General discussion

Locked

Have to be adaptable Trojan.Vundo

By SeanBoz ·
I have run across a couple of viruses lately that my normal means of finding, and deleting them did not work. I use the following I 1st boot into safe mode, and run a norton/symantec scan. Then remove what it finds, and check for registry entries for those files. Then I run adaware, and spybot search and destroy. Then I boot back into normal mode. Run the online scan from Trendmicro.
Well I ran into an application called trojan.vundo. None of the sets above erradicated the application. I had to find a fix from some tech boards. Symantec had a removal tool for an older version of this pest, but that was not able to find it, or remove it if found. Trendmicro was not able to remove it either. So the tech sites said to run VundoFix.exe from http://www.atribune.org/downloads/VundoFix.exe
Then you ran HijackThis, and then you ran a program called CleanUp! http://www.stevengould.org/downloads/cleanup/CleanUp40.exe. After you jump through all of these hoops then the last step is to run an online scan from http://www.pandasoftware.com/products/activescan.htm.
My point in bringing this up? My normal tools which have been trusted and true to this point were not able to do the job. So I had to change my strategy and tools in order to remove this particular threat. So I am thinking that this might be something that all of us are going to need to do in the future as the virus writers, and spyware writers learn the methods we employ to re-design their viruses, and spyware to be harder to detect and remove.

This is just my 2 cents worth.

This conversation is currently closed to new comments.

6 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

harder to install

by Dr Dij In reply to Have to be adaptable Troj ...

we need to make it harder for them to install.
maybe 'windoze os X', a windows on a unix core?

Collapse -

I agree about harder to install

by SeanBoz In reply to harder to install

The problem is that a lot of users do not know how a computer works so any command line would freak them out. Not to mention that the end users just know that when they click on an icon they get the end result. They do not know if that icon is a part of program abc, or program def. The end users just know to click on that icon for data xyz entry, and that icon for submitting data lmn.
Maybe someday Billionaire Gates will produce Winbloze eX operating system.

Collapse -

Times have changed

by antuck In reply to Have to be adaptable Troj ...

It constantly changes how to remove the junk ware that is out there now. Each day some new variant comes out and the tools you used before, no longer work. The junk-ware writers learn what failed before and rewrite so it does work and makes it harder to remove.

More and more I am just backing up data and reinstalling Windows. It gets to be agravating when spening hours trying to clean up a system, just to have some hidden file rewrite a file each time you delete it. I figure sometimes it is just faster and cheaper to reinstall Windows.

But as mentioned above, it also needs to be harder for this stuff to be installed in the first place.

Antother tool I use a lot is going to ewido.com. They have an online trojan scanner. It is in the beta stage right now, but I have had good luck with it. They also have a downloadable version with a 30 day trial.

Collapse -

Try this as well

by beads In reply to Have to be adaptable Troj ...

Trend has a quick and efficient AV to try as well. In the dark past Trend kinda sucked but now they are doing a very good job.

http://housecall.trendmicro.com/

If that doesn't eradicate the virus/fragments then you've really got a problem. Theres a spyware scan as well but its not quite as good as the A/V scan but its getting better.

- beads

Collapse -

SPY SWEEPER

by faaman In reply to Have to be adaptable Troj ...

After jumping through several hoops, scanning with various Anti Virus products, trying the Norton Trojan.Vundo removal tool 1.4.0, I found
a solution. I simply ran the "Spy Sweeper" program (free 14 day trial ) , it found the VUNDO, and I eliminated it. I cannot believe that this last ditch effort was so easy. Try it youself, and good luck. Rob

Collapse -

Nothing but the NOD

by NZBN In reply to Have to be adaptable Troj ...

The only Antivirus / Antispyware I use is NOD32, No other AV has a higher detection rate, no other AV has a faster scanning rate and uses less resources. Huersitics features detect viruses without signiture updates ( 92% tested success rate after 3 months with no updates for viruses in the wild ) I have not met a virus or spyware infection I could not cleanse with this AV, check out the following reviews to see the results:

NOD32 VB 100
http://nzbn.co.nz/site_images/nod32/NOD32_VB100.pdf

Why the Auckland University of Technology chose NOD32
http://nzbn.co.nz/site_images/nod32/NOD32_AUT.pdf

Independant comparison
http://nzbn.co.nz/site_images/nod32/Virus_comparison.pdf

Back to Malware Forum
6 total posts (Page 1 of 1)  

Related Discussions

Related Forums