A Weekend Of RootKits: Figaro.sys Rootkit
I took a few appointments this weekend and witnessed the same infection over and over again…Figaro.sys. The Figaro.sys rootkit is dropped in c:\windows\system32\drivers (on vista) and on XP i’ve seen it in the DLLCACHE folder.
I don’t know exactly what it does but I can give you the symptoms:
Random reboots
Virtumonde drops
Very slow logins
I removed Figaro.sys [...]
Rogue Antivirus: How They Work and How to Remove Them
Rogue Anti-virus applications are being produced in ever increasing numbers each week now. Why? This is a scam that works big time! Rogue Anti-Virus scams are able to steal money, credit card numbers and sometimes entire identities. Below you can see the life cycle of a Rogue Anti-Virus scam.
1. You get infected with a Trojan [...]
Remove Vundo and Virtumonde Using Free Software
So, what is Vundo and how do you get infected with it?
Vundo is a pernicious Adware Trojan that is usually installed into your windows pc (Windows 2000, Windows XP, or Windows Vista) via an outdated Java Runtime Environment. Vundo, also known as Virtumonde and Virtumondo creates random letter DLL’s in C:\windows\system32 (tyeyavv.dll for example) [...]
Vundo Removal Updated for June 08
I used to hate Vundo because detecting and removing was really a pain in the as*. I say “used to” because I’ve found a little recipe for 100% removal (so far) that is quick and very effective. It’s not 100% free, but it does detect, remove and prevent new vundo infections.
1. Buy [...]
Virtumonde Often Undetectable or Not Removed…
Since I started reviewing Anti-Malware applications (I’ve reviewed OneCare, Kaspersky and NOD32) I’ve discovered one scary trend…Virtumonde is beating the pants off commercial anti-malware applications and not much is being done about it.
Here are some quick facts on Virtumonde:
Virtumonde is adware, horribly pernicious adware that displays a stream of popunder advertising.
It resides on your PC [...]
virtumonde removal
Virtumonde removal can be successfully accomplished via the following steps below. Please note that this fix only works on Windows XP. NEVER RUN COMBOFIX ON WINDOWS VISTA!!!
Warning: The fix below is a manual process and should only be attempted by professional anti-malware techs.
If you want to remove any [...]
