Trojan Packed.Monder
Trojan Packed.Monder is a malicious program with hidden intention. The Trojan will spread in various formats, spam email, infected websites and embedding itself on downloadable programs readily available on unsecured file-sharing networks. Once infected, Trojan Packed.Monder attempts to connect to a remote website and download more malware to be executed on computer without user’s knowledge.
Having the characteristic of a Vundo Trojan, it is anticipated that Trojan Packed.Monder also produces excessive pop-up advertisements. Moreover, this Trojan was developed in connection to propagation of rogue security products and anti-spyware applications.
Trojan Packed.Monder usually acquired by visiting malicious web sites that employs a drive-by-download method. Spam email messages consisting of links may also lead to infection of this Trojan.
Damage Level: Medium
Threat Assessment By: ThreatExpert
Alias: HeurEngine.MaliciousPacker, Packed.Generic.180, Trojan.Win32.Monder.meb, Vundo.gen.m, Troj/Virtum-Gen, Trojan:Win32/Vundo.HX, Trojan.Win32.Monderb, Win-Trojan/Vundo.44544.F
Systems Affected: Windows 9x, 2000, XP, Vista
How to Remove Trojan Packed.Monder:
MANUAL REMOVAL OF Trojan Packed.Monder:
1. If an anti-virus program is present, update the definition file.
2. Reboot Windows in Safe Mode
- After turning on the power, press F8 on the keyboard.
- From the menu, select Safe Mode.
3. Run a full system scan and clean/delete all infected file(s).
4. Restart Windows.
ADDITIONAL TOOLS AND PROGRAMS:
Scan with Norton Power Eraser:
A free removal tool from Norton Antivirus was developed to remove virus and unfamiliar threats without using the traditional AV signatures. Download the tool from this location and start scanning the computer for viruses.
Technical Details and Additional Information:
Other functionalities of this Trojan:
- This Trojan will register a Winlogon notification package. This makes it a part of Windows Login subsystem.
- Trojan Packed.Monder embeds itself into explorer.exe.
- It can download and execute rogue security application from a remote server.
Ryszard
Jul 24, 2009 @ 08:21:46
The best solution is to use AVG Free Antivirus and when detected click: Move to the virus vault. It will be removed from your computer after some days. Please open “settings” and check how many days it must wait in vault. If more than 10, you should change it. I have set it on “empty virus vault every three days”
dominic
Jul 25, 2009 @ 22:59:33
Excuse me, please email me at my email address but where exactly is the settings for the AVG anti-virus free?
dominic
Jul 25, 2009 @ 23:00:09
My bad I wasnt looking up.
Christine
Jul 30, 2009 @ 23:34:42
I have AVG and received a “virus identified Packed.Monder” notification this morning. It also stated that it was detected upon start up. I haven’t rebooted my computer since yesterday afternoon and ran AVG scan last night, as I do every night. I have moved it to the virus vault, but am wondering if there is a way that the AVG missed it in my daily scan, and if it can still potentially spread after being put in the vault?
Jenny
Aug 05, 2009 @ 13:12:04
I had the same problem, but my computer automatically turned off and restarted when the virus was detected, so it seems that it can only be detected during reboot.
Just in case, I ran a scan in Safe Mode- I do this every time my computer detects a virus.
Will
Aug 11, 2009 @ 01:18:20
I got it. It was in my temporary Internet files. i scanned as i took a shower and I’m glad i did. Don’t trust wii point generators. AVG saved my ass twice today.
Nikki
Aug 21, 2009 @ 04:52:02
Hi
I got this virus last night and since then my Internet explorer has not worked. When I try to move it to the vault it says that it needs forced removal and doing this could damage my system and even crash it. I have AVG and have scanned and it didn’t pick it up. I have no idea where to go from here?
dave
Sep 17, 2009 @ 14:56:53
hi, a friend passed me his flash card to show me this wii point generator for my wii. thankfully, my avg detected it upon loading of the usb flash and was able to remove it after researching wethere it was a false positive or real threat (never opened it, simply left the warning open while researching).
Just like Will said, don’t trust Wii Point Generators
Rock Martin
Sep 21, 2009 @ 03:02:34
OK, I might need some help. I can’t seem to remove Packed.Monder from my PC even with AVG. Am I doing something wrong?
Tom P.
Oct 01, 2009 @ 22:32:20
I’ve had Packed Monder for about 3 weeks. AVG can’t do anything with it because the infection is not on a local disk(according to AVG).
In short, AVG (free version) knows it’s there and in my Explorer program but can’t lay a finger on it. The infection number(xxxx) changes after every scan as if it’s bobbing & weaving to avoid getting hit.
Jay
Oct 25, 2009 @ 13:58:13
for all those who have the deaded packed.monder get to geekpolice.net they can help you out but its a nasty virus, i have had it for 2weeks and managed to restrict it but avg is still telling me its there, as far as i know AVG (once virus is in) can only warn u about it. av forces removal everything it goes to the vault but more apear my resident shield is now up to 1523 all the same packed.monder remove all threats and it still stays the same, so if anyone knows of how to remove it could u let me know, geekpolice managed to restrict it but had no word back to what todo next.
thanks