« Scary Vista
More Vundo »

Vundo and fake anti-malware software

By far the number one consumer/home user problem I see is fake antispyware/antivirus software that holds a system hostage.
At the core of this problem is the VUNDO trojan. See http://en.wikipedia.org/wiki/Vundo_trojan
In my tests this  Medusa’s head  malware infestation is best remedied by zero filling the hard drive and installing from a trusted source.
In past tests the popular countermeasures Ad-Aware and Spybot were useless as was Norton’s Vundo removal tool.
Today we tested  Malwarebytes Anti-Malware.  After five passes the product declared the drive clean and indeed the symptoms were gone. I removed the drive and mounted it in a test machine and ran Avira Antivir against it and found three more instances of Vundo.
To me this confirms that you cannot be  confident that malware has been removed even if your tester shows a drive clean and confirms that the best approach is wipe and reload.

This entry was posted on Saturday, May 10th, 2008 at 14:58 and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

You must be logged in to post a comment.