|
Trojan and Adware - Vundo (VirtuMonde/VirtuMundo)
Part:
1
2
3
4
(Continued from previous part...)
This sounds like a safer process. I would try it, if my system gets infected.
3. From http://www.atribune.org/content/view/24/2/. It suggests you to:
- Download the VundoFix.exe file from its own site.
- Double-click VundoFix.exe to run it.
- When VundoFix re-opens, click the Scan for Vundo button.
- Once it's done scanning, click the Remove Vundo button.
- You will receive a prompt asking if you want to remove the files, click YES
- Once you click yes, your desktop will go blank as it starts removing Vundo.
- When completed, it will prompt that it will reboot your computer, click OK.
This sounds not too bad. I would try it as the second option, if my system gets infected.
3. Other instructions on removing Vundo are available. But you need to be careful on using
them:
- If an instruction asks you to touch system registries, don't use it unless you are an "expert" of
Windows system.
- If an instruction asks you to download and run a program, don't use it unless you fully
trust that site and that program.
What Is VirusScan?
VirusScan is one of the McAfee Security products from Network Associates Technology.
VirusScan offers the following components:
- VirusScan Consol - The main user interface to configure and use features of VirusScan.
- On-Access Scan - It can be used to automatically scan all files right at the moment
they are created by other programs.
- On-Demand Scan - It can be used to scan system current memory or files manually one-time only
or multiple times at scheduled times.
Conclusion
- Vundo is one of the widely-spread trojans that shows large amount of unsolicited
pop-up advertisements with Internet Explorer.
- Vundo creats DLL files in c:\windows\system32 directory with 8-random-letter names.
- Partial removal of Vundo is not hard. But full removal of Vundo is very difficult.
- VirusScan detected Vundo DLL files correctly. But I did not try to use it to clean the victim machine.
Part:
1
2
3
4
| 