Vundo, Generic.dx, Downloader_BFC – next generation viruses

.

I have been testing all kinds of antiviruses to see which one is more reliable. On my sister's laptop, I have kaspersky. On my personal laptop, I have NOD32 and on our home computer had MCAFEE .

Around 2 weeks ago, the internet explorer on my home computer started crashing more often. I get random pop-ups every few hours despite the fact that pop-up blocker is installed. First thing I did is to do a system scan with the Mcafee. Didn't detect anything. I forgot that it is unlike kaspersky and NOD32 where you have to update MCAFEE manually. So after I did that, I kept getting virus alerts about the existence of random viruses such as "vundo", "generic.dx" or "downloader-bfc". What was even more annoying is that none of them can be cleaned. It would start with a pop up screen saying that a certain file is infected and showing the path for it. But then when you go to investigate the path, the file is no longer there.

Apparently, the viruses work by generating files in C:\windows, C:\windows\system32 and in C:\program files\common files and all paths that you wouldn't wanna miss with. What's even worse is that it'll create random .dll & .exe files that leaves you guessing on whether these are system files windows need or not.

That's why googling a solution was not really helpful as each case is computer specific. The files infected at your pc would differ than the ones infected at mine. And that's why all those guys who are infected ended up consulting an online technician who'd provide you with tools to use and we'll request you to post back a log file of the scan results. Accordingly, he'll study the log files and will manually be able to nitpick the path files you need to remove.

After I gave up on removing the viruses by myself (which I find it very humiliating as I come from a computer science background and I pretty much consider myself a techy person), without the need of formatting my pc, I went for my last option of creating an account on forums.techguy.org and asked for help. More on my experience with those viruses can be found here.

I'd like to thank racenutalways for his patience and for helping me to get rid of these annoying viruses. From all this, I learnt my major lesson. I uninstalled MCAFEE and now I am using AVG antivirus which is much faster and much more efficient.

The last 2 weeks left me in awe for those virus writers who got so creative that created viruses that create such random, computer-specific files making a universal removal tool almost possible.

8 comments:

KJ said...

Hamza, on my PC I have NOD32 and ad-aware with ad-watch active. I haven't gotten a virus or spyware since.

Ad-aware 2007 has been recently released, and although it looks pretty, the Ad-Watch (which monitors incoming/outgoing traffic and registry) has a serious memory leak so just use the older version (currently the only difference is the interface as far as I am concerned)

Sam said...

yikes...i hate those stupid viruses..it is not like you can give the computer an antibiotic and be done with it...i usually take the high road and refomat my computer everytime something weird happens..

Kinano said...

I havent used an anti-virus for years now and my machine has never been any healthier

asoom said...

I have Trend Micro which I was tricked into paying $150 for because if I didn't buy it the screen one day can go blank and I'll realize that I've just lost every document that my life depended on, either that or the laptop would self combust and the house could catch fire (I can't remember what else the salesman/tech told me)

elijah said...

WHAT THE HELL HAPPENED HERE !!!!!

Hamza said...

KJ - I know. My laptop (the one with NOD32) and my sister's laptop (one with kaspersky) didn't get infected. I was talking about the one with MCAFEE and how once you get infected with these viruses, it'll be extremely difficult to remove them

sam - reformatting is the safest solution if you don't have GIGABYTES of music, photoes or data that you wanna back up

kinano - who would wanna hack you? you are too insignificant to be hacked.

asoom - lol @ laptop would self-combust. this salesman/tech daydreams alot

elijah - ok ok. its my blogger template. Ok, any ideas on the colors to use?

Ms Loala said...

I was gonna help!!
Damn it! :\

Ok, first of all congratulations :P
I really know how it feels when your PC is infected with something that can't be removed!

That downloader thing ....? really caused me an utter headache and consumed every last drop of my patience.

It crashed my PCs performance, it became very slow and pop-ups were poping out like crazy. Later on i discovered that it was a spyware which any of the anti-virus\spyware softwares could not remove except for one helluva program. It's called Counter spy. It's efficient, light and fast and deletes almost any infected file within a second. It literally saveed my sanity!

Maybe you should try it, for future infections since there will be plenty ..

elijah said...

Choose soothing colors, you open your site a lot so choose ones the are relaxing. To me light colors are soothing. But black and red! I get a shock when i open ur site :(