Eugene Computer Geeks Blog

Recognizing Vundo and Preventing Attacks

Malware or malicious software is used mostly to disrupt computer operations, collect private information, and access private computer systems. Trojan horses, viruses, worms, spyware, and adware all fall under malware, and an infected pc is vulnerable to identity thefts and crashes.

One of the most dangerous malware today is the Vundo (specifically Win32/Vundo.QP as of August 7, 2012) which is also known as Virtumonde or Virtumondo. This malware, which has both adware and Trojan properties, can wreak havoc on your pc if infected.

Your PC can be infected by:

• Visiting an infected site
• Opening infected emails
• Downloading infected programs

Once infected, a pc can behave in the following ways.

• Displays pop-up ads even though pop-ups have been disabled. In addition, the pop-ups lead to sites promoting suspicious computer software such as fake anti-virus and anti-spyware.
• Search links are directed to rogue software sites.
• Windows updates are permanently disabled. If this happens, there is no way of changing the settings until your pc is reformatted.
• Screensaver and background are missing.
• Anti-virus is automatically disabled and is used to spread the virus throughout your pc system. It may also make your anti-virus flash prompts to enable its phishing filter feature by itself. Once you allow this feature to be turned on, more malware will be downloaded by your antivirus.
• The Display option (Control Panel) has no background and screensaver tabs.
• Some websites will be completely inaccessible and webpages will fail to reload.
• Downloading is impossible.
• Registry editor, msconfig, and task manager are disabled when you try to remove the virus or intervene with its operation.
• Explorer.exe crashes regularly.

Vundo affects your pc’s memory, so using an anti-virus to get rid of is virtually useless. Once you try to remove the virus from your pc, the screen will permanently turn blue and the desktop icons will not appear (blue death). Once this happens, your whole system is in deep trouble.

Since Vundo is very difficult to get rid of, prevention is your only solution. (Note: This is not true. You can now easily remove Vundo by booting to “Safe Mode With Networking” and download, install, and run malwarebytes to remove.) The following tips are ways which can help you prevent future attacks.

• Enable firewalls. However, don’t use 2 firewalls simultaneously because they could interrupt each others’ operations.
• Install updates for your OS. These updates will keep your computer sage from security threats.
• Be vigilant when surfing the web. It’s tempting to download free stuff, but if you are not sure whether the program is safe or not, then you should find out more about it. It won’t hurt to do a little research. In fact, checking out whether programs are safe or not can prevent future headaches the Vundo can cause.
• Avoid file sharing services at all costs (Unless you really know what you are doing). Imagine how easy it is for an attacker to inject the virus into the latest software application, movie, or music so that you, the unsuspecting victim, will download it because it’s free.
• Check your e-mail carefully. Don’t trust content that has any attachment or link, even if it was sent by people you know.
• Make sure that your anti-virus has an anti-malware component. In addition, it should always be turned on and regularly updated. Running the program regularly should also keep your system on the safe side.
• Switch to a Apple Computer or ditch Windows and switch to the free operating system Linux. Getting a virus or malware on Linux in the desktop environment is almost unheard of.
  

Are you infected and need help?  Try out our free Computer Chat, which is a service provided by volunteer technicians from around the world. 

Located in the Eugene, Oregon area?  Eugene Computer Geeks specializes in removing viruses of all types for as little as $30! On-site or drop-off virus removal services available. Please call (541) 357-7222

Tags: Malware, Virtumonde, Virtumondo, Vundo

This entry was posted on Friday, August 10th, 2012 at 8:56 am and is filed under Computer / Internet Security, How-To Guides, Virus Removal and Prevention, Windows OS. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.