Can't get rid off Virtumonde

**owlsr1** · 2009-02-03, 16:10

I've disconnected cable modem and have run Spybot 1.6.0 as well as 1.6.2. Both versions detect Virtumonde.sci in registry but upon Restart it's unable to fix as reported "Some problems couldn't be fixed; the reason could be that the associated files are still in use (in memory)....."

I've responded YES to above message and spybot finishes with same message. What can I do to get rid of this Virus? What other info. do you need?

I've noticed during SpyBot scan the following objects: (virumonde.sci, virumonde.sdn, virumonde.dll, virumonde.generic, and virumonde.prx).

System details:
Windows XP Home, Service Pack 1
AdAware
SpyBot
Norton anti-virus

PS I was running AdAware, SpyBot and Norton in preparation to upgrade to Service Pack 2.

John S.

**md usa spybot fan** · 2009-02-03, 16:22

owlsr1 (John S.):

Consider posting in the Malware Removal forum and having someone take a look at your system.

If you decide to have an experienced malware removal specialist assist you, please follow the procedure in the following link and produce a HijackThis log:

"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance).

After you have read and followed those instructions (excluding running a Spybot scan since it seems you can't), start your own thread in the Malware Removal forum, making sure to post the HijackThis log produced from those instructions.

_____

Originally Posted by owlsr1

System details:
Windows XP Home, Service Pack 1

One of the primary ways to prevent malware is to keep your system's software up to date. Windows XP systems should be at SP3.

**owlsr1** · 2009-02-03, 16:36

Originally Posted by owlsr1

I've disconnected cable modem and have run Spybot 1.6.0 as well as 1.6.2. Both versions detect Virtumonde.sci in registry but upon Restart it's unable to fix as reported "Some problems couldn't be fixed; the reason could be that the associated files are still in use (in memory)....."

I've responded YES to above message and spybot finishes with same message. What can I do to get rid of this Virus? What other info. do you need?

I've noticed during SpyBot scan the following objects: (virumonde.sci, virumonde.sdn, virumonde.dll, virumonde.generic, and virumonde.prx).

System details:
Windows XP Home, Service Pack 1
AdAware
SpyBot
Norton anti-virus

PS I was running AdAware, SpyBot and Norton in preparation to upgrade to Service Pack 2.

John S.

HJT:

Logfile of Trend Micro HijackThis v2.0.2

__________________________________

Please post the log here: Malware Removal Forum

**md usa spybot fan** · 2009-02-03, 16:51

owlsr1 (John S.):

You posted your HijackThis log in the wrong place!!!

Please do NOT post hjt logs in the Spybot forum, see here for link to malware removal
http://forums.spybot.info/showthread.php?t=1266

I suggested that you post in the Malware Removal forum.

Thread: Can't get rid off Virtumonde

Thread Tools

Display

Can't get rid off Virtumonde

Posting Permissions