It has been awhile since I have posted so I thought I would in light of a recent infection on a system I was working on. The infection in my Cross-hairs is Trojan.Vundo or Virtumonde
This nasty infection causes quite the headache, and is quite the pain in the you know what to remove. It will slow the system down to a crawl, display advertisements and pop-ups and will re-add itself intelligently via registry keys and background memory processes. Running a Virus-scan is not effective alone.
Running in Safe Mode alone will not cure this infection which is known process to fix many Virus and Ad-ware infections. Fixing the Vundo infection comes in a few steps.
1. Download Malware Bytes and Vundofix
2. Power down the machine and boot into Safe Mode. (Tap F8 when booting the workstation)
3. Clear all Temp Files by using Disk-cleanup or similar.
4. Install MalwareBytes and VundoFix
5. Run MalwareBytes first and clean infected files that are found. Once the scan is complete, run Vundofix and remove found infection.
6. Restart and you are finished.
I would recommend using Mozilla Firefox from here on out wiseguy
on Apr 10th, 2008 at 4:21 pm
Good research and details. You are correct, using Firefox is a great idea. Especially if used with NoScript addin.
IE7 with the default security options if better than IE6 so if you are using IE6 time to upgrade!
on Apr 17th, 2008 at 2:17 pm
[...] Trojan.Vundo - A Trojan downloader that generates exaggerated pop-ups on your machine’s screen. May install itself through browser security holes in your computer without your approval. [...]
on May 30th, 2008 at 9:46 am
Trojan Vundo is one such virus that I came across. My computer has Norton Antivirus protection. It was able to detect the trojan, however, for some reason was unable to quarantine or remove the trojan.
on Sep 11th, 2008 at 6:57 pm
I think Vundo trojan showed how actually vulnerable and imperfect popular antivirus suites are. People bundle their computers with loads of security programs only to find out that vundo virus feels just great in their protected systems.
At Yahoo Answers it’s often recommended to install a dozen of all kinds of malware removers. Takes quite some time, but not always helps to clean out the pest.
Quite unexpectedly, best vundo removal tools so far are free and don’t need installation. Apart from the above mentioned VundoFix, a-squared offers a free command-line scanner that works good in Safe Mode.