 |
Home
Articles
Spyware Research
Support
Scan Now
Purchase
F.A.Q.
Top 25 Spyware:
Glossary Latest Detections Fake Scanner Sites Fake Valentine's Day Sites  |
 |
Vundo Trojan - Specifics and RemovalIntroduction - About SpywareUnfortunately a large majority of computers are infected by various spyware programs today. Spyware is a general term that is frequently used to describe a large group of malicious software applications that includes adware, spyware, trojans, hijackers, keyloggers, dialers and worms. Modern malicious software applications apply numerous and often highly sophisticated tactics to hide and spread. Their tactics range from randomly-named files, mutation, and system file impersonation. Let's review the most widely spread malicious groups: Adware and Trojans. Adware programs are software applications (not always malicious) that display advertisements on the infected computer. Advertisements can be displayed through pop-up and pop-under windows, additional bars or toolbars, underlined links or buttons that appear on a computer screen. Adware applications include additional code that delivers the ads. Adware authors earn money when users click on those ads. Occasionally, adware includes code that tracks user's site visits and passes it to third parties without the user's permission or knowledge. Trojans are programs that install secretly, quite often with sinister intent. Once installed, the trojan author (hacker) can gain complete control over the infected computer. Trojans can be distributed by unsolicited email attachments, or bundled with freeware and shareware programs. Trojans are also often bundled with computer cracks. Vundo SpecificsVundo (also known as VirtuMonde and VirtuMundo) is a malicious software application that combines both adware and trojan characteristics. Vundo is wide spread today and is probably one of the hardest programs to get rid of. Once installed, Vundo downloads and displays pop-up advertisements that often promote questionable computer-enhancement programs or fake anti-virus or anti-spyware utilities. Lately, Vundo has been advertising several rogue programs called WinFixer2005, WinAntiVirus Pro 2006, WinAntiSpyware and RazeSpyware. Vundo typically displays messages warning the user that their PC is infected and needs immediate attention. The messages can mimic system messages (seem as if they are generated by Windows Operating System) and they refer the user to download one of its affiliated dubious programs. Sample message below: "If your computer has errors in the registry database or file system, it could cause unpredictable or erratic behavior, freezes and crashes. Fixing these errors can increase your computer's performance and prevent data loss. Would you like to install WinFixer 2005 to check your computer for free?" Once installed, the program (Winfixer, WinAntiVirus, WinAntiSyware or RazeSpyware) pretends to find numerous errors and will coerce the user into paying money to fix these alleged errors. Sample WinFixer2005 pop-up message: It is noticed that Vundo Trojan uses the following domains and promotes software and services that belong to these domains:
NOTE: Please do not visit these websites because Vundo Trojan may silently install without your permission or knowledge. Your PC may become infected with Vundo Trojan if:
If you take a look at the report generated by the HijackThis anti-hijack tool, you may see entries similar to the following:
These entries mean that the computer is affected by Vundo Trojan. {RANDOM_DLL_NAME} for example could be: "ddcya.dll", "jkkji.dll". Please note that Vundo cannot be removed with HijackThis tool. Vundo is able to download silently and install additional harmful files and adware components. It may noticeably decrease the amount of system virtual memory which slows down computer performance. Vundo Trojan modifies Windows registry database which enables it to run on every Windows startup. It creates executable files with randomly generated names in the Windows or WINNT folders or subfolders. Vundo Trojan very effectively hides from the user and from spyware / virus detection software programs. Manual removal of Vundo Trojan is almost impossible for the overwhelming majority of PC users; only highly experienced professionals stand a chance. Vundo RemovalHow to remove Vundo Trojan from your system? Although several applications claim to remove Vundo, we have yet to come across any such tool, aside from SpyNoMore. Several major anti-spyware and anti-virus companies are able to detect Vundo, but they are not successful in removing it. Our Spyware Research Team has dedicated tremendous efforts and time and we finally succeeded in getting rid of this pest. SpyNoMore removes Vundo and thousands of other harmful software applications. You can download SpyNoMore from www.spynomore.net. SpyNoMore provides the following useful features:
Custom Fix™ (patent pending) is a unique feature that is not offered by any other anti-spyware software. If your computer is infected with hard-to-remove spyware program and nothing that you have tried has helped remove it, Custom Fix™ (patent pending) feature scans your PC and allows you to upload the scan report to SpyNoMore server for manual analysis by the Technical Staff. Your report will be reviewed and a customized Fix will be sent back to you via SpyNoMore, thereby guaranteeing full and permanent removal.
| |
| ||||
|
||||
 |
|
 | ||