tag:blogger.com,1999:blog-5349803995745917014.post6666850718529104757..comments2024-03-25T14:13:15.190-07:00Comments on eMule MoDs: VundoFix 6.7.08Reconhttp://www.blogger.com/profile/06503028238011791604noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-5349803995745917014.post-7780389492828708122008-07-22T09:12:00.000-07:002008-07-22T09:12:00.000-07:00I needed to get a real vundo infection for testing...I needed to get a real vundo infection for testing purposes. It took me less than fifteen minutes of googling, downloading and installing a piece of software that contained embedded code of Trojan Vundo. It's no surprise McAfee VirusScan showed no signs of infection - yet errors started popping up, one of them being a software.php file which Windows was unable to open (that's natural - a don't have a Win32 PHP parser installed). Just <br>curious what Vundo can make if it executes a php code?.. Also, the parasite quickly created a folder in Program files, settled in restore point, places autorun entries in the registry, etc. No wonder this is a hard to remove trojan.VundoFixerhttp://hubpages.com/hub/Trojan-Vundo-Removalnoreply@blogger.comtag:blogger.com,1999:blog-5349803995745917014.post-31701711980033830252008-07-22T10:33:16.862-07:002008-07-22T10:33:16.862-07:00Please send a comment with your email. Can send yo...Please send a comment with your email. Can send you a few files to analyse.<br>I must say im very angry about Kaspersky support as I did send them a active real trojan. It was already by most scanners according to virustotal in year 2007 founded, Kasperky answer they could not found any virus inside the small armadillo packed proteckted dll file. I understand it is hard to unpack some armadillo packed files but don't they come on the idea that possible run dll as apllication will activate the trojan and inject winsock with 2 entries. Microsoft did not responce after i send them 2 viruses which i found in p2p networks include virustotal analyses where already 7 scanner detect these files meanwhile microsoft germany support asked me if the usa research lab have add them to the database. <br>Thants my expirience about submitting founded viruses to av labs.Anonymousnoreply@blogger.com