Virus Trojan Vundo


[Updated on: 07/07/08 12:08 AM ]

Menurut Gw virus ini adalah salah 1 virus yang berbahaya, krn Gw sudah pake 6 AntiVirus masih aja tidak bisa melawannya. Dan ini beberapa data yg Gw dapat tentang virus itu :

# Trojan.Vundo or Vundo (also known as Vundo.B or Vundo.dldr) is a trojan that displays large amount of unsolicited Pop-Up Ads. this application includes Adware, spyware, Malware, hacks and data mining. Vundo.B is a variant of the Vundo trojan. It is responsible for the severe decrease of the amount of system virtual memory available. Vundo secretly runs on every Windows startup.

# Vendor: Unknown

# Vendor URL: not available

# Threat Level: Severe Risk

# Trojan.Vundo Characteristics:

* Degrades the performance of the computer by decreasing the amount of virtual memory available.

* Displays advertisements on the infected computer.

* Records personal data-keystrokes.

* Hijacks internet browser.

* Allows remote influence.

* Allows remote influence.

* Exploits a security flaw.

* Distributes threats.

Trojan.Vundo Manual Removal

Find and Remove the following Trojan.Vundo files and folders:
Vundo uses randomly named files. The parasite creates infected executable files with random names (Gw punya “rlukwmoq.dll” , “cmegrwgf.dll” , “wvusqpp.dll”). These files can be found in different folders inside C:\Windows or C:\Winnt directory.
Find and Delete the following Trojan.Vundo Registry entries:

HLM\SOFTWARE\Classes\ADOUsefulNet.ADOUsefulNet
HLM\SOFTWARE\Classes\ADOUsefulNet.ADOUsefulNet.1
HLM\SOFTWARE\Classes\ATLDistrib.ATLDistrib\CLSID\
HLM\SOFTWARE\Classes\ATLDistrib.ATLDistrib.1\CLSID\
HLM\SOFTWARE\Classes\CLSID\{02F96FB7-8AF6-439B-B7BA-2F952F9E4800}
HLM\SOFTWARE\Classes\CLSID\{22E85F2A-4A67-4835-B2C3-C575FE4EC322}
HLM\SOFTWARE\Classes\CLSID\{2353FCBC-012D-487B-8BF3-865C0929FBEB}
HLM\SOFTWARE\Classes\DPCUpdater.DPCUpdater
HLM\SOFTWARE\Classes\DPCUpdater.DPCUpdater.1
HLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02F96FB7-8AF6-439B-B7BA-2F952F9E4800}

HLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22E85F2A-4A67-4835-B2C3-C575FE4EC322}

HLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DE8BDE42-16D9-4CCC-9F4F-1C3167B82F60}

KU\S-1-5-21-2068663838-1736639611-1443527720-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2353FCBC-012D-487B-8BF3-865C0929FBEB}
HCR\CLSID\{DE8BDE42-16D9-4CCC-9F4F-1C3167B82F60}

HLM itu : HKEY_LOCAL_MACHINE
KU itu : KEY_USERS
HCR itu : HKEY_CLASSES_ROOT

Sumber : http://www.squidoo.com (Menurut Gw itu juga websitenya spyware, sehingga saya menganjurkan Anda tidak membuka website tersebut, ingat baca https://albertuschw.wordpress.com/2008/05/17/saran-tentang-virus/)

Dan baca juga di artikel www.rofiqsiregar.wordpress.com

Dan baca juga di artikel www.arrestria.multiply.com

Dan baca juga Chip bulan 6 tahun 2007 (Kalau gak salah)

Download program untuk melumpuhkan Trojan Vundo : Dari www.symantec.com

Dan juga dari www.atribune.org

Baca ini Saran Tentang Virus

Advertisements

4 Responses to Virus Trojan Vundo

  1. vundo virus says:

    […] dapat tentang virus itu : Trojan.Vundo or vundo also known as Vundo.B or Vundo.dldr is a trojan thahttps://albertuschw.wordpress.com/2008/05/21/virus-trojan-vundo/Been to binsearch.info lately? Then you got the Vundo virus.Cure LinkHere is the […]

    Albertus ChW : Thanks 4 link

  2. Trojan.Vundo says:

    There are many different ways that a Trojan horse virus can infect your computer. One thing that all Trojan horse viruses have in common is that they cannot be activated unless you activate the file in which they are hidden.

    Albertus ChW : Saya mohon maaf Gw tidak mengizinkan para pembaca Blog Gw membuka Link Anda (http://squidoo.com/Remove-WinReanimator). Thank you for your comment and your information about Trojan Vundo.

  3. PC Security says:

    Good info and well presented, for more quality free info on pc security related issues have a look here.

    Albertus ChW : Thanks 4 coming, but u r spam here. This is ur link : http://www..easypcsecurity..info/?cat=1

  4. sandrar says:

    Hi! I was surfing and found your blog post… nice! I love your blog. 🙂 Cheers! Sandra. R.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: