VundoFix by Atribune
The Bug has been fixed and VundoFix is once again publicly available. Thanks to Subs, Marcin and everyone else who helped in resolving this issue.
VundoFix is a freeware removal tool for many of the known variants of Trojan.Vundo, Trojan.Conhook and other similar infections.
I've been working on this tool for nearly 2 years constantly updating and improving the way it detects and removes the vundo infection.
Generally an updated version is released once a week and in some special cases sometimes 2 or 3 times in a week. The tool has had great success removing the infection from over 1 million computers to date and I hope to continue with that same success into the future.
One of the main install vectors for Vundo that we have found is through Java exploits in older versions of Java. Be sure to keep Java updated and remove older versions after updating. Java updates are available from Sun MicroSystems from here. Old versions of Java can be safely removed through Add or Remove Programs in Windows.
Another good idea is to install all Windows Critical Updates. We have seen many variants of Vundo installed through IRC bots that use flaws in the Windows Operating System.
Signs of infection:
Usually when infected with Vundo the user is bombarded with popups for WinFixer, Amaena, WinAntiVirus, ErrorSafe, SystemDoctor and DriveCleaner. Downloading and running these Fraudware applications will result in a fake scan telling you that you are infected with malware then telling you that you need to buy their program to remove the malware that it found. DO NOT BUY THESE PROGRAMS. They are scams and will not remove anything but could possibly make your infection worse.
A slowdown in PC performance may also be noticed when Vundo is running as well as the possibility of random BSOD's.
Normal Usage for Removal:
*****Note: It is possible that VundoFix encountered a file it could not remove.*****
If you encounter a variant of Vundo that VundoFix does not detect or cannot remove please let us know on our forum located at http://www.atribune.org/forums/ in the HijackThis and Malware Removal section. The forum staff is always happy to help with removal of Vundo and other malware as well.
If VundoFix gives an runtime error on startup you are most likely missing the file: comdlg32.ocx A new copy and instructions on where to put it can be found HERE
If VundoFix has helped you remove this infection please donate to help me keep developing this tool. Updating and modifying the tool is very time consuming and every dollar I receive in donations helps to keep the tools and the help site free for users like yourself.
Donations can be made via PayPal here
I would like to thank you for having such a great program! My computer somehow got infected
Thanks for Vundofix. It helped me out of a frustrating situation
Thank you for such a simple fix to a problem that was driving me crazy. Keep up the good work!
VundoFix worked like a charm
My parents always fall for traps--I come home from school and the thing runs like it's drunk. Thanks for making vundo removal easy!
Thanks for writing Vundofix, this removed the Vundo spyware off of my computer. Every prior attempt failed.
I tried at least 5 apps to fix my Vundo problem (mcafee, avast, etc).. nothing worked until i found yours. thanks !
VundoFix saved my a** today and this is my way of saying thank you! :)
After four days of working on my computer, YOUR VundoFix did the job!
Used VundoFix v6.3.23. Your program succeeded where many other commercial programs didn't. Thanks!
Your VundoFix got rid of the virus that my more expensive Norton AV program couldn't fix, and I wasted nights after nights trying to fix it with NAV! Good for you! Thanks a lot!