I've have done some intensive research on this virus and pls do inform me if you need help. I mite not have the knowledge to help you directly but i know where you can cure it. Again, i would like to stress to all that it is important to make sure you Windows XP or Vista are fully updated as well as your Antivirus and Firewall. Antivirus software does detect the virus but it has yet to fully "immune" itself from it yet. Even the "best fix" fix around can't fully clean it or can't detect it at all as the virus has this ability to come in different file names. I've already linked the Fix with is called VundoFix on my "Virus cleaners that you should have with you" corner. Pls help yourself with it. If problem persist,pls do inform me and i will tell you what to do next.
Here's more details of the virus courtesy to Pandasecurity.com
Common name:
Virtumonde
Technical name:
Spyware/Virtumonde
Threat level:
Low
Type:
Spyware
Effects:
It logs keystrokes and displays advertising messages
periodically. It does not spread automatically by its own means.
Affected platforms:
Windows (also vista cos i got it)2003/XP/2000/NT/ME/98/95
First detected on:
Oct. 8, 2004
Detection updated on:
May 1, 2008
Statistics
Yes
Proactive protection:
Yes, using TruPrevent Technologies
Brief Description
Virtumonde is a spyware program that creates a DLL (Dynamic Link Library), which logs keystrokes and connects
to a certain web page, in order to obtain miscellaneous information and display
advertising messages periodically.
Virtumonde connects the DLL it creates to
the system process explorer.exe. By doing this, it goes memory resident, and checks if Virtumonde is currently running. If
not, Virtumonde is launched again.
Additionally, Virtumonde registers itself
as LSP (Layered Service Provider), in order to harvest users' information about
their connection, such as Internet usage, pages viewed, phone connection
details, inventory of the applications installed in the computer, etc.
Spyware can be installed with the user consent and awareness, but sometimes
it is not. The same happens with the knowledge or lack of knowledge regarding
data collected and the way it is used.
Note:LSP (Layered Service
Provider) is a Windows feature that allows to specify a number of programs, in
order to process all the TCP/IP traffic taking place between Internet and the
applications that are accessing Internet (such as the web browser, the email
client, etc.).
For example, it could be specified a computer security
program, which analyses the traffic in search for viruses or other threats
before transferring it to the final application of the traffic.
However,
this structure can also be used by adware and spyware programs, in order to intercept the
communication across the Internet, and, what is worse, if they are deleted
without taking precautions, the Internet connection will stop working
indefinitely.
Visible Symptoms
Virtumonde is easy to recognize, as it displays advertising
messages periodically.
Again, I would like to remind you that nobody is safe in the Cyber world even surfing a blog can get you some nasty virus or keyloggers so pls do practice safe surfing and don't allow installation of files when you are not installing anything. Also pls don't accept any files/"so called your pictures" with the extentioon .exe behind in your MSN/Windows Live Messenger.Be it your best friend who send you this or someone who you trust, ask them again what is the file before accepting. Feel free to ask a few more before accepting it. Good Luck
No comments:
Post a Comment