Just spent half a day getting rid of Vundo.H trojan on a PC at work. No virus scans run for 8+ months. IE temp folder took 3 minutes to empty. After a half dozen scans with NOD32, MalwareBytes, and MS MRT I stopped getting an infection warning. Had our outside gurus take it anyway and pull the HD to scan. All they found were bits left over (dll's, etc). Cool1 The guy that uses the PC had no clue how it could have got there. When he asked how it happened I told him it most likely came from a web site as he said he "NEVER" opens attachments in email he is not expecting. (Found a bunch of photos of NASCAR junk via email) He asked what this Vundo.H does / works........I said it embeds itself in the Data Unit Main Board Access Service System
and can cause slow downs or BSOD......He nodded. and walked away.
He complains his kids destroyed their home PC in 6 months!!!!!
AMD Phenom II X4 940 Black Edition @ 3.4GHz (AM2+)
Motherboard
Gigabyte GA-MA790X-UD4P (AM2+)
Memory
Corsair CM2X4096-8500C5 (4 X 2GB)
Graphics Card(s)
XFX Radeon HD 5770 / Diamond Radeon HD 5770 CrossFireX
Sound Card
Asus Xonar DS (PCI)
Monitor(s) Displays
Samsung SyncMaster 932bw+ (3)
Screen Resolution
4320x900
Hard Drives
OCZ Vertex 2 80 GB - Windows 7 System --
WD Caviar Black 1TB - Music, Movies, Vids, Pics --
WD Caviar Black 640GB - User Profiles & Games --
WD My Book 320GB external
PSU
Corsair CMPSU-750TX
Case
Cooler Master HAF 932
Cooling
Corsair Hydro Series H50
Keyboard
Logitech Desktop Wave
Mouse
Logitech LX8 Laser
Internet Speed
20 down / 2 up
Other Info
LG GGC-H20L Blu-Ray / HDDVD combo --
Hauppauge HVR-1250 --
Silverstone MFP-51 --
Logitech Webcam C600
Why isn't there a centralized AV product installed and in place at your work environment with a real time scanner that would have stopped this stuff as it came in???????? Cannot always put the blame on the end users...sometimes the people who maintain the business need a swift kick for not taking precautions and saving the end-users from themselves. Because at the end of the day, it's the business that is ultimately impacted if data is wiped out or worker productivity is lost.
My Computer
Computer Manufacturer/Model Number
Self-Built in July 2009
OS
Windows 7 Ultimate x64
CPU
Intel Q9550 2.83Ghz OC'd to 3.40Ghz
Motherboard
Gigabyte GA-EP45-UD3R rev. 1.1, F12 BIOS
Memory
8GB G.Skill PI DDR2-800, 4-4-4-12 timings
Graphics Card(s)
EVGA 1280MB Nvidia GeForce GTX570
Sound Card
Realtek ALC899A 8 channel onboard audio
Monitor(s) Displays
23" Acer x233H
Screen Resolution
1920x1080
Hard Drives
Intel X25-M 80GB Gen 2 SSD
Western Digital 1TB Caviar Black, 32MB cache. WD1001FALS
PSU
Corsair 620HX modular
Case
Antec P182
Cooling
stock
Keyboard
ABS M1 Mechanical
Mouse
Logitech G9 Laser Mouse
Internet Speed
15/2 cable modem
Other Info
Windows and Linux enthusiast. Logitech G35 Headset.
Why isn't there a centralized AV product installed and in place at your work environment with a real time scanner that would have stopped this stuff as it came in????????
We have a server and 6 PC's all running NOD32. I am not an IT Pro. Stuff breaks, I fix it. I tell them run scans, delete temps etc, but I'm not the boss. If I can't figure it out I send it to our outside guys.
The last virus I had on my own PC was on my 486Gateway. Never had anything at work. Don't intend to get another at home.
Very true, but it sounds like from the OP that the company exercises a very lazy approach to protecting their networks. No virus scans in 8+ months, etc.
Even with a strong environment, you can occasionally get hit with something. I got a non destructive malware alert that went off in Trend last week when I was googling a local news story and a file was quarantined on my box.
My Computer
Computer Manufacturer/Model Number
Self-Built in July 2009
OS
Windows 7 Ultimate x64
CPU
Intel Q9550 2.83Ghz OC'd to 3.40Ghz
Motherboard
Gigabyte GA-EP45-UD3R rev. 1.1, F12 BIOS
Memory
8GB G.Skill PI DDR2-800, 4-4-4-12 timings
Graphics Card(s)
EVGA 1280MB Nvidia GeForce GTX570
Sound Card
Realtek ALC899A 8 channel onboard audio
Monitor(s) Displays
23" Acer x233H
Screen Resolution
1920x1080
Hard Drives
Intel X25-M 80GB Gen 2 SSD
Western Digital 1TB Caviar Black, 32MB cache. WD1001FALS
PSU
Corsair 620HX modular
Case
Antec P182
Cooling
stock
Keyboard
ABS M1 Mechanical
Mouse
Logitech G9 Laser Mouse
Internet Speed
15/2 cable modem
Other Info
Windows and Linux enthusiast. Logitech G35 Headset.
I checked the internet on this trojan and I guess some junk can find away in no matter what. I don't cruise the net and go where ever. I have sites I use and I have had sites tell me they can't open because of my settings. See ya! I don't go there then.
IT is not my main job. I inherited it. There was no server when I started over 10 years ago. I just do what I can.
That sucks....I was going to buy.
I know security. I just can't enforce it. Regular back ups, snoop via the server to check upon problems. Other than that to each his own. I know what they are doing even if they won't admit it. I don't pry, just watch the system. I have many other duties. That trojan didn't just pop out of nowhere. Keeps me employed as the outside guys charge $100 an hour.
The guy that uses the PC had no clue how it could have got there.
When he asked how it happened I told him it most likely came from a web site as he said he "NEVER" opens attachments in email he is not expecting. (Found a bunch of photos of NASCAR junk via email) He asked what this Vundo.H does / works........I said it embeds itself in the
