Hello Everyone,
I have a client's machine that is infected by the Trojan.Vundo virus. They are running Norton Antivirus and about every 10 minutes it gives the message, "Your computer must restart in order to continue the removal of security risks". After the computer reboots it finds the virus again about 10 minutes later. I've performed all of the steps in the preliminary removal instructions (by the way the link to that page doesn't appear to be working anymore), but the virus continues to show up. Vundofix doesn't detect the virus. I've also run fixvundo from Symantec and although it found the virus and said it removed it, it still shows the same behavior and asks the client to reboot every 10 minutes. Panda Rootkit didn't find anything. Attached are my Combofix, Vundofix, and Hijackthis logs. AVG Antispyware didn't find anything so it didn't generate a log. By the way, I had updated Java already and for some reason it went back to an old version. If you have a link for the latest version of Java handy I'd appreciate it.
I have a client's machine that is infected by the Trojan.Vundo virus. They are running Norton Antivirus and about every 10 minutes it gives the message, "Your computer must restart in order to continue the removal of security risks". After the computer reboots it finds the virus again about 10 minutes later. I've performed all of the steps in the preliminary removal instructions (by the way the link to that page doesn't appear to be working anymore), but the virus continues to show up. Vundofix doesn't detect the virus. I've also run fixvundo from Symantec and although it found the virus and said it removed it, it still shows the same behavior and asks the client to reboot every 10 minutes. Panda Rootkit didn't find anything. Attached are my Combofix, Vundofix, and Hijackthis logs. AVG Antispyware didn't find anything so it didn't generate a log. By the way, I had updated Java already and for some reason it went back to an old version. If you have a link for the latest version of Java handy I'd appreciate it.