No, Vundo's not an evil clown.
It's a Trojan horse. You know, one of those nasty computer viruses that sneak into your system, then wreak untold havoc.
Vundo, or the Vundo Trojan (also known as Virtumonde or Virtumondo and sometimes referred to as MS Juan) is a Trojan horse that is known to cause popups and advertising for rogue antispyware programs, and sporadically other misbehavior including performance degradation and denial of service with some websites including Google and Facebook.Yep, the oldest trick in the book: present yourself as a kind soul, a do-gooder. Charitable, concerned, altruistic. Only to ruthlessly fleece your mark once you're in the door. Pandora's box in an attractive package. The handshake, then the stab in the back.
A Vundo infection is typically caused either by opening an e-mail attachment carrying the trojan, or through a variety of browser exploits, including vulnerabilities in popular browser plug-ins, such as Java. Many of the popups advertise fraudulent programs including (but not limited to) Sysprotect, Storage Protector, AntiSpywareMaster, WinFixer, AntiVirus 2009, AntiVirus 360, Personal Guard 2009, and Virus Doctor (not to be confused with Spyware Doctor).
How do you know whether "Vundo's in the house"? Here are just a few of the symptoms:
- Vundo may attempt to prevent the user from removing it or otherwise impede its operation, such as by disabling the task manager, registry editor, and msconfig...
- Some firewalls or antivirus software may also be disabled by the virus leaving the system even more vulnerable. Especially, it disables Norton AntiVirus and in turn uses it to spread the infection....
- Popular anti-malware programs such as Spybot - Search & Destroy or Malwarebytes' Anti-Malware may be deleted or immediately closed upon loading...
- Web access may also be negatively affected. Vundo may cause many websites to be inaccessible.
- Google search links may be directed to rogue antispyware sites, which can be avoided by copy and pasting addresses
- Vundo may cause webpages to fail to load after sessions of browsing and present a blank page in the browser instead of the webpage.
And it hides so well, you can't detect it with spyware and rout it out (your outsmarted program claiming there are no infected objects when, in fact, they are legion -- which makes you paranoid going forward, unsure if your system is ever virus free, reacting with panic to the slightest blip on your PC).
It manages to not only ingeniously mask but prodigiously replicate itself. A coup of deception and contagion. Rippling. Spreading. Like
You're left to speculate how it snuck in:
- Open the wrong email (even though it presumably came from a "friendly" -- a familiar source or someone you know)?
- Click on a suspicious attachment (or one that seemed completely innocuous)?
- Close an annoying pop-up or an ersatz ad (not realizing that closing, instead of closing out, activates infection)?
The process may well leave you (like me) feeling helpless and haunted with questions:
- What did I do wrong?
- What protection is there from Vundo's restless and devastating tentacles? (Or from predatory computer repair shops that want to charge you hundreds of dollars for virus removal?)
- What sick, unprincipled scum sucker would create, and propagate, an abomination like this?
Satan is real.
And living in your computer.