Results 1 to 2 of 2

Thread: Virtumonde HELL

  1. #1
    Junior Member
    Join Date
    Jul 2008
    Posts
    1

    Unhappy Virtumonde HELL

    Hi guys,

    I downloaded a file, which I thought was trusted and all of a sudden I started to see popups and shortcuts appearing on my desktop.

    I immediately stopped the installation and went to my TuneUp Utilities 2008 - Startup Manager - I noticed many processes, such as 1.exe, 2.exe, 4.exe etc. Two directories were also made in Program files. The one was something like VNV and the other PC Health...I think...

    There also were a few icons (next to the time, at the bottom right of my startbar) which mimics some sort of "Anti-virus software".

    I immediately downloaded and ran Spybot and Spybot picked up the "Virtumonde" trojan - 4 of them.

    I cannot remove them, although I have tried. I have even downloaded Vundofix, but that also didn't work.

    Everytime I go to TuneUp Utilities - Startup Manager 4 processes appear:

    2x "command" AND
    2x "command prompt"

    i have disabled and deleted it from the Startup Manager, but when I return it is back again...

    Another thing I have noticed...I cannot use Windows Update anymore. The Automatic updates also cannot be started. Even when I go to services.msc and click on "Automatic Updates" and select "Automatic" and then automatically changes to "Disabled" ... there is also no "Start" or "Restart" function...

    I doubt it is even "Virtumonde" - what else can it be?

    Please help...Pleaseee.....

    Thanks a lot

  2. #2
    Spybot Advisor Team [Retired] md usa spybot fan's Avatar
    Join Date
    Oct 2005
    Posts
    5,859

    Default

    thesaintsa:

    What version of Spybot - Search & Destroy are you running (Spybot » Help » About)?

    If you are not running Spybot 1.6.0.30, consider upgrading. The downloads are located here:

    If you are running Spybot 1.6.0.30 and it did not correct the problem, consider posting in the Malware Removal forum and having someone take a look at your system.

    If you decide to have an experienced malware removal specialist assist you, please follow the procedure in this link to run scans and produce a HijackThis log:
    After you have completed the required scans and produced the requested logs, start your own thread in the Malware Removal forum, making sure to post the HijackThis log produced from the above instructions.

    Getting an answer is one thing, learning is another.


    Microsoft Windows XP Home Edition running on a 2.40GHz Intel® Pentium® 4 Processor with 512 MB of RAM and a 533 MHz System Bus.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •