can also call 866-727-2338 for help with virus and spyware infections. See http://www.microsoft.com/protect/support/default.mspx for details. For international information, see your local subsidiary Support site.
-steve
-
17 เมษายน 2551 14:28
Good Morning Steven,
I've been reading some of the advice you've given out about this virus. I have just been infected with it two days ago. I've tried scanning and cleaning it with my McAfee security system (Comcast), and it doesn't work. I read the advice you gave out about system restore, and restoring points? How do you click on system restore? Where is it located? Please help...school begins in a couple of days (online) and I don't know what else to do.
Thank you,
Alena
-
18 เมษายน 2551 5:00ผู้ดูแล
See this article for how to access and use System Restore.
http://www.microsoft.com/windowsxp/using/helpandsupport/getstarted/ballew_03may19.mspx
Turning it off and then on again resets all restore points.
You may want to contact McAfee (or Comcast, if they provided the software) support since it did not remove the malware.
-steve
-
21 เมษายน 2551 13:35
Yesterday April 20th OneCare detected the recurring trojan:win32/vundo.gen!d on both my computers. (XP & Vista)
OneCare quarantined the virus but it turns up again at every restart.
Remove Skype completely from your system and OneCare no longer detect any virus after a restart.
Reinstall Skype and the virus reappears immediatly.
-
21 เมษายน 2551 16:23ผู้ดูแลSee this post for how to report both infections and possible false positives to Microsoft - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=662566&SiteID=2
-steve
-
14 พฤษภาคม 2551 17:55
The windows maliscious software removal tool can get rid of a vundo virus. I recently had a problem with vundo and vundo fix didnt detect it. i eventualy tried the maliscious software removal tool and it got rid of the virus. -
22 สิงหาคม 2551 15:26
Stephen, I created a support log, as you suggested, and here is where OneCare detected this infection:
Windows Live OneCare found potentially harmful or unwanted software on your computer Threat Name: Trojan:Win32/Vundo.gen!A Detection Date and Time: 8/22/2008 11:21 AM File Name: C:\Documents and Settings\All Users\Application Data\Microsoft\OneCare Protection\LocalCopy\{DCCDA6EB-10E8-4B0A-8081-9B466A714326}-ssqrp.dll Threat Severity: Severe Threat Category: Trojan Virus and spyware monitoring found potentially unwanted software: (ANTIVIRUS_ONACCESS_INFECTED) Threat Status: Detected Doesn't look like it's in my System Restore points. Do you still suggest turning off System Restore and turning back on? Thanks for your help!
-
22 สิงหาคม 2551 15:33ผู้ดูแล
Hi, Kaern.
No, don't turn off System Restore. Is this virus coming back after OneCare detects and removes it? If so, please contact support.
How to reach support (FAQ) - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2
-steve
-
22 สิงหาคม 2551 15:36I click Clean All and it just keeps popping back up, so I don't know if OneCare is not removing it, or it's actually coming back. I think I'll contact Support and see what they recommend now. Thanks for your help, Stephen!
-
22 สิงหาคม 2551 16:53ผู้ดูแล
What I didn't say in my last reply is that I don't know why the infected file is located where you show it in the log report. In fact, I don't know what that folder is for, but I think it may be used for cleaning. On my PC that folder is currently empty. It isn't the quarantine folder, though. So, I think that the malware is not coming back, but something is preventing OneCare from cleaning it properly, perhaps.
-steve
-
2 พฤษภาคม 2553 21:39
This Virus is detected by Microsoft Security Essentials anti malware software on my machine and it successfully removed the executable file before it got infected on my machine.
Still I searched about this on bing and I got below link for manually removing this virus:
http://www.ca.com/securityadvisor/virusinfo/virus.aspx?id=42097
- Rohan
