Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: help with removing virtumonde

  1. #1
    Junior Member
    Join Date
    Sep 2007
    Posts
    19

    Angry help with removing virtumonde

    ive got 4 anti virus software and only spybot search&destroy can help because it is the only one to detect the virus "virtumonde" but every time i have tryed to fix the problem i run a extra search to make sure it deleted but it gets detected again.

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hello.
    Quote Originally Posted by elmoisevil View Post
    ive got 4 anti virus software
    By anti virus software, are you perhaps confusing them with anti spyware, because only one resident AV should be running.

    Please produce a short log, which will also show the version of Spybot-S&D you have installed.
    • Open SpyBot.
    • Check for problems.
    • When the scan completes, right click on the results list, select "Copy results to clipboard". (Not the full report option.)
    • Paste (Ctrl+V) those results to a new post in this thread, and someone will take a look.


    Cheers.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  3. #3
    Junior Member
    Join Date
    Sep 2007
    Posts
    1

    Default Vitrumonde infection

    I have the same problem. Here's my report:

    AdRevolver: Tracking cookie (Firefox: Tina) (Cookie, fixed)


    Winsoftware: Tracking cookie (Firefox: Tina) (Cookie, fixed)


    Winsoftware: Tracking cookie (Firefox: Tina) (Cookie, fixed)


    Winsoftware: Tracking cookie (Firefox: Tina) (Cookie, fixed)


    Winsoftware: Tracking cookie (Firefox: Tina) (Cookie, fixed)


    Winsoftware: Tracking cookie (Firefox: Tina) (Cookie, fixed)


    MediaPlex: Tracking cookie (Firefox: Tina) (Cookie, fixed)


    MediaPlex: Tracking cookie (Firefox: Tina) (Cookie, fixed)


    ErrorSafe: Tracking cookie (Firefox: Tina) (Cookie, fixed)


    ErrorSafe: Tracking cookie (Firefox: Tina) (Cookie, fixed)


    AdRevolver: Tracking cookie (Firefox: Tina) (Cookie, fixed)


    AdRevolver: Tracking cookie (Firefox: Tina) (Cookie, fixed)


    AdRevolver: Tracking cookie (Firefox: Tina) (Cookie, fixed)


    AdRevolver: Tracking cookie (Firefox: Tina) (Cookie, fixed)


    Winsoftware: Tracking cookie (Firefox: Tina) (Cookie, fixed)


    Winsoftware: Tracking cookie (Firefox: Tina) (Cookie, fixed)


    Winsoftware: Tracking cookie (Firefox: Tina) (Cookie, fixed)


    Winsoftware: Tracking cookie (Firefox: Tina) (Cookie, fixed)


    Virtumonde: Tracking cookie (Firefox: Tina) (Cookie, fixed)


    ErrorSafe: Tracking cookie (Firefox: Tina) (Cookie, fixed)



    --- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

    2005-05-31 blindman.exe (1.0.0.1)
    2005-05-31 SpybotSD.exe (1.4.0.3)
    2005-05-31 TeaTimer.exe (1.4.0.2)
    2006-05-29 unins000.exe (51.41.0.0)
    2005-05-31 Update.exe (1.4.0.0)
    2007-05-23 advcheck.dll (1.5.3.0)
    2005-05-31 aports.dll (2.1.0.0)
    2005-05-31 borlndmm.dll (7.0.4.453)
    2005-05-31 delphimm.dll (7.0.4.453)
    2005-05-31 SDHelper.dll (1.4.0.0)
    2007-07-31 Tools.dll (2.1.2.0)
    2005-05-31 UnzDll.dll (1.73.1.1)
    2005-05-31 ZipDll.dll (1.73.2.0)
    2007-09-19 Includes\Cookies.sbi (*)
    2007-07-25 Includes\Dialer.sbi (*)
    2007-09-19 Includes\DialerC.sbi (*)
    2007-08-29 Includes\Hijackers.sbi (*)
    2007-09-19 Includes\HijackersC.sbi (*)
    2007-07-25 Includes\Keyloggers.sbi (*)
    2007-09-19 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2007-09-12 Includes\Malware.sbi (*)
    2007-09-19 Includes\MalwareC.sbi (*)
    2007-09-05 Includes\PUPS.sbi (*)
    2007-09-19 Includes\PUPSC.sbi (*)
    2007-09-19 Includes\Revision.sbi (*)
    2007-05-30 Includes\Security.sbi (*)
    2007-09-19 Includes\SecurityC.sbi (*)
    2007-09-12 Includes\Spybots.sbi (*)
    2007-09-19 Includes\SpybotsC.sbi (*)
    2007-08-21 Includes\Tracks.uti
    2007-09-12 Includes\Trojans.sbi (*)
    2007-09-19 Includes\TrojansC.sbi (*)
    2007-06-06 Plugins\TCPIPAddress.dll
    Last edited by Teensy; 2007-09-26 at 12:34.

  4. #4
    Junior Member
    Join Date
    Sep 2007
    Posts
    19

    Default

    i have done what you said, but do i have to put it in the form or do i have to go into another form

  5. #5
    Senior Member
    Join Date
    Oct 2005
    Posts
    202

    Default

    It seems that you have problems to remove cookies from Firefox. This could be caused by a bug in Spybot-S&D 1.4 which you are using. Spybot-S&D 1.5 doesn't seem to have this bug so it is recommended to upgrade your version:
    http://www.safer-networking.org/en/mirrors/index.html

    In order to avoid possible problems with the old version it is advisable to uninstall Spybot-S&D 1.4 before installing the new version.

    Here you can find an uninstall instruction from Team Spybot:
    http://www.safer-networking.org/en/howto/uninstall.html

    Apart from that, tracking cookies reappear as soon as you visit the host website again. Spybot-S&D 1.5 provide a new immunize feature for Firefox which should automatically block the tracking cookies which the software is able to detect.

  6. #6
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hi elmoisevil.

    You can copy paste the short log here as Teensy did.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  7. #7
    Junior Member
    Join Date
    Sep 2007
    Posts
    1

    Default

    Shut off system restore and boot in safe mode

    run Spybot from safe mode fix problems,, then run it again till it comes up with a clean run no problems found

    then you can re-boot in regular mode, and turn on your system restore again

    Some spyware embeds itself into your system restore files and they just pop back into action from there after you have "deleted" them,, when you actually didnt, turning off system restore is only way to emove some malware

    T

  8. #8
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Quote Originally Posted by TSmith62x3 View Post
    Shut off system restore
    http://forums.spybot.info/showthread.php?t=288
    Please do NOT turn off System Restore trying to remove an infection. Doing so would only serve to destroy a known restore point (not good) and won't remove the malware. Let your helper advise you as to when a System Restore flush is called for.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  9. #9
    Junior Member
    Join Date
    Sep 2007
    Posts
    1

    Angry Ayuda Con Virtumonde

    Por favor...que alguine me ayude a remover este trojano.....Virtumonde...ya me tiene jorro...si alguien sabe como por favor diganmelo

  10. #10
    Junior Member
    Join Date
    Sep 2007
    Posts
    19

    Default

    hi
    ive allready posted it up in the malware form and someone called markka is helping me but his way seem to be very long and can dangor the health of my com so ill post my most recent log


    Virtumonde: [SBI $7342F9D9] Settings (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-602162358-152049171-854245398-1005\Software\Microsoft\aldd


    --- Spybot - Search & Destroy version: 1.5 (build: 20070830) ---

    2007-08-31 blindman.exe (1.0.0.6)
    2007-08-31 SDMain.exe (1.0.0.4)
    2007-08-31 SDUpdate.exe (1.0.6.4)
    2007-08-31 SDWinSec.exe (1.0.0.8)
    2007-08-31 SpybotSD.exe (1.5.1.15)
    2007-08-31 TeaTimer.exe (1.5.0.9)
    2007-09-26 unins000.exe (51.46.0.0)
    2007-08-31 Update.exe (1.4.0.5)
    2007-08-31 advcheck.dll (1.5.3.0)
    2007-04-02 aports.dll (2.1.0.0)
    2007-04-02 DelZip179.dll (1.79.5.3)
    2007-08-31 SDHelper.dll (1.5.0.8)
    2007-08-31 Tools.dll (2.1.2.0)
    2007-09-26 Includes\Cookies.sbi (*)
    2007-07-25 Includes\Dialer.sbi (*)
    2007-09-26 Includes\DialerC.sbi (*)
    2007-08-29 Includes\Hijackers.sbi (*)
    2007-09-26 Includes\HijackersC.sbi (*)
    2007-07-25 Includes\Keyloggers.sbi (*)
    2007-09-26 Includes\KeyloggersC.sbi (*)
    2007-09-12 Includes\Malware.sbi (*)
    2007-09-26 Includes\MalwareC.sbi (*)
    2007-09-05 Includes\PUPS.sbi (*)
    2007-09-26 Includes\PUPSC.sbi (*)
    2007-09-26 Includes\Revision.sbi (*)
    2007-05-30 Includes\Security.sbi (*)
    2007-09-26 Includes\SecurityC.sbi (*)
    2007-09-12 Includes\Spybots.sbi (*)
    2007-09-26 Includes\SpybotsC.sbi (*)
    2007-08-21 Includes\Tracks.uti
    2007-09-12 Includes\Trojans.sbi (*)
    2007-09-26 Includes\TrojansC.sbi (*)
    2008-12-24 Plugins\TCPIPAddress.dll

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •