Find the answer to your Linux question:
Results 1 to 4 of 4
I was following the forum regularly for a while, but have since run into a problem. I have been getting the "vundo" trojan from this site. It is a fairly ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. 04-09-2010 #1
    druidmatrix
    druidmatrix is offline
    Just Joined!
    Join Date
    Feb 2009
    Posts
    54

    For the site administrators

    I was following the forum regularly for a while, but have since run into a problem. I have been getting the "vundo" trojan from this site. It is a fairly new variant and fairly hard to remove. I'd be glad to post the registry keys it adds to the HijackThis log if anyone is interested.

    My system (XP SP3) is fully patched and I use FireFox, but I use an open-source antivirus program (Avira) and it is not detected. Neither does Spybot's Teatimer. To me it looks like it is using some "AcroRd32" vulnerability. What it does is install the pesky malaware which starts opening new IE windows when you are browsing (even with FF).

    I know this is not really a linux issue, but it is a site issue, and I was wondering if the site administrators would be willing to look into the problem.
  2. 04-09-2010 #2
    oz
    oz is offline
    forum.guy
    Join Date
    May 2004
    Location
    arch linux
    Posts
    18,733
    Hello, druidmatrix

    I'm not sure what might be going on, but the matter will be investigated and we'll report back.

    Thanks for the feedback.
    oz
  3. 04-09-2010 #3
    elija
    elija is online now
    Penguin of trust elija's Avatar
    Join Date
    Jul 2004
    Location
    Either at home or at work or down the pub
    Posts
    2,832
    Quote Originally Posted by druidmatrix View Post
    I was following the forum regularly for a while, but have since run into a problem. I have been getting the "vundo" trojan from this site. It is a fairly new variant and fairly hard to remove. I'd be glad to post the registry keys it adds to the HijackThis log if anyone is interested.

    My system (XP SP3) is fully patched and I use FireFox, but I use an open-source antivirus program (Avira) and it is not detected. Neither does Spybot's Teatimer. To me it looks like it is using some "AcroRd32" vulnerability. What it does is install the pesky malaware which starts opening new IE windows when you are browsing (even with FF).

    I know this is not really a linux issue, but it is a site issue, and I was wondering if the site administrators would be willing to look into the problem.
    This is spread through Flash if it's the same as we experienced a little while ago. It was actually being spread through the Flash ads served by our provider. While it was our security guys who dealt with it, the problem was related to the updater somehow.

    This may or may not help
    If we hit that bullseye, the rest of the dominoes will fall like a house of cards. Checkmate! (Zapp Brannigan)


    My new blog. It's probably not as good as I think it is.

    The Fifth Continent reborn
  4. 04-12-2010 #4
    MatthewGx
    MatthewGx is offline
    Community Leader
    Join Date
    Apr 2007
    Posts
    931
    Thanks druidmatrix for reporting this. And thanks Elija, that does help. I'll definitely see to it that this gets investigated.
    Matthew Gallizzi

    http://twitter.com/mgallizzi
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules