PDA

View Full Version : Virtumonde.sci



Candygirl
2012-03-16, 02:07
Hello, this is my first time posting on this thread. I'm hoping to get some help removing an infection called Virtumonde.sci. Spybot found it and I decided to do some research on it before removing it since some malware tend to replicate themselves. I found out this is a very nasty and hard to get rid of rootkit. My computer was acting up and going reallyy slow and a lot of things were removed or disabled without my doing, so I had decided to backup my files and then do a complete system recovery, not only b/c of how it was acting but because I wanted to start new again.

Well, everything went faster and better after that and the first thing I did was install Spybot/Malwarebytes/AVG and ran a scan. Virtumonde.sci showed up on Spybot again as a registry key and it also showed up on Malwarebytes as "Browser Helper Object." I was told a program called ComboFix would get rid of it so I ran it (before knowing not to do it unless being told or knowing how powerful it was) and it found it and restarted my computer and upon restart it told me it had cleaned it. So I ran a scan again to be sure and I was pleased to see it was gone.

.....I did another system recovery anyway to be sure its really gone, and just as I thought the damn thing showed up on the Spybot/Malwarebytes scan again. At this point I dunno what to do anymore. I'm running out of ideas. Can anyone please help me get rid of this thing once and for all?? :(

tashi
2012-03-16, 04:14
Hello Candygirl,

Please see the forum sticky which includes guidelines for this forum and instructions in post #2 on how to provide the preliminary "DDS" logs used for analysis.

http://forums.spybot.info/showthread.php?t=288

Then start a new topic providing the DDS logs as shown in that sticky with a link back to this thread and a volunteer analyst will advise you when available. :)

If DDS won't run and produce a log please start a new topic anyway and explain the situation.

Best regards.