TechRepublic|Forums|Malware

Malware

General discussion

  • Creator
    Topic
  • November 2, 2005 at 8:15 am #2179312

    Have to be adaptable Trojan.Vundo

    Locked

    by seanboz · about 17 years, 5 months ago

    I have run across a couple of viruses lately that my normal means of finding, and deleting them did not work. I use the following I 1st boot into safe mode, and run a norton/symantec scan. Then remove what it finds, and check for registry entries for those files. Then I run adaware, and spybot search and destroy. Then I boot back into normal mode. Run the online scan from Trendmicro.
    Well I ran into an application called trojan.vundo. None of the sets above erradicated the application. I had to find a fix from some tech boards. Symantec had a removal tool for an older version of this pest, but that was not able to find it, or remove it if found. Trendmicro was not able to remove it either. So the tech sites said to run VundoFix.exe from http://www.atribune.org/downloads/VundoFix.exe
    Then you ran HijackThis, and then you ran a program called CleanUp! http://www.stevengould.org/downloads/cleanup/CleanUp40.exe. After you jump through all of these hoops then the last step is to run an online scan from http://www.pandasoftware.com/products/activescan.htm.
    My point in bringing this up? My normal tools which have been trusted and true to this point were not able to do the job. So I had to change my strategy and tools in order to remove this particular threat. So I am thinking that this might be something that all of us are going to need to do in the future as the virus writers, and spyware writers learn the methods we employ to re-design their viruses, and spyware to be harder to detect and remove.

    This is just my 2 cents worth.

    Topic is locked This conversation is currently closed to new comments.
  • Creator
    Topic

All Comments

  • Author
    Replies
    • November 2, 2005 at 8:29 am #3116478

      harder to install

      by dr dij · about 17 years, 5 months ago

      In reply to Have to be adaptable Trojan.Vundo

      we need to make it harder for them to install.
      maybe ‘windoze os X’, a windows on a unix core?

      • November 2, 2005 at 8:40 am #3116471

        I agree about harder to install

        by seanboz · about 17 years, 5 months ago

        In reply to harder to install

        The problem is that a lot of users do not know how a computer works so any command line would freak them out. Not to mention that the end users just know that when they click on an icon they get the end result. They do not know if that icon is a part of program abc, or program def. The end users just know to click on that icon for data xyz entry, and that icon for submitting data lmn.
        Maybe someday Billionaire Gates will produce Winbloze eX operating system.

    • November 3, 2005 at 8:07 am #3117142

      Times have changed

      by antuck · about 17 years, 4 months ago

      In reply to Have to be adaptable Trojan.Vundo

      It constantly changes how to remove the junk ware that is out there now. Each day some new variant comes out and the tools you used before, no longer work. The junk-ware writers learn what failed before and rewrite so it does work and makes it harder to remove.

      More and more I am just backing up data and reinstalling Windows. It gets to be agravating when spening hours trying to clean up a system, just to have some hidden file rewrite a file each time you delete it. I figure sometimes it is just faster and cheaper to reinstall Windows.

      But as mentioned above, it also needs to be harder for this stuff to be installed in the first place.

      Antother tool I use a lot is going to ewido.com. They have an online trojan scanner. It is in the beta stage right now, but I have had good luck with it. They also have a downloadable version with a 30 day trial.

    • November 4, 2005 at 6:47 am #3137643

      Try this as well

      by beads · about 17 years, 4 months ago

      In reply to Have to be adaptable Trojan.Vundo

      Trend has a quick and efficient AV to try as well. In the dark past Trend kinda sucked but now they are doing a very good job.

      http://housecall.trendmicro.com/

      If that doesn’t eradicate the virus/fragments then you’ve really got a problem. Theres a spyware scan as well but its not quite as good as the A/V scan but its getting better.

      – beads

    • November 11, 2005 at 11:05 am #3119336

      SPY SWEEPER

      by faaman · about 17 years, 4 months ago

      In reply to Have to be adaptable Trojan.Vundo

      After jumping through several hoops, scanning with various Anti Virus products, trying the Norton Trojan.Vundo removal tool 1.4.0, I found
      a solution. I simply ran the “Spy Sweeper” program (free 14 day trial ) , it found the VUNDO, and I eliminated it. I cannot believe that this last ditch effort was so easy. Try it youself, and good luck. Rob

    • November 12, 2005 at 11:58 am #3118698

      Nothing but the NOD

      by nzbn · about 17 years, 4 months ago

      In reply to Have to be adaptable Trojan.Vundo

      The only Antivirus / Antispyware I use is NOD32, No other AV has a higher detection rate, no other AV has a faster scanning rate and uses less resources. Huersitics features detect viruses without signiture updates ( 92% tested success rate after 3 months with no updates for viruses in the wild ) I have not met a virus or spyware infection I could not cleanse with this AV, check out the following reviews to see the results:

      NOD32 VB 100
      http://nzbn.co.nz/site_images/nod32/NOD32_VB100.pdf

      Why the Auckland University of Technology chose NOD32
      http://nzbn.co.nz/site_images/nod32/NOD32_AUT.pdf

      Independant comparison
      http://nzbn.co.nz/site_images/nod32/Virus_comparison.pdf

  • Author
    Replies
Viewing 4 reply threads