Results 1 to 4 of 4

Thread: VIRTUMONDE Infected - Help Appreciated!!!

  1. #1
    Junior Member
    Join Date
    Jun 2008
    Posts
    3

    Exclamation VIRTUMONDE Infected - Help Appreciated!!!

    Hey. First i just wan't to say that ive been reading the other posts about Virtumonde and i didnt know if i should post my quest there or if i should create a new one... Anyways.

    ALL MY INFO:
    **********
    Well, the pc just started to slower and slower and at the end i restarted the computer to SafeMode and scanned it with Ad-Aware and Spy-Bot. Both of them detected 1 infection! Virtumonde. It was located in:

    HKEY_USERS > S-1-5-21-472136900-3222424326-2930229843-1000 > Software > Microsoft > contim

    i looked for it in the Registry editor (i didnt remove or change anything)!

    I totally belived that the virus was gone after those scans. but after a normal reboot it showed up again in the same place as before (i scanned with spybot again).

    Then i strated to be alittle scared of that crap! so i started googling abit and i found some programs that was only for removing this virus, here's some of them:

    FxV Monde
    VundoFix v6.5.10
    I also found another program with the same name "VundoFix"

    I scanned the pc with those scanners to (in safe mode) and both of them came up CLEAN!!!! and i really couldnt belive my eyes! What kinda removed virus is this?


    And thats pretty much all i know! ow, aight.. i read the other posts and i saw that u recommended them to download "ComboFix" and scan the pc.
    i did as you guys told me to, and here's the log!

    http://www.speedyshare.com/939333364.html<<-The log
    When you press download. It will come up a new window with the log.
    so, you won't be downloading it!!!



    Please respond with some good news! -Najkiie
    You can also reach me through my hotmail adress if you need to!:

    Last edited by tashi; 2008-07-01 at 09:26. Reason: removed email address, disabled link, removed language

  2. #2
    Junior Member
    Join Date
    Jun 2008
    Posts
    3

    Exclamation Sry if i spam o.O

    I just wanted to say, I'm using

    Windows Vista Ultimate SP1 32-bit

    if you needed to know that for some reason

    and i posted 2 the same post abowe... rread the second one. Couse i just edited the fist one... i forgot to say a thing...
    Last edited by tashi; 2008-07-01 at 09:05. Reason: removed second post which quoted the first post

  3. #3
    Junior Member
    Join Date
    Jun 2008
    Posts
    3

    Talking Sry, to late!

    I just want to say, TO LATE. ive been waiting for over 2 days now and i havnt got even 1 respond.

    I do want to recommend everyone else to download and install the FULL version of Spyware Doctor from Pc Tools. That seems to be the only program that actually REMOVES the trojan.

    thnx anyways!

  4. #4
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,484

    Default

    Hello Najkiie,

    Reading a forum's sticky topics before posting is always a good idea.
    Quote Originally Posted by Najkiie View Post
    I just want to say, TO LATE. ive been waiting for over 2 days now and i havnt got even 1 respond.
    This forum's helpers are all volunteers, and it is not a shop.

    The Waiting Room: Post here if waiting for help longer than four days


    Quote Originally Posted by Najkiie View Post
    Hey. First i just wan't to say that ive been reading the other posts about Virtumonde and i didnt know if i should post my quest there or if i should create a new one... Anyways.


    And thats pretty much all i know! ow, aight.. i read the other posts and i saw that u recommended them to download "ComboFix" and scan the pc.
    i did as you guys told me to, and here's the log!

    http://www.speedyshare.com/939333364.html<<-The log
    When you press download. It will come up a new window with the log.
    so, you won't be downloading it!!!
    "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance)
    All logs should be copy/pasted into topic
    Posting additional comments or logs before a volunteer responds, can push you back instead of forward, because your thread ends up with a newer date. Also, helpers may think you are already being assisted because of the post count.
    • ComboFix is not a general purpose cleaning tool, please do not use this tool without supervision.


    • Please note that all instructions given are customized for that member's computer only, the tools used may cause damage if run on a computer with different infections. Your symptoms may only appear to be similar.
    Do NOT run 'fixes' before helpers have analyzed the HJT log


    Quote Originally Posted by Najkiie View Post
    You can also reach me through my hotmail adress if you need to!:
    For your own safety and privacy, please do not post your email, personal address or phone number.
    http://forums.spybot.info/faq.php?fa...faq_signatures

    Regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •