View Full Version : please help
I just reinstalled SSD because my old one was not updating....kept telling me there were no new updates. When I finally got it running, now that the scan is finished, it found two threats:
Virtumonde (which sounds really ominous)
and Microsoft. WindowsSecurityCenter.AntivirusOverride
I told SSD to remove them, but I've been reading how other folks had Virtumonde come back repeatedly. So I'm worried.
What do I do now? :hair:
drragostea
2008-12-23, 04:52
sbcgirl:
Consider posting in the Malware Removal (http://forums.spybot.info/forumdisplay.php?f=22) forum and having someone take a look at your system.
If you decide to have an experienced malware removal specialist assist you, please follow the procedure in this link to run scans and produce a HijackThis log: "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) ( http://forums.spybot.info/showthread.php?t=288).
After you have completed the required scans and produced the requested logs, start your own thread in the Malware Removal (http://forums.spybot.info/forumdisplay.php?f=22) forum, making sure to post the HijackThis log produced from the above instructions.
______________
maybe I should leave well enough alone, unless the Virtumonde reappears? Or does the SSD removal not completely remove it? I don't even have any idea what the other thing is.
drragostea
2008-12-24, 00:01
Oh, well from your post, I just thought you had Virtumonde on your machine (Virtumonde/Vundo is a trojan) so you need help removing it. :funny:
So I can assume Spybot removed it (then no need to follow the instructions above)?
My description of the second entry would be that: Spybot is telling you that something is disabling the monitoring of the Windows Security Center for the AntiVirus section, thus this means that you will not be notified if your AV is disabled (means no protection). It could be another anti-virus program that causes this (like Norton) or something malicious.
To resolve this, just fix the second entry (which will reset the registry value to default).
sbcgirl's malware forum topic: http://forums.spybot.info/showthread.php?t=42213