View Poll Results: Have you been infected with Virtumonde?

Voters
33. You may not vote on this poll
  • Yes

    21 63.64%
  • No

    12 36.36%
Page 1 of 6 12345 ... LastLast
Results 1 to 10 of 56

Thread: Have you been infected with Virtumonde?

  1. #1
    Senior Member Tom.K's Avatar
    Join Date
    Jul 2006
    Location
    The Universe / Milky Way / Solar System / Earth / Europe / Croatia
    Posts
    735

    Default Have you been infected with Virtumonde?

    I have viewed lots of threads in Malware Removal forum, and most of them have problems with Virtumonde. I've created a poll in which just want to see how much users have been infected. It's simple: Yes or No.
    If you have been infected with Virtumonde and removed it, or if you are still infected with Virtumonde, select Yes. If you never have been infected with Virtumonde, select No.

    If you are infected with Virtumonde and you need help, you can create a new thread in Malware Removal Forum, BUT before creating a new thread, you MUST read this thread first: "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) .
    N/A.

  2. #2
    Senior Member drragostea's Avatar
    Join Date
    Jan 2008
    Location
    @Home
    Posts
    3,674

    Default

    I would agree that most of the threads are related to Virtuemonde.

    However, my question is how Virtuemonde infects the computer. P2P? Malicious drive-by-downloads?

  3. #3
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,485

    Default

    Quote Originally Posted by drragostea View Post

    However, my question is how Virtuemonde infects the computer. P2P? Malicious drive-by-downloads?
    Malware changes all the time, safe surfing is the key.

    P2P, easiest route to 'any' infection.

    Java: Sun Microsystems~Java. Security vunerability in older versions left on system
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  4. #4
    Senior Member 129260's Avatar
    Join Date
    Sep 2007
    Location
    Somewhere in the USA
    Posts
    1,139

    Lightbulb i would assume drive by download

    because more infections are now spreading through "safe" sites. Known web sites that are classified as "safe" are being taken over by hackers, who in turn put threats on these sites, so then when a user goes on it, they are infected. This is where keeping your security software up to date, and using a secure browser that passed the acid 2 test, like firefox, comes into play.
    "I am learning just like everyone else"
    new members!
    Custom built PC. Windows 7 pro x64 16GB Ram
    AMD FX 8 core 8350 Black edition
    SABERTOOTH 990FX/GEN3 R2.0
    Asus HD 7870 2GB GDDR5

  5. #5
    Esteemed Member
    Join Date
    Oct 2005
    Posts
    554

    Default

    129260,

    Please try not to confuse a browser rendering test with security, they have nothing to do with one another.

    http://en.wikipedia.org/wiki/Acid2
    "Acid2 tests features of HTML and, more prominently, CSS. The purpose of testing such features is to identify standards compliance deficiencies in applications that render HTML."

    For its more limited set of built-in features, the FireFox browser has about the same number of similar vulnerabilities discovered in the same time frame as Internet Explorer.

    Vulnerability Report: Mozilla Firefox 2.0.x
    http://secunia.com/product/12434/?task=statistics

    Vulnerability Report: Microsoft Internet Explorer 7.x
    http://secunia.com/product/12366/?task=statistics

    The belief that FireFox is inherently more secure than Internet Explorer is a fallacy. All bowsers and in fact all software have vulnerabilities, the key is the availability and effectiveness of updates and keeping them current on your own systems.

    The confusion with FireFox is usually based on the fact that FireFox itself doesn't support ActiveX, which is where some of the vulnerabilities in Internet Explorer are found. This fact causes some to believe that FireFox is 'safer' when in fact it's simply lacking this ability altogether, so of course it won't have these particular vulnerabilities. If your Internet use requires the availability of ActiveX, which many corporate and other sites now do, switching to FireFox may not be an effective strategy at all.

    As for the original subject of this thread, extending what Tashi has already stated, the most virulent malware suites are evolving constantly so there can be no one answer to this question. There would also be no significant value to a poll of users placed in such a forum since those coming here have a higher probability of being infected in the first place and would thus distort any statistics gathered. A more valuable question might be what kind of anti-malware protection did those who got the infection have if any and did it give any indication that they were being infected? This might help others to better tune or understand their own protection situation and how effective it might be.

    Bitman

  6. #6
    Senior Member drragostea's Avatar
    Join Date
    Jan 2008
    Location
    @Home
    Posts
    3,674

    Default

    Yes, Java. But... I wonder why Java is even on any user's PC, like reinstalled.

    Is this because many "applications" or online "applications" such as Housecall that require Java?

    What would be happen (or disadvantages) of a computer not having Java installed?

  7. #7
    Guest
    Join Date
    Jun 2008
    Posts
    478

    Default

    Quote Originally Posted by drragostea View Post
    Yes, Java. But... I wonder why Java is even on any user's PC, like reinstalled.

    Is this because many "applications" or online "applications" such as Housecall that require Java?

    What would be happen (or disadvantages) of a computer not having Java installed?
    some speedtests wont work without java, i have had no use for java other than online virus scanners and speedtests, some years ago i used it to be able to play an online game but i havent played online games on a long time.

  8. #8
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,067

    Default

    my question is how Virtuemonde infects the computer
    any malware, virtumundo or otherwise can be installed several ways.
    ie:software install:(games,cracks, piggyback)
    e-mail, IM, social sites: (click random link or my picture etc)
    p2p: (more malicious software, mislabeled files)
    malicious web site: (drive-by, browser exploit, or "you need to install ...").

    There is no magic involved.The majority of malware is installed by the user. Malware installs rely heavily on social engineering tricks and the easiest link in the chain is: the user themselves. No software can think for you or save you from your own actions.
    How Can I Reduce My Risk?

  9. #9
    Senior Member Tom.K's Avatar
    Join Date
    Jul 2006
    Location
    The Universe / Milky Way / Solar System / Earth / Europe / Croatia
    Posts
    735

    Default

    I had downloaded cracks, but some of them worked. Those cracks were OK. But later, when I've wanted to download another crack (from same site and possibly same crack) , it seemed suspicious. It had .zip.exe extension. Then I've got confused. To download or not to download? With luck, I've decided to not download it. You should never download something with .zip.exe (a.k.a. expanded extensions) extensions (or .txt.exe, .bmp.exe, .mp3.exe .bla.exe ). Now I've removed cracks.

    A Question:
    Does Virtumonde has something with WinSoftware (WinAntiVirusPro,WinFixer and ErrorSafe)?
    Last edited by Tom.K; 2008-07-03 at 21:09.
    N/A.

  10. #10
    Senior Member drragostea's Avatar
    Join Date
    Jan 2008
    Location
    @Home
    Posts
    3,674

    Default

    Quote Originally Posted by Tom.K View Post
    A Question:
    Does Virtumonde has something with WinSoftware (WinAntiVirusPro,WinFixer and ErrorSafe)?
    Can't believe that some cracks actually worked. :P

    I think it was SmitFraud or something similar that installs the rogue programs. It could be Virtuemonde. I'm not sure, however, I'm sure that SmitFraud bombards your desktop with pop-ups.

    NEVER EVER open a file with .xxx.exe. The .xxx is a variable (.txt, .jpg, .bmp, etc.). That would indicate a executeable, so some else comes bundled with that ".jpg" file.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •