I run pretty darn good firewalls, anti viruses, and spyware programs. BUT Vundo!GB nailed me good. I got a warning from McAffe about the trojan, and it was reported to be cleaned, so I let it go,,, a couple of days later all hell broke loose, Boot up problems,, system slow downs and all and all crappy machine. So I ran Malwarebytes, it said Vundo was still there, and it was remove by MB. Then things got worse, Blue screen of death on boot up, I was able to Safe mode the machine, ran anti virus, all seemed ok. I was able to reboot, and reran anti virus, Vundo was gone,,, or so I thought. I tried to run MB and it wouldn't run, I loaded MB on a thumb drive, (from a clean machine) and tried to run it,,, it wouldn't run. Tried some other maleware programs, they would run once, but never again. Then I started to get PCI.sys errors on startup. Damn. I decide I had had enough,, what better time to upgrade the HD. I bought a new drive, installed it tried to install windows XP Pro. Got the PCI.sys error again. WTH?
? I did some searches on google with the exact error codes, and it seems XP Pro SP 1 and SP2 won't recognize SATA drives. DAMN DAMN DAMN DAMN. It seems that somehow Vundo removed or corrupted my SP3!!! I dug through my box of OSs' and found a copy of XP Media center SP3,, I am rebuilding the machine now.
Here is the kicker,, I have Ghost images of 3 of my machines, ("big" laptop,( Inspiron 9300), wifes laptop, and desktop) but not this machine. Latitude D620. I got a great deal on this laptop,, and didn't really know how nice this machine was, until I started to search for drivers. This laptop was to be used as a "throw away" as I got it for around $100, to use as a tuning laptop for my car. When I get it done, all important software loaded and updated, you can bet your sweet bippy I will be making a Ghost of it. Oh when I got it, it had a 60gig drive and 1 gig of ram. I got a 250gig SATA drive for $80 (Seagate) and 4gig of RAM $48 (Kingston) for it so now it s a pretty potent machine. It has the nVidia mother bd in it as well.
I have no idea how the trojan got me, I don't open attachments unless I am expecting them, or trust who they come from, I don't fall for the "you computer is infected click here" popups that make it past my blocker. The only funny thing that I question is about a year ago, while on my cardomain page my machine came under attack, but I thought it was blocked. I wonder if Vundo sat dormant for a year.
Basically watchout, If you think something has atacked your machine, run all anti viruses immediately, run malware programs IMMEDIATELY, and if you want an easy restore,, run something like Norton Ghost, which is a great program, if you set it up right, you can replace a bad harddrive, and be restored in 45 - 60mins, instead of days of rebuilding.
Tom
PS any want a 60gig SATA drive, I can't guarantee it is clean