The Vundo trojan is one of the most well-known and commonly spread on the Internet today. It commonly spreads through email attachments or a litany of browser exploits that take advantage of either built-in weaknesses in the browser itself or, regularly, through security flaws in popular browser plugins (ie, Flash and Java). Vundo also goes by several aliases including Virtumonde and Virtumondo.

What Vundo Does
Vundo, once installed, will disable most of the Windows notification systems to make sure your Firewall and Antivirus programs are running and up-to-date. Once that is done, Vundo will turn your computer into a weapon for Denial of Service attacks on popular websites and, most irritating to the infected user, assault you with non-stop advertising popups.

Reming Vundo
There are tons of Vundo varieties in the wild right now with more popping up all of the time. Since Vundo does so much to prevent the regular anti-virus operations of the infected machine sometimes removing Vundo can be a painful process. Here are a few links that might help you remove Vundo if your regular antivirus software can’t get the job done:

• http://www.symantec.com/security_response/writeup.jsp?docid=2004-112210-3747-99
• http://www.bleepingcomputer.com/virus-removal/remove-vundo-virtumonde

The Exploit-PDF.b Trojan has been all over the news for the last several years, with a new variant popping up a few days ago, so I thought I’d take some time to describe the threat and offer some Exploit-PDF.b removal solutions to anyone currently affected.

Exploit-PDF.b essentially exploits a vulnerability in PDF files and uses embedded JavaScript and a Flash object to download malicious software to install on the host machine. If you’re even a slight follower Apple’s recent fight over including Flash in their mobile products, issues like Exploit-PDF.b are some of their biggest pieces of ammo. Adobe has been pushing insecure products for too long, in the eyes of Apple and many others, and by refusing to include their software in their own products many hardware makers are claiming to greatly increase the security of their devices.

Exploit-PDF.b Removal
In addition to obviously maintaining an antivirus program that is up-to-date, here are a few links that might offer some additional help in removing Exploit-PDF.b from your computer:

• http://www.precisesecurity.com/trojan/exploit-pdfbgen/
• http://www.pc1news.com/virus/alias-exploit-pdf-b-gen-37171.html

Through a series of rather unfortunate events investigating a problem related to a client I infected my Windows machine with the Bomka.G Trojan this morning. I couldn’t find a lot of details online about the specifics of Bomka.G but my antivirus program was pitching errors and warnings all over the place every few minutes about the threat that had been installed.

I had a tough time finding any Bomka.G removal information by searching online but I did find a recommendation for some other antivirus programs to try. So I ended up downloading Malwarebytes Anti-Malware 1.46 from FileHippo.com after the other virus scanning solutions I had previously installed found the problem but were unable to fix it. Malwarebytes’ program managed to remove all traces of the Bomka.G Trojan from my machine using the quickest scan option available. The whole process to remove Bomka.G took less than 15 minutes from start to finish.

Bomka.G looks like a pretty typical Trojan in that it infects your machine, takes control of your computer and then takes your information while you’re unaware. As usual, you can help prevent these kinds of things from affecting you by keeping your antivirus software up-to-date and functional. Even though the particular antivirus program I was using before today couldn’t fix Bomka.G, it did notify me of the problem so that I wasn’t unaware of the damage being done to my computer.