Avoid Trojan Vundo From Torrents
3 Days ago, my Acer Aspire infected with the newest variant of Trojan Vundo and ends with reformatting it. The Trojan came within the Guitar Pro Installer which I got from a torrent site. I learned that the file (*.exe) is not a normal executable file, it’s a win32 self exctract file. Here’s how to alter the file and purify the installer from the trojan.
1. After downloading files from torrent, extract the file (if it’s zip or rar) to directory
2. Right click on the extracted file (the *.exe file) and select “open with winRAR”
3. In winRAR window, you’ll see files, the setup file usually named with simple phrase as “setup.exe” but the virusĀ or trojan have complicated name ( 1ialgh6.exe, dddcrTh.exe, etc.)
4. Right click on the setup file and select extract
5. Well done! you have purified your file from Trojan and virus
Or you could just obtain software legally. Not as much fun but far safer. Great tip on extraction of this threat. I did not know you could do this. I already use winrar so the next torrent,,,, I mean software program I buy that is zipped I will give it a go.
Thanks for sharing this is very helpful advice. Vundo is quite a handful. My friend got infected and paid about $200 for Geek Squad to come repair it.
Actually, you can fix vundo by yourself. Download Spybot Search &Destroy (SPYBOT S&D) the best antispyware ever..
or, go to Safe Mode or use LINUX OS to manually remove the suspected file.. usually the file is listed in msconfig, look the tab startup and find some files named *.dll, look for the location of the files and take a note. Go to LINUX OS and find the Vundo’s directory, MOVE the suspected software to external storage (In case you found the wrong file, you can restore it back)