ningauble42
2007-12-20, 17:38
Tashi sent me here
I will give you a story first
On 12/12/07 when I was surfing the net I got a virus warning from my avast virus protection. I did as I was told and told it to remove it.
Right after that the popups started coming. I then after a long period of headaches downloaded spyware terminator (however I did download one of the bad one's too by accident due to the popups, not sure which one). Anyway I found that a compay named webbuying.net loaded their software on my machine and I could go to their web site, click on the remove button and it would uninstall their software. Well, it did not work well, but after going through a bunch of girations I think I removed it. But the problem kept coming back.
So now I downloaded your software. When I executed it and it began to run it kept saying it found Virtumonde do you want to remove it. I kept saying yes, but it kept coming back. Anyway I termintated it, disconnected from the net and reran your software. It found 29 problems which I deleted all of them. Some are AdRevolver, Bookmark Express, Smitfaud-c.coreservice, Virtrumonde.ddc (6 entries), Virtumonde (7 entries), Zedo.
I then reran your software and it stated it was clean. I connected to the net, surfed around and the popups started coming. Disconnected from the net, reran your software and it came up with the following
Virtumonde (3 entries)
The details on one is
HKEY_USERS\S-1-5-21-3514461561-3019831346-2065049576-1007\SOFTWARE\MICROSOFT\ADD
They are all register keys
Looks like when I went back on the net it re-downloaded
Also, how do I know if Resident is on a real time run? I thought there would be something in the lower right hand corner showing something running but I don't see it on my machine
Since this message I sent and was redirected to post here I deleted these three. re-installed your software and the real time protection seems to have showed up. Maybe I told it not to initially.
Anyway your software is showing Virtrumonde.ddc, Virtumonde. One entry of each.
Once I get home I can post a log. Just need to know how to get one generated and to you. I am on CDT so that will be in about 8 hrs.
Also, should I start changing passwords on banks and stuff or wait until you get the download?
Ningauble42
I will give you a story first
On 12/12/07 when I was surfing the net I got a virus warning from my avast virus protection. I did as I was told and told it to remove it.
Right after that the popups started coming. I then after a long period of headaches downloaded spyware terminator (however I did download one of the bad one's too by accident due to the popups, not sure which one). Anyway I found that a compay named webbuying.net loaded their software on my machine and I could go to their web site, click on the remove button and it would uninstall their software. Well, it did not work well, but after going through a bunch of girations I think I removed it. But the problem kept coming back.
So now I downloaded your software. When I executed it and it began to run it kept saying it found Virtumonde do you want to remove it. I kept saying yes, but it kept coming back. Anyway I termintated it, disconnected from the net and reran your software. It found 29 problems which I deleted all of them. Some are AdRevolver, Bookmark Express, Smitfaud-c.coreservice, Virtrumonde.ddc (6 entries), Virtumonde (7 entries), Zedo.
I then reran your software and it stated it was clean. I connected to the net, surfed around and the popups started coming. Disconnected from the net, reran your software and it came up with the following
Virtumonde (3 entries)
The details on one is
HKEY_USERS\S-1-5-21-3514461561-3019831346-2065049576-1007\SOFTWARE\MICROSOFT\ADD
They are all register keys
Looks like when I went back on the net it re-downloaded
Also, how do I know if Resident is on a real time run? I thought there would be something in the lower right hand corner showing something running but I don't see it on my machine
Since this message I sent and was redirected to post here I deleted these three. re-installed your software and the real time protection seems to have showed up. Maybe I told it not to initially.
Anyway your software is showing Virtrumonde.ddc, Virtumonde. One entry of each.
Once I get home I can post a log. Just need to know how to get one generated and to you. I am on CDT so that will be in about 8 hrs.
Also, should I start changing passwords on banks and stuff or wait until you get the download?
Ningauble42