|
|
MFCOptimizeClass Object - New Vundo |
|
Written by Atribune
|
|
Feb 04, 2006 at 01:04 PM |
|
This morning I woke up to a bunch of emails and post notifications about a new variant of Vundo aka virtumonde.
After getting my hands on the file I went to work on checking it out. MFCOptimizeClass Object is definately a new variant of Vundo, complete with the Winfixer ads that it has now become associated with. Immediately after figuring out what it does I went to work and added it to VundoFix.exe . VundoFix.exe now targets three seperate variants of Vundo, "MSEvents Objects", "MFCOptimizeClass Objects" and "ATLDistrib Objects". So far I've only found 1 clsid for this variant, but there will surely be more to come, most times when you see one new clsid there is four or five more to follow. Complete instructions for removal can be found here. If you are still experiencing problems after following the instructions, please register and post in our forum |
|
Last Updated ( Feb 04, 2006 at 01:05 PM )
|
|
|
Written by Atribune
|
|
Feb 02, 2006 at 10:17 AM |
I've started a blog, in it I plan on posting info on malware and new tools I develop. Also little fixes I find in my travel that may prove useful to you. There is a link to the blog in menu on the right side of this page. Not sure how often I will get a chance to update it, but hopefully frequently.
Check it out http://www.atribune.org/Blog
|
|
|
Written by Atribune
|
|
Jan 19, 2006 at 08:34 PM |
There's a new variant of our favorite malware Vundo(Virtumonde) . This new variant employs rootkit tactics to hide itself from the Windows API, making extremely hard to detect and remove. Currently I am working on an automated fix and I believe I'm close but it may be a few days before it is ready to publically test. If you are getting winfixer popups, I recommend posting in the forum here at atribune.org for assistance in proper removal of all components.
|
|
Last Updated ( Feb 01, 2006 at 01:35 PM )
|
|
|
SpywareStrike 2.5 Removal |
|
Written by Atribune
|
|
Jan 07, 2006 at 04:42 AM |
This new Rogue anti-spyware program has hit the forums like wildfire. I have put together a removal tool for it.
This new tool is available for download at: http://www.atribune.org/ccount/click.php?id=3
Simply download it to your desktop and click run tool, then reboot your computer. You may want to visit the forum to make sure you don't have any other malware running on your machine.
Please do not host my applications without my permission.
|
|
Last Updated ( Jan 30, 2006 at 07:21 AM )
|
|
|
Written by Atribune
|
|
Dec 23, 2005 at 01:35 PM |
ATF Cleaner is my own personal Temp file removal tool.
I have added some new features to ATF Cleaner these include:
Cleaning of all user temp folders, administrator only can use this feature.
Cleaning of the Java cache, which seems to be harbouring more and more malware.
Cleaning for the Opera browser, including Operas cache, cookies, history, download history, saved passwords and visited links
Atf Cleaner is available from here
Some screenshots of ATF Cleaner can be seen here
Comments may also be posted on the forum
Hope you all enjoy, and I am looking forward to your comments.
Please do not host my applications without permission.
|
|
Last Updated ( Jan 30, 2006 at 07:10 AM )
|
|
|
Written by Administrator
|
|
Sep 07, 2005 at 09:53 AM |
Alot of time was spent developing VundoFix.zip. Figuring out how to remove the infection in the easiest possible way.
In the last few weeks a new variant of Virtumonde aka Vundo was released and Vundofix.zip no longer worked.
A new VundoFix has been released and I am proud to say so far it has
had great success.If you are here at Atribune.org seeking assistance
for Vundo removal please visit the forum
http://www.atribune.org/forums
I recommend you start out on the forum by visiting this thread and following all the provided instructions
http://www.atribune.org/forums/index.php?showtopic=424
|
|
|
<< Start < Previous 1 2 Next > End >>
|
| Results 13 - 19 of 19 |
