No infection, just questions...

Vundo is short for Virtumonde! No they are not the same thing as what is classified as a SmitFraud infection.

Many many things have been lumped into the SmitFraud family but the most typical thing you will see lumped in here is all of the rogue antispyware/antivirus type applications. These rogue tools are the typical cause of either a wallpaper that tells you that you are infected and or a ballon message that popups from the system tray telling you that you are infected.

Many people do not really recognize the difference between a SmitFraud type infection and a Vundo infection (and Vundo has many forms to and a new one just came out about a week ago). If some one only says they are getting popups (which may include offers for WinAntiVirus) then it is more likely Vundo than SmitFraud (although other forms of malware cause popups too). Winlogonhook type infections are confused by many as being Vundo since there are a few similarities but there are many differences. I really don't have the time to truly go in a explain all of the differences but I will just say that you need to see all the registry keys and file names being deposited on a PC and then you can easily tell the differnece between Vundo, Winlogonhook, and SmitFraud.

If you search this forum for some of these you will see when SmitFraudFix is run and when VundoFix, ComboFix (which will also fix some SmitFraud issues) and when manual steps are used to remove the many many files that can be deposited onto a PC from Vundo type infections.

 

Ad-Aware rarely finds anything of consequence (the main reason we never use it anymore in the READ ME). Also Spybot and Ad-Aware rarely find any of the true real hardcore issues related to Vundo or SmitFraud anyway. They may make mention of the words SmitFraud or Vundo but they are not the normal main problems areas. Basically Spybot & Ad-Aware are not useful tools in detecting or removing true active Vundo or SmitFraud infections.