Solved Win32/Vundo

Gunzta

Gunzta

New Member
Thread author
Jun 28, 2016
3
Last night Windows Defender started reporting a Win32/Vundo severe threat. I followed the instructions to clean/remove the file and then Defender says it needs to reboot in order to complete the removal. When I reboot Defender keeps reporting the same problem, asks me to clean/remove file (I've tried both) and reboot to complete the process, except it never successfully completes the process and on reboot continues to report the same problem.

I then followed the instructions on the following page: How to remove Trojan Vundo (Trojan:Win32/Vundo and TR/Drop.Vundo) (I have included extra logs)

Once I had completed the entire process from the above link, I'm seeing no threats reported from any other Malware program detailed in the link above, but Windows Defender is still reporting the same issue as I started with. See images attached.

Capture.PNG Capture2.PNG
 

Attachments

  • FRST.txt
    141.6 KB · Views: 2
  • Addition.txt
    40.6 KB · Views: 1
  • AdwCleaner[C1].txt
    1.8 KB · Views: 1
  • TDSSKiller.3.1.0.9_29.06.2016_01.19.23_log.txt
    75.7 KB · Views: 0
Gunzta

Gunzta

New Member
Thread author
Jun 28, 2016
3
Just to confirm. I have been searching for other solutions. I found this recent thread on Microsoft support forum: http://answers.microsoft.com/en-us/...ing-this/12867121-d3cc-490b-9ed3-b41f883181dc

I just wanted to confirm that I have never had McAfee or Norton installed on this PC. The PC is brand new, 3 weeks old. I built myself and installed Windows 10 OEM myself.

My gut feeling is this is some kind of false positive but it would be nice to have confirmation of that from someone more skilled in this area than me. Also if it is a false positive, how do I get rid of the annoying notifications that I'm constantly infected?
 
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Hello,

It does seem like a false positive. I would also recommend you to install third party antivirus and disable Windows Defender. It is not the best protection you can find.
 
Gunzta

Gunzta

New Member
Thread author
Jun 28, 2016
3
TwinHeadedEagle said:
Hello,

It does seem like a false positive. I would also recommend you to install third party antivirus and disable Windows Defender. It is not the best protection you can find.
Click to expand...

Thanks for quick reply.

I have ESET Smart Security ready to install but I didn't want to go ahead and install it until you had replied and said it was ok to do so in case I made it worse. So you think I can go ahead and install ESET ? and that will also disable Defender during the install. (This is why I didn't install incase during install there was a gap in any protection between defender and ESET that allowed the problem to get worse)
 

Similar threads

Hermanart
  • Locked
GuardGo Browser extension persists
Replies
2
Views
447
Windows Malware Removal Help & Support
nasdaq
nasdaq
skeptfusky
  • Locked
Still having the Boyu problem despite doing the instructions provided ready.
Replies
10
Views
760
Windows Malware Removal Help & Support
nasdaq
nasdaq
L
  • Locked
Unsupported Legacy Version Not Allowing Installation of Current Version of Malwarebytes
Replies
2
Views
385
Windows Malware Removal Help & Support
nasdaq
nasdaq

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top