Is avast able to remove vundo?

Hello guys,

I found a machine, with a vundo infection. I never found a threat that is so nasty as this one.
Antivir kept finding 2 dlls and could not remove it, as it was set up in registry to auto start by the winlogon entry. So, even in safe mode, when Avira found this malware, it could not be removed cause its already running in memory. Auto start using win logon its very hard to deal, because if you remove the entry (I didnt know the original entry), windows stops to initialyze. So I decided to back up and format everything.

So I was wondering, if Avast, with this anti spyware feature (and with the feature that you guys said that it have of being able to search malicious things in registry), also with the boot time scan (that happens before the win logon, am i right?) will be able to remove this kind of infection and return the original winlogon entry in registry?

Thanks for your time,

BrBrasil

:slight_smile: Hi :

I recommend you use “VundoFix”
available from http://vundofix.atribune.org/ ; make sure you follow the
“Normal Usage for Removal:” Instructions .

Hmm,

Ok, I will check that. Thanks!

But that means that avast wouldnt do any better than Avira did in this case?

Thanks for your time,

BrBrasil

avast does detect a number of vundo variants, but there is no saying if that is one of them. So the specialist Vundo tool mentioned by Spiritsongs is probably a good bet.

There is no way to compare avast/Avira unless you were able to test under the same conditions, e.g. uninstall avira, reboot, install avast and scan and see if it was detected and dealt with. avast has the ability to do a boot-time scan and that is often able to deal with files that can’t be removed when windows is running.