PDA

View Full Version : bundle.exe and internet access



oggy
29-03-2004, 08:33 PM
Hi
#1 daughter reported inability to connect to internet on Sunday a.m.
Sunday evening I turned McAfee firewall off and access restored. No obvious reason in the settings for it to be stopping access. Turning firewall back on kills internet access again.
Monday evening. Discovered a thing called bundle.exe which apparantly is spyware. Would someone like to tell me the easiest way to get rid of bundle.exe and do you reckon it could be responsible for the firewall shutting down internet access?

Oxie
29-03-2004, 08:57 PM
oggy

I am not sure if this is what daughter #1 has, but go here (http://www.spywareguide.com/) and type in 'bundle' in the search box. Follow the link and see if it sounds like the spyware you think it might be.

Oxie (Lyn)

tommy
29-03-2004, 09:01 PM
Removal instructions:
Start the registry editor. This is done by clicking Start then Run. (The Run dialog will appear.) Type regedit and click OK. (The registry editor will open.)
Browse to the key:
'HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run'
In the right pane, delete the value called 'SAHBundle', if it exists.
Exit the registry editor.
Restart your computer.
Start Windows Explorer and delete:
%TempDir%\bundle.exe
Note: %TempDir% is a variable (?). By default, this is C:\Windows\Temp (Windows 95/98/Me), C:\Document and Settings\%UserName%\Local Settings\Temp (Windows NT/2000/XP).

Laura
29-03-2004, 09:04 PM
Oggy:
There are instructions for removing this spyware on the Symantec site at http://www.sarc.com/avcenter/venc/data/adware.sahagent.html
They involve removing it from the registry.
Whether that's the easiest way I'm not qualified to advise, but the information is at least a start...
Someone else may have a better trick?

Laura
29-03-2004, 09:07 PM
I see that I'll have to speed up my typing. Beaten by the more knowledgeable..

dumdum
29-03-2004, 09:08 PM
Go to Run,type in regedit,then ok,
Navigate to this key..HKEY_LOCAL_Machine\software\microsoft\windows \current version\Run;
in the right pane-delete the value,."SAHBundle"=%TEMP%\bundle.exe.
Navigate to and delete the key..HKEY_LOCAL_Machine\software\"VGroup"
exit registry.
Probably pay to do a backup before heading into registry.
Also,and this is only my opinion,I would turn off system restore before deleting.
Hope this helps.
DD.

dumdum
29-03-2004, 09:12 PM
Me too it seems Laura,
I should really try to use more than one finger.