Trojan:Win32/Vundo.gen!H

Discussion in 'malware problems & news' started by mav_20465, Jun 19, 2008.

Thread Status:
Not open for further replies.
  1. mav_20465

    mav_20465 Registered Member

    Joined:
    Jun 19, 2008
    Posts:
    6
    (sorry if i dond submit this question or help where is it place!!!)

    Hi im new mwmber and i dont speek very good english!
    however i find with windos defender this trojan "Trojan:Win32/Vundo.gen!H"
    i heave nod32 v1 but updatet every day dose anywone know how to delete this?
    when i trye with windos defender it cant and i cant send a simple to microssoft i dont know whyo_O

    i will send the pic of what def show(is in greek)

    htanx in advance!!!
     

    Attached Files:

  2. L815

    L815 Guest

    The sophos website says it monitors browser activity. (Google search)
    Here is the page:
    http://www.sophos.com/security/analyses/viruses-and-spyware/trojtrafa.html


    To clean it up, try using SuperAntiSpyware (free edition), Asquared (free edition) or DrWeb CureIt (free).


    Links:
    Superantispyware: http://www.superantispyware.com/
    Asquared: http://www.emsisoft.com/en/software/download/
    CureIt: http://www.freedrweb.com/cureit/


    I suggest you use Cureit first because it's a simple executable (no install required).
     
  3. mav_20465

    mav_20465 Registered Member

    Joined:
    Jun 19, 2008
    Posts:
    6
    thanx alot i willtry it now
     
  4. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    And also you're using NOD32 v 2.x. You should consider upgrading to v 3
     
  5. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Look's like the OP said v1 not v2 which would be even more so in need of an upgrade.
     
  6. Inspector Clouseau

    Inspector Clouseau AV Expert

    Joined:
    Apr 2, 2006
    Posts:
    1,329
    Location:
    Maidenhead, UK
    to "clean" that up simply disable and reenable system restore for drive C.
    Problem solved for the system files. The rest just delete manually.
     
  7. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    Yeah sorry I didn't read that I just looked at the icon in the taskbar and I thought that v1 would be obsolete. :D
     
  8. PiCo

    PiCo Registered Member

    Joined:
    Apr 9, 2008
    Posts:
    352
    Location:
    Athens, Greece
    They virus seems to be in a rar file, so it is archived and you should't be facing any immediate threat.

    Windows Defender can't delete it, cause it can't delete a file within an archive, so it quarantines it.

    Disbale/re-enable system restore as suggested and delete the rest manually, the whole rar files :)

    Καλώς ήρθες!!
     
  9. mav_20465

    mav_20465 Registered Member

    Joined:
    Jun 19, 2008
    Posts:
    6
    Hi everyone !!!
    Thanx alot for your time and help!!!


    First of all i make the upgrade of nod32 to version 3.0.6...(or something like that) and it still didnt finde that trojan!!!

    Then i download the "cureit" from
    http://www.freedrweb.com/cureit/
    (wich is free and dont need install) ( thanx L815)

    then i disable and reenable system restore for drive C (thanx Inspector Clouseau)


    and the "cureit" didnt delet the files from my pc just moved them to quarantine and i deletet them manualy...

    i run windows defender and the trojan is gone

    "my pc is cline like a virgin now"

    Thanx alot everyone!!!!!

    p.s. sorry for my english!!!
     
  10. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Glad you solved your problem.
    Keep in mind that CureIt is a great tool, but every time you want to update the definitions, you have to download it agian.

    Just to be sure, you should periodically scan with an extra tool, beacause no scanner catches all (like you have just experienced with, in this case, NOD32). I would use SuperAntiSpyware or MalwareBytes Anti-Malware.

    PS: your English is better than my greek :D
     
  11. mav_20465

    mav_20465 Registered Member

    Joined:
    Jun 19, 2008
    Posts:
    6
    when i had that trojan i use and malwarebytes and it didnt fint anything..
    but thanx alot for your advise....
     
  12. kitar01

    kitar01 Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    4
    please what do you mean with:"simply disable and reenable system restore for drive C."
    so what i have to do in detail? please help:'(

    ps in these days when i open a file many times explorer is not responding (stuck) or very slow, it is an effect of this malware? can you suggest me a solution? thanks
     
  13. mav_20465

    mav_20465 Registered Member

    Joined:
    Jun 19, 2008
    Posts:
    6
    Dear: kitar01

    For how to Disabling or enabling Windows XP System Restore

    http://service1.symantec.com/support/tsgeninfo.nsf/docid/2001111912274039
    then do the rest...

    i maby the reson is the trojan that the explorer is not responding so fast(im not so shure).but it will be good for you to heave a system tool on how to keep your system fast ..

    P.S. sorry for my english!!!
    :)
     
  14. True Orient

    True Orient Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    88
  15. kitar01

    kitar01 Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    4
    well i hope i had disabled and re-enabled system restore correctly
    (on windows vista is a little different, computer->properties->system protection->restoration->off-on)
    well...but then how to delete it manually? if i go on c/windows... i cannot find it.

    i have try also vundo fix but it delete other files but not this.
    thanks for help
     
  16. kitar01

    kitar01 Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    4
  17. mav_20465

    mav_20465 Registered Member

    Joined:
    Jun 19, 2008
    Posts:
    6
    so you solve the problem?? if yes tell every one how you dide it in vista.. and if someone als heave this problem it will be more easy to finde the solution...
    :)
     
  18. kitar01

    kitar01 Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    4
    yes i make another reboot and windows defender another time found nothing...the system is clear.
    if you look my posts i have said all i have done:
    1)system restore off-on (as said in this forum)
    2)vundo fix : http://vundofix.atribune.org/
    (this program was not successful to clear vundo.gen!H, but if found on my system some .dll files that was infected
    and after the reboot:
    3)combo fix
    after the new reboot the system was clear
    hope this can help:thumb: :thumbd:
     
Thread Status:
Not open for further replies.