Find the answer to your Linux question:
Results 1 to 4 of 4
I was following the forum regularly for a while, but have since run into a problem. I have been getting the "vundo" trojan from this site. It is a fairly ...
  1. 04-09-2010 #1
    druidmatrix
    druidmatrix is offline
    Just Joined!
    Join Date
    Feb 2009
    Posts
    54

    For the site administrators

    I was following the forum regularly for a while, but have since run into a problem. I have been getting the "vundo" trojan from this site. It is a fairly new variant and fairly hard to remove. I'd be glad to post the registry keys it adds to the HijackThis log if anyone is interested.

    My system (XP SP3) is fully patched and I use FireFox, but I use an open-source antivirus program (Avira) and it is not detected. Neither does Spybot's Teatimer. To me it looks like it is using some "AcroRd32" vulnerability. What it does is install the pesky malaware which starts opening new IE windows when you are browsing (even with FF).

    I know this is not really a linux issue, but it is a site issue, and I was wondering if the site administrators would be willing to look into the problem.
  2. 04-09-2010 #2
    oz
    oz is offline
    forum.guy
    Join Date
    May 2004
    Location
    arch linux
    Posts
    18,086
    Hello, druidmatrix

    I'm not sure what might be going on, but the matter will be investigated and we'll report back.

    Thanks for the feedback.
    oz

    new members/users: read this first | new member faq
    no private messages requesting computer support - post them on the forums!
    please use the "report post" button to alert our forum admins to problematic posts rather than responding to them yourself.
  3. 04-09-2010 #3
    elija
    elija is offline
    Trusted Penguin elija's Avatar
    Join Date
    Jul 2004
    Location
    Either at home or at work or down the pub
    Posts
    2,296
    Quote Originally Posted by druidmatrix View Post
    I was following the forum regularly for a while, but have since run into a problem. I have been getting the "vundo" trojan from this site. It is a fairly new variant and fairly hard to remove. I'd be glad to post the registry keys it adds to the HijackThis log if anyone is interested.

    My system (XP SP3) is fully patched and I use FireFox, but I use an open-source antivirus program (Avira) and it is not detected. Neither does Spybot's Teatimer. To me it looks like it is using some "AcroRd32" vulnerability. What it does is install the pesky malaware which starts opening new IE windows when you are browsing (even with FF).

    I know this is not really a linux issue, but it is a site issue, and I was wondering if the site administrators would be willing to look into the problem.
    This is spread through Flash if it's the same as we experienced a little while ago. It was actually being spread through the Flash ads served by our provider. While it was our security guys who dealt with it, the problem was related to the updater somehow.

    This may or may not help
    If we hit that bullseye, the rest of the dominoes will fall like a house of cards. Checkmate! (Zapp Brannigan)


    My new blog. It's probably not as good as I think it is.
  4. 04-12-2010 #4
    MatthewGx
    MatthewGx is offline
    Community Leader
    Join Date
    Apr 2007
    Posts
    911
    Thanks druidmatrix for reporting this. And thanks Elija, that does help. I'll definitely see to it that this gets investigated.
    Matthew Gallizzi

    http://twitter.com/mgallizzi
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules