• Welcome Guest, to the Spybot Forums! It's 2025, and we just upgraded our forum software.

    Today is Safer Internet Day, and with our new forum, you can finally use passkeys to login. That was about time!

    Of course, you could ask if a forum is still useful, with so many social media networks out there where you might already have an account, and met a lot of users. You can now use your login from some of those networks to log in here. And by posting here, your question and data is stored on our servers and not automatically shared with a whole social media network.

    We'll also start using the forum for small bits of information, announcements and more again.

Need help with Virtumonde

I

itsdathon

New member
I need some help getting rid of this Virtumonde. This is the most difficult trojan to remove I've ever encountered. I've used 4 or 5 tools designed to remove it and they all failed. None of them listed the exact files created by it, but I have managed to remove the catras dlls and the sartac.ini it created. No matter what I do I can't get rid of the msevents.1 registry entries.
Any help would be appreciated.

Dathon
 
Hi

Please download VundoFix.exe to your desktop.
1. Double-click VundoFix.exe to run it.
2. Put a check next to Run VundoFix as a task.
3. You will receive a message saying vundofix will close and re-open in a minute or less. Click OK
4. When VundoFix re-opens - Click the "Scan for Vundo" button.
5. Once it's done scanning, click the "Remove Vundo" button.
6. You will receive a prompt asking if you want to remove the files, click "YES".
7. Once you click yes, your desktop will go blank as it starts removing Vundo.
8. When completed, VundoFix will prompt that it will shutdown your computer; click "OK".
9. Turn your computer back on.
10. Please post the contents of C:\vundofix.txt and a new HiJackThis log.

steam
 
You must log in or register to reply here.
Back
Top