vundo virus

richiegodsmack@hotmail.com · Jun 6, 2008

i got a virus may28 and it messed my laptop all up
and i cannot restore to a date before then?? -- how can i restore my pc to a
date between may14 and may29?????
richard

PD43 · Jun 6, 2008

richiegodsmack@hotmail.com
<richiegodsmackhotmailcom@discussions.microsoft.com> wrote:

>i got a virus may28 and it messed my laptop all up
>and i cannot restore to a date before then?? -- how can i restore my pc to a
>date between may14 and may29?????

Doesn't look like that's possible.

Better start looking for the restore disc.

Hetch · Jun 6, 2008

richiegodsmack wrote:
> i got a virus may28 and it messed my laptop all up
> and i cannot restore to a date before then?? -- how can i restore my pc to a
> date between may14 and may29?????
> richard

Disable System Restore since it won't help at the best of times.
Download, install, update, and run SUPERAntiSpyware.

http://downloads2.superantispyware.com/downloads/SUPERAntiSpywarePro.exe

richiegodsmack · Jun 6, 2008

thanx.......but i dont have one!!!
richard

"PD43" wrote:

> richiegodsmack@hotmail.com
> <richiegodsmackhotmailcom@discussions.microsoft.com> wrote:
>
> >i got a virus may28 and it messed my laptop all up
> >and i cannot restore to a date before then?? -- how can i restore my pc to a
> >date between may14 and may29?????
>
> Doesn't look like that's possible.
>
> Better start looking for the restore disc.
>

David H. Lipman · Jun 6, 2008

From: "richiegodsmack@hotmail.com" <richiegodsmackhotmailcom@discussions.microsoft.com>

| i got a virus may28 and it messed my laptop all up
| and i cannot restore to a date before then?? -- how can i restore my pc to a
| date between may14 and may29?????
| richard

No, you do not have a "virus", you may have a Vundo "Trojan".

How do you know you have a Vundo Trojan ?
What have you done to mitigate it ?

That kind of information is important.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

richiegodsmack · Jun 6, 2008

than
x.......i will try that--
richard

"Hetch" wrote:

> richiegodsmack wrote:
> > i got a virus may28 and it messed my laptop all up
> > and i cannot restore to a date before then?? -- how can i restore my pc to a
> > date between may14 and may29?????
> > richard
>
>
> Disable System Restore since it won't help at the best of times.
> Download, install, update, and run SUPERAntiSpyware.
>
> http://downloads2.superantispyware.com/downloads/SUPERAntiSpywarePro.exe
>

PA Bear [MS MVP] · Jun 6, 2008

Unexplained computer behavior may be caused by deceptive software
http://support.microsoft.com/kb/827315

Run a /thorough/ check for hijackware, including posting your hijackthis log
to an appropriate forum.

Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine2.blogspot.com/
http://www.elephantboycomputers.com/page2.html#Removing_Malware

When all else fails, HijackThis v2.0.2
(http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware with
assistance from an expert. **Post your log to
http://forums.spybot.info/forumdisplay.php?f=22,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7,
http://aumha.net/viewforum.php?f=30, or other appropriate forums for review
by an expert in such matters, not here.**

If the procedures look too complex - and there is no shame in admitting this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.

--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/

richiegodsmack@hotmail.com wrote:
> i got a virus may28 and it messed my laptop all up
> and i cannot restore to a date before then?? -- how can i restore my pc to
> a
> date between may14 and may29?????
> richard

richiegodsmack · Jun 6, 2008

i already detected and then delete it using avg anti virus....but it disabled
my cd drive and deleted and changed alot of my registry keys... i have a
system recovery disc that i got from hp but when i insert them into my cd
drive and restart my pc, the drive doesnt start the disc???? i cant get the
recovery disc to open??? thanx ahead for ur time and any help that u
may give to me...
--
richard

"David H. Lipman" wrote:

> From: "richiegodsmack@hotmail.com" <richiegodsmackhotmailcom@discussions.microsoft.com>
>
> | i got a virus may28 and it messed my laptop all up
> | and i cannot restore to a date before then?? -- how can i restore my pc to a
> | date between may14 and may29?????
> | richard
>
> No, you do not have a "virus", you may have a Vundo "Trojan".
>
> How do you know you have a Vundo Trojan ?
> What have you done to mitigate it ?
>
> That kind of information is important.
>
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
>
>
>

Ken Blake, MVP · Jun 6, 2008

On Fri, 6 Jun 2008 12:53:04 -0700, richiegodsmack@hotmail.com
<richiegodsmackhotmailcom@discussions.microsoft.com> wrote:

> i got a virus may28

How do you know.

> and it messed my laptop all up
> and i cannot restore to a date before then?? -- how can i restore my pc to a
> date between may14 and may29?????

System Restore wouldn't fix the problem, anyway.

--
Ken Blake, Microsoft MVP - Windows Desktop Experience
Please Reply to the Newsgroup

MowGreen [MVP] · Jun 6, 2008

Hetch wrote *IMPRUDENT* advice :
>
>
>
> Disable System Restore since it won't help at the best of times.
> Download, install, update, and run SUPERAntiSpyware.
>
> http://downloads2.superantispyware.com/downloads/SUPERAntiSpywarePro.exe

Would you rather have a leaky lifeboat or just sink it because it's leaky ?

System Restore should be Disabled WHEN THE SYSTEM HAS BEEN CLEANED UP
or, use DiskCleanup, which deletes all but the most recent restore
points, *AFTER* the system is free of malware.

As long as infected restore points are not used, there is *NO* danger of
reinfestation.

MowGreen [MVP 2003-2008]
===============
*-343-* FDNY
Never Forgotten
===============

richiegodsmack · Jun 6, 2008

thanx......i am going to try the highjack removal software that u provided me..
--
richard

"PA Bear [MS MVP]" wrote:

> Unexplained computer behavior may be caused by deceptive software
> http://support.microsoft.com/kb/827315
>
> Run a /thorough/ check for hijackware, including posting your hijackthis log
> to an appropriate forum.
>
> Checking for/Help with Hijackware
> http://aumha.org/a/parasite.htm
> http://aumha.org/a/quickfix.htm
> http://aumha.net/viewtopic.php?t=5878
> http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
> http://mvps.org/winhelp2002/unwanted.htm
> http://inetexplorer.mvps.org/data/prevention.htm
> http://inetexplorer.mvps.org/tshoot.html
> http://www.mvps.org/sramesh2k/Malware_Defence.htm
> http://defendingyourmachine2.blogspot.com/
> http://www.elephantboycomputers.com/page2.html#Removing_Malware
>
> When all else fails, HijackThis v2.0.2
> (http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use.
> It will help you to both identify and remove any hijackware/spyware with
> assistance from an expert. **Post your log to
> http://forums.spybot.info/forumdisplay.php?f=22,
> http://castlecops.com/forum67.html,
> http://forums.subratam.org/index.php?showforum=7,
> http://aumha.net/viewforum.php?f=30, or other appropriate forums for review
> by an expert in such matters, not here.**
>
> If the procedures look too complex - and there is no shame in admitting this
> isn't your cup of tea - take the machine to a local, reputable and
> independent (i.e., not BigBoxStoreUSA) computer repair shop.
>
> --
> ~Robear Dyer (PA Bear)
> MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
> AumHa VSOP & Admin http://aumha.net
> DTS-L http://dts-l.net/
>
> richiegodsmack@hotmail.com wrote:
> > i got a virus may28 and it messed my laptop all up
> > and i cannot restore to a date before then?? -- how can i restore my pc to
> > a
> > date between may14 and may29?????
> > richard
>
>

John A · Jun 6, 2008

"Disable System Restore ..." - bad advice
"..Run Superantispyware" - good advice, may need to run it in Safe
Mode.

On Fri, 06 Jun 2008 15:54:46 -0500, Hetch <hgk@example.net> wrote:

>richiegodsmack wrote:
>> i got a virus may28 and it messed my laptop all up
>> and i cannot restore to a date before then?? -- how can i restore my pc to a
>> date between may14 and may29?????
>> richard
>
>
>Disable System Restore since it won't help at the best of times.
>Download, install, update, and run SUPERAntiSpyware.
>
>http://downloads2.superantispyware.com/downloads/SUPERAntiSpywarePro.exe

David H. Lipman · Jun 6, 2008

Elmo · Jun 6, 2008

richiegodsmack wrote:
> I already detected and then deleted it using avg anti virus, but it disabled
> my cd drive and deleted and changed a lot of my registry keys. I have a
> system recovery disc that I got from HP but when I insert it into my cd
> drive and restart my pc, the drive doesn't start the disc. I can't get the
> recovery disc to open. Thanx ahead for your time and any help that you
> may give to me.

Enter the BIOS and set the boot order to CD-ROM, Floppy (if you have
one), then hard drive. Or, press F10 during the boot cycle and select
the CD-ROM to boot from. HP didn't give instructions with the CD?

--
Joe =o)

PD43 · Jun 6, 2008

richiegodsmack <richiegodsmack@discussions.microsoft.com> wrote:

>i already detected and then delete it using avg anti virus....but it disabled
>my cd drive and deleted and changed alot of my registry keys... i have a
>system recovery disc that i got from hp but when i insert them into my cd
>drive and restart my pc, the drive doesnt start the disc???? i cant get the
>recovery disc to open???

That's the "restore disc" I told you to use and that you said you
didn't have -)

Do you know how to enter your computer BIOS when it's powering up?

Normally, you just start tapping the DEL (sometimes F2) key when the
monitor first starts showing the POST results (black screen, white
text).

In there you should find a place where you can set the boot order.

Set it to try your CD first.

Save your changes and exit.

Hetch · Jun 6, 2008

John A wrote:
> "Disable System Restore ..." - bad advice
> "..Run Superantispyware" - good advice, may need to run it in Safe
> Mode.

Why is it bad advice?

http://support.microsoft.com/kb/831829

David H. Lipman · Jun 6, 2008

From: "Hetch" <hgk@example.net>

|
| Why is it bad advice?
|
| http://support.microsoft.com/kb/831829

Becuase if you are going to clean a PC you could do it out of sequence or make a mistake and
corrupt teh OS. You could then restore it, albeit infected. The PC wouldn't be corrupt and
you could have another go at it with a different motive operandi.

If you dump the System Restore cache prior to cleaning a PC, you have no fall back position.

Once the PC is considered clean, then you can dump the System Restore cache and manually
create a new restore point.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

richiegodsmack · Jun 6, 2008

no instructions came with the two discs...one is sp2 software and drivers
andthe other is "application and driver recovery dvd...the website said to
insert disc while the pc is on and then shotdown restart pc and follow
instructions ...but the pc doesnt register it and goes to windows...and all
acces keys to cd drive to manually start and cd are all gone because of this
vundo trojan
--
richard

"Elmo" wrote:

> richiegodsmack wrote:
> > I already detected and then deleted it using avg anti virus, but it disabled
> > my cd drive and deleted and changed a lot of my registry keys. I have a
> > system recovery disc that I got from HP but when I insert it into my cd
> > drive and restart my pc, the drive doesn't start the disc. I can't get the
> > recovery disc to open. Thanx ahead for your time and any help that you
> > may give to me.
>
> Enter the BIOS and set the boot order to CD-ROM, Floppy (if you have
> one), then hard drive. Or, press F10 during the boot cycle and select
> the CD-ROM to boot from. HP didn't give instructions with the CD?
>
> --
> Joe =o)
>

PA Bear [MS MVP] · Jun 6, 2008

HijackThis is a tool we use to diagnose infections. It doesn't remove
anything on its own. Make sure you posted your HijackThis log to an
appropriate forum for expert assistance.

richiegodsmack wrote:
> thanx......i am going to try the highjack removal software that u provided
> me..
>
>> Unexplained computer behavior may be caused by deceptive software
>> http://support.microsoft.com/kb/827315
>>
>> Run a /thorough/ check for hijackware, including posting your hijackthis
>> log to an appropriate forum.
>>
>> Checking for/Help with Hijackware
>> http://aumha.org/a/parasite.htm
>> http://aumha.org/a/quickfix.htm
>> http://aumha.net/viewtopic.php?t=5878
>> http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
>> http://mvps.org/winhelp2002/unwanted.htm
>> http://inetexplorer.mvps.org/data/prevention.htm
>> http://inetexplorer.mvps.org/tshoot.html
>> http://www.mvps.org/sramesh2k/Malware_Defence.htm
>> http://defendingyourmachine2.blogspot.com/
>> http://www.elephantboycomputers.com/page2.html#Removing_Malware
>>
>> When all else fails, HijackThis v2.0.2
>> (http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use.
>> It will help you to both identify and remove any hijackware/spyware with
>> assistance from an expert. **Post your log to
>> http://forums.spybot.info/forumdisplay.php?f=22,
>> http://castlecops.com/forum67.html,
>> http://forums.subratam.org/index.php?showforum=7,
>> http://aumha.net/viewforum.php?f=30, or other appropriate forums for
>> review
>> by an expert in such matters, not here.**
>>
>> If the procedures look too complex - and there is no shame in admitting
>> this isn't your cup of tea - take the machine to a local, reputable and
>> independent (i.e., not BigBoxStoreUSA) computer repair shop.
>>
>> --
>> ~Robear Dyer (PA Bear)
>> MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
>> AumHa VSOP & Admin http://aumha.net
>> DTS-L http://dts-l.net/
>>
>> richiegodsmack@hotmail.com wrote:
>>> i got a virus may28 and it messed my laptop all up
>>> and i cannot restore to a date before then?? -- how can i restore my pc
>>> to
>>> a
>>> date between may14 and may29?????
>>> richard

richiegodsmack · Jun 6, 2008

thanks for the help... i will try that
--
richard

"PD43" wrote:

> richiegodsmack <richiegodsmack@discussions.microsoft.com> wrote:
>
> >i already detected and then delete it using avg anti virus....but it disabled
> >my cd drive and deleted and changed alot of my registry keys... i have a
> >system recovery disc that i got from hp but when i insert them into my cd
> >drive and restart my pc, the drive doesnt start the disc???? i cant get the
> >recovery disc to open???
>
> That's the "restore disc" I told you to use and that you said you
> didn't have -)
>
> Do you know how to enter your computer BIOS when it's powering up?
>
> Normally, you just start tapping the DEL (sometimes F2) key when the
> monitor first starts showing the POST results (black screen, white
> text).
>
> In there you should find a place where you can set the boot order.
>
> Set it to try your CD first.
>
> Save your changes and exit.
>

vundo virus

richiegodsmack@hotmail.com

PD43

Hetch

richiegodsmack

David H. Lipman

richiegodsmack

PA Bear [MS MVP]

richiegodsmack

Ken Blake, MVP

MowGreen [MVP]

richiegodsmack

John A

David H. Lipman

Elmo

PD43

Hetch

David H. Lipman

richiegodsmack

PA Bear [MS MVP]

richiegodsmack