Critical Malware query?

This is just a question I though I would ask

I know that Avast has definitions for virtumonde(sp?) and other deadly malware but people seem to suggest using a devoted tool for cleaning them, why is that if Avast has definitions for them, is Avast unable to clean as thourough as a dedicated cleaning tool?

Because that tool specialises in only one thing, vundo detection and removal. avast detects a number of vundo variants but I doubt it would cover every variant. Which is why you should have a multi application/tools/level approach to security, backed up by a good back-up and recovery strategy.

I wasn’t questioning the programs effectiveness rather I was questioning why people sometimes suggest other tools rather than there anti-virus programs

ps are variants vastly different or is it just a few key files that are different and how does a virus/spyware infection mutate ie what allows it to change its own files etc

For the very first sentence in my reply, because they are specialist tools.

The variants are different enough so as to defeat signature based detection, that is the whole point of the variants to try and stay one step ahead of the AV program. It is the writters of the malware that create new variants.

Viruses that change their own files and mutate or what they replicate are known as Polymorphic viruses and are very difficult to catch.

thankyou for your response DavidR very informative as always :slight_smile:

Your welcome.

Hi sanctuaryforever,

Vundo or VirtuaMonde is one of most irritating adware/trojan!
Normally, users of Vundo infected PC will receive endless pop-ups about some dubious software called WinFixer!
As of now no other Antivirus or Antispyware remove this and the only method was to
manually remove it using HijackThis and VundoFix tool by Atribune.
http://www.atribune.org/forums/

Symantec has updated its removal tool for Vundo and it really works! There are actually two removal tools by Symantec, one is to remove the Vundo Trojan and other to remove the Adware associated with it. Removal method is a two step process; first remove the Trojan and then the Adware.

Download FixVundo.exe, the Trojan removal tool: http://securityresponse.symantec.com/avcenter/FixVundo.exe
Next, download FixVMonde.exe, the Adware removal tool: http://securityresponse.symantec.com/avcenter/FxVMonde.exe

First run FixVundo and then FixVMonde to remove the Vundo! Running both the tools in Safe Mode would help too!

polonus

Thanks also Polonus, don’t worry I am not infected with the malware I questioned you about, rather it was just a query but I shall remember your advice if I ever get these nasty malware (hopefully not ;))

Thanks for those links Polonus, I think they worked. I was being plagued by the vundo and recently got constant messages from Avast scanner concerning vundrop. After running the symantec tools and rebooting I haven’t gotten any so far. Thanks again although I didn’t even initially ask.

Hi mrroop,

Anything that works for you is valid, so spread the word on this way of attacking this low-life form of malware. And we are always glad to get feed back like this. Have a nice and malware-free day,

polonus