Vitro: Still A Problem?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View


I'm in the process of re-imaging my #2 daughter's PC - infected with
Vitro.

Googled, got close to a half-mil hits but couldn't find anything
within the past couple months.

The older posts indicated that there was basically no defense - that
some products detected it and some didn't, but none could recover from
it.

I'm guessing things have changed.

Can anybody confirm?

Using Avast.

Re: Vitro: Still A Problem?




| I'm in the process of re-imaging my #2 daughter's PC - infected with
| Vitro.

| Googled, got close to a half-mil hits but couldn't find anything
| within the past couple months.

| The older posts indicated that there was basically no defense - that
| some products detected it and some didn't, but none could recover from
| it.

| I'm guessing things have changed.

| Can anybody confirm?

| Using Avast.

Do you have a sample ?
If you do, submit a cpy to UploadMalware
http://www.uploadmalware.com /

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Vitro: Still A Problem?



Quoted text here. Click to load it

Not sure what your question is here, but I suggest a re-image from an
old enough image so as to not have an "infected" backup reinstalled.

As for prevention, nothing is perfect and polymorphic viruses are
particularly troublesome. That much will *not* have changed.



Re: Vitro: Still A Problem?




Quoted text here. Click to load it

Thanks for the terminology.

I just finished reading http://en.wikipedia.org/wiki/Polymorphic_code

Sheesh!.... sounds kind of grim to me... like the human flu... keeps
changing...

Now that I know that, I'll try harder to get the user of the affected
PC up-to-date on the process of re-imaging it themselves - bc it
sounds to me like there are going to be repeat performances of this.

Re: Vitro: Still A Problem?




Quoted text here. Click to load it

Thanks for the terminology.

I just finished reading http://en.wikipedia.org/wiki/Polymorphic_code

Sheesh!.... sounds kind of grim to me... like the human flu... keeps
changing...

Now that I know that, I'll try harder to get the user of the affected
PC up-to-date on the process of re-imaging it themselves - bc it
sounds to me like there are going to be repeat performances of this.

***
Trojans can take different forms also, but they usually don't do it
programmatically themselves (relying on human influence). Often just
detecting that a hash of the file matches a known to be malicious file's
hash is enough to detect it. This one is a virus, so, on top of having
malicious code that keeps changing how it appears with each iteration
(as you have just read) it hides "within" pre-existing executable
files - further complicating matters. Even so, the file infection
function is not the only bad thing that this malware does.

When doing image backups, consider having more than one. Some malware
may not be noticed until after a number of thought-to-be-clean images
were made - best to have backup backups going back in time if you know
what I mean.



Re: Vitro: Still A Problem?




Quoted text here. Click to load it

Thanks for the terminology.

I just finished reading http://en.wikipedia.org/wiki/Polymorphic_code

Sheesh!.... sounds kind of grim to me... like the human flu... keeps
changing...

Now that I know that, I'll try harder to get the user of the affected
PC up-to-date on the process of re-imaging it themselves - bc it
sounds to me like there are going to be repeat performances of this.

***
Sorry for the late addition to the thread - but I just ran across this
and thought it might be of interest to any readers still monitoring.

http://www.informit.com/articles/article.aspx?p=366890&seqNum=1

***



Site Timeline