Tag Archives: Antivirus

Computers Virus / Spyware / Malware

How to get rid of the Vundo (Virtumonde) trojan?

April 26, 2011 – 10:12 am

Q.

Hi, recently my computer started acting weird. Some of the icons on my desktop were different (white paper icons?) when I tried to click the programs they wouldn’t work. I did a scan with (norton antivirus) but got nothing. I still suspected something here, so the only thing I could think of was a system restore. Although my icons came back, many of my originally installed programs (hp media programs) were there but could not work when I clicked them! I had to reinstall programs like mixcraft, because it was corrupt. I searched to find what was it that was making the software impossible to run, and the only thing that I have found for now is the Vundo Trojan, and so far nothing is working for me… I tried FixVundo.exe, I’m not sure how to manually delete it from the registry (I’m not really sure how to get rid of it at all), but so far nothing works, and I’m a complete nooby, and worried my new laptop will just crash on me. I have an hp envy 14, windows 7, and I’m in dire need to get rid of this dreaded pest! Thank you!

A.

Ahh, Vundo (or, Virtumonde)… It’s been around for a long time, in a variety of “mutations”, but the song remains the same. Vundo is a pain to remove, but it is possible.

First, you’ll need to download a few things.

If you have any networked computers (other PC’s connected together), you’ll need to run through this list on all of them – this spyware/virus can infect shared folders on networks.

You already have a Vundo remover, but just to make sure it’s the correct one, download it here.

Download this one as well.

Download CCleaner.

Download SuperAntiSpyware (cheesy name, I know, but it works).

Finally, download SpyBot Search and Destroy.

Now for the fun part. As an Administrator (not a limited user), install ALL these programs, then update them. Get a cup of coffee, it’s going to take a while. When you install them, right-click on each file and select “run as administrator”. This should make the programs available to each user on the PC. And yes, you have to run the programs under each user.

Now that the installs and updating are done, go in to your Control Panel and disable System Restore. This needs to be done as Vundo / Virtumonde often hides in the System Restore directory, which can’t be effectively scanned by virus and spyware scanners.

Next, restart the computer in safemode / without networking. While the computer is rebooting, keep tapping the F8 key, you’ll get a menu. Safe mode, without networking. Once Windows starts, log in as the same user you installed all the software as.

First, run CCleaner, checking in every checkbox except Wipe Free Space. This will take some time as CCleaner removes all the temporary files from the computer (removes some of the virus, and makes further scanning faster).

Next, run both the Vundo removers.

After that, run SpyBot, then SuperAntiSpyware. Both will take some time to run.

After they are done running, log out, and log in as any other users and re-run Spybot and SuperAntiSpyware.

You’ll need to do this on any other computers that are connected to this one (laptops included). All PC’s on the same network could possibly be infected.

After all is said and done, Vundo should be completely gone. Make sure to turn System Restore back on, and you can remove the installed programs if you wish.

In the future, make sure you have a good AnitVirus / AntiSpyware program running, because whatever you have now either dosn’t work, or is in need of updating. AVG Internet Security does a good job of stopping these kinds of threats, and isn’t horribly expensive.

Last but not least, don’t click on anything, EVER, that says “click here to scan your PC” or “click here to make your PC faster” if it comes up in a web browser – your web browser will never tell you that your computer is “infected” and offer to fix it – hence, a Trojan.

Happy hunting!

Tags , , , , , , , , , , , | Comment (1)
Computers Internet Virus / Spyware / Malware

Why is my computer background blue again?

March 26, 2011 – 3:31 pm

Q.

About a month ago, I went on newgrounds.com and after a few minutes my computer said it had viruses and then my desktop wallpaper turned blue. In big red letters it said “WARNING”, and some other stuff about how everything I do is saved in my hard drive and can be looked at by forensics and my family and can ruin my life. I found out it was just a scare tactic from a spyware company, but it was still pretty scary. Anyway, my screen went back to normal within a few hours. My friend who told me about newgrounds said it shouldn’t have any viruses because every time she goes on it, nothing happens. So here I am a month later, in the same situation. Should I do something about this or should I wait like last time? Is this more serious than I think? I don’t want to buy anything, especially if I don’t need it. Has this happened to anyone else, and if so, what did you do about it?

A.

First off, if the same thing keeps happening, you need a better Antivirus / Antispyware software, whatever you have is obviously not working well. The problem is, the PC is already infected – realistically (and unfortunately), your safest option is to back up your data (pictures, music, documents, etc..), and reinstall the operating system.

Virus’s and spyware can be thought of like nails in a tire. When you get one, you don’t go back down the road trying to find where it came from, you just get it fixed. When you run over 50 nails, you don’t try to patch the tire, you replace it. Then, you stop going down that road. Virus’s and spyware in Windows is the same deal – sometimes it’s impossible to fix a badly infected OS, it just needs to be wiped out and reinstalled.

Update: Newgrounds.com seems to be an autoblog of sorts, just pulling information about games and reposting it. I doubt the site itself is the problem, more likely some of the games it links to are coming bundled with some type of spyware. Rule #1 – Nothing In Life Is Free, ESPECIALLY ON THE INTERNET – you’ll pay for it one way or another, in this instance, by having your computer infected…..

Tags , , , , , , , , , , | Comment (0)
Computers Internet Networking Virus / Spyware / Malware

Which is the best Antivirus Software for a PC?

December 21, 2010 – 9:29 pm

Q.
I have a few PC’s at home and a bunch at work, and I (and my boss) can’t decide which antivirus is the best. Some of the PC’s are Windows XP, some are Vista, and a few are new Windows 7 PC’s. They also need antispyware software. Which is the best for stopping virus’s and spyware?


AVG Internet Security - Tough on threats.

A.
This is a question that we get a lot. And it’s complicated – the mix of home and business use, different operating systems, and the need for multiple installations presents a challenge. We like challenges :)

First, you have to understand, from a technicians point of view, spyware, virus’s, crapware, malware – all the same. It’s all software designed to either rip you off or use your computer to rip someone else off, all the while slowing down the PC, killing your internet speed, and causing pop-ups and other annoyances.

Finding an Internet Security Suite that works, but doesn’t slow the PC down horribly bad is a balancing act – more protection requires more processing. The best antivirus / antispyware software is that which is designed to protect the computer without using to many resources.

Asking which is the best is like asking which doctor is the best to rid you of an exotic disease. The answer is the one with the most (specific) experience. This translates to an Internet Security Suite that updates often. Unfortunately, this means more use of resources. Always a trade off.

By far, the most useful Internet Security Suite I’ve ever come across is AVG Internet Security ( Single PC / Multiple PC’s ). It has a VERY high rate of detection (though none is perfect) and protection, as well as a reasonable price, especially in a volume license setting (multiple computers), and works on Windows XP, Vista, and Windows 7. We’ve used it for a few years with great results. It’s also nice that AVG has a money-back guarantee for 30 days – if it doesn’t work, just return it, it’s that simple.

An important note –

Many times (most actually), someone will decide to purchase a new Internet Security Suite AFTER a PC is infected. The thinking is that it will somehow fix the pre-existing problems. The sad fact is, it rarely works that way. It’s like trying to put a patch in a tire after it’s been completely blown out – it just doesn’t work that way. In order for an antivirus or antispyware suite to be effective, it has to be installed on a “clean” computer. This may require bringing the PC to a qualified repair shop to either rid the PC of the virus’s (using another “clean” computer), or to backup the important information and reinstall Windows.

Another important note – most people believe in the logic of “if one is good, two must be better” when it comes to antivirus software. Not so. If anything will slow down a PC, it’s running multiple Internet Security softwares. They will constantly compete with each other, causing the PC to slow to a crawl. Only install one Internet Security Suite, period.

The best protection however, is the user. Certain rules should ALWAYS be followed when it comes to internet use. Rule #1 – nothing in life is free – especially on the internet. “Free” screen savers, security programs, downloaders, games, etc.. are almost always bundled with spyware or virus’s. Rule # 2 – if it ain’t broke, don’t fix it. Lots of times, a crappy website will pop up telling you your computer is infected, or your computer is “slow” and can be fixed by installing something. NO SECURITY SOFTWARE WILL EVER ALERT YOU OF PROBLEMS IN A BROWSER WINDOW! It’s a trick. Rule # 3 – if it seems too good to be true, it is. Clicking on an ad that tells you you’re a “winner” of some prize is almost sure to cause problems. Simple rules, but they’ll save you from hours of headaches later.

Tags , , , , , , , , , , , , , , , , , , , | Comment (0)