Hello everyone, This monster that is "virtumonde" seems now to be on loads of threads, I noticed "Wikipedia" had a page dedicated to it, with a link to site a called Atribune.. "vundofix with a removal tool. Anyone know anything at all about this tool ? or is it another waste of time. Sorry if this has been mentioned before, but i thought i'd ask before delving any further into the "Atribune" site.

Thanks a lot, dic penderyn. :santa:

Hi there,

Anyone know anything at all about this tool ? or is it another waste of time. :santa:

It is used for certain infections by our volunteer helpers in the malware removal forum.

An infection often comes with buddies, logs have to be analysed and we do not recommend people use tools willy nilly. ;)

FYI
Do NOT run 'fixes' before helpers have analyzed the HJT log (http://forums.spybot.info/showthread.php?t=16806)

"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)

Cheers.

I don't know if I'm allowed to post a reply here (it's in the tavern, but related to malware?) So if not, just delete this...

Spybot S&D discovered virtumonde on my computer, and after some research I downloaded and used VundoFix...It not only didn't fix virtumonde...it didn't even detect it! So at least for me, it was a waste of time...

Good luck getting rid of that fricken virtumonde..
~David

It is possible that there is a new variant of the Vundo/Virtumonde trojan out in the wild.

And very likely that I'd be the first to catch it... *sigh*:sad:

It could be possible, but there well a whole list of variables that could determine how you could have caught it. Does VundoFix (I've never used it before) produce a log after the scan has completed?

Do you still have Vundo on your machine?

David R. malware forum topic, 12-22-08: http://forums.spybot.info/showthread.php?t=42109