Results 1 to 5 of 5

Thread: Lots of Virtumonde files in scan

  1. #1
    Junior Member
    Join Date
    Oct 2009
    Posts
    2

    Default Lots of Virtumonde files in scan

    Hello,

    I've decided to register because I am wondering about a few things concerning the trojan virtumonde.

    I was using Vista but changed today for Windows Seven, the fact is that I had virtumonde on vista, but was able to delete it. Then my computer began working much better (because it was very slow before) but it seemed that all the files created by virtumonde were still on the disk.

    When I launch a complete scan with Spybot, there are something like 650 000 files, and close to 500 000 are virtumonde (it can be dll, sci or sdn i think).

    My computer is working just fine, and what I am wondering is : why are there so many files for virtumonde, and I could I delete them from my computer if they are on it.

    It seems that when I installed Seven, it didn't really format the hard-drive, because if it was the case I suppose that I would not have those virtumonde files anymore.

    I hope that someone will be able to answer me.

    And thanks for creating Spybot, I have recommanded it alot amongst my friends and family

  2. #2
    Senior Member Matt's Avatar
    Join Date
    Aug 2006
    Location
    Bavaria
    Posts
    1,169

    Default

    Hi cireza,

    to Safer Networking Forums.

    Quote Originally Posted by cireza View Post
    I was using Vista but changed today for Windows Seven, the fact is that I had virtumonde on vista, but was able to delete it.
    Can you post the logfile from Spybot after this scan?

    Quote Originally Posted by cireza View Post
    When I launch a complete scan with Spybot, there are something like 650 000 files, and close to 500 000 are virtumonde (it can be dll, sci or sdn i think).

    My computer is working just fine, and what I am wondering is : why are there so many files for virtumonde, and I could I delete them from my computer if they are on it.

    It seems that when I installed Seven, it didn't really format the hard-drive, because if it was the case I suppose that I would not have those virtumonde files anymore.

    I hope that someone will be able to answer me.

    And thanks for creating Spybot, I have recommanded it alot amongst my friends and family
    I guess your are talking about malware description under the (green) status bar. This status bar should only tell you that Spybot is searching for a specific Malware at the moment.
    And yes, you are right. Spybot has about 400.000 to 500.000 detection rules about Virtumonde in it's database. The reason for that is very simple:
    The virtumonde trojan changes every day.

    I see almost every day new malware files, which belong to Virtumonde.

    If Spybot detects Virtumone on your computer, it looks like that.

    So my question:
    Did Spybot find Virtumonde on your computer or are you only worried about the fact that Spybot searches a long time for this kind of Malware?
    Best regards - Beste Grüße,

    Matt

  3. #3
    Junior Member
    Join Date
    Oct 2009
    Posts
    2

    Default

    Hi Matt,

    First of all, thank you for answering me.

    I read your post entirely and there is no need for me to post a log file from Spybot because you were able to solve my problem.

    I was indeed worried by the fact that so many rules had the Virtumonde name because I thought that I had as many files on my hard-drive that were infected.

    But in fact, I do not have any warning like the ones you have shown me in your picture, so everything is fine then. I was just a little bit worried because of the time it spent on searching for this malware !

    Thanks

  4. #4
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hello csnomolas, your post containing a HJT log has been moved to the Malware forum.
    http://forums.spybot.info/showthread.php?t=52551

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  5. #5
    Senior Member Matt's Avatar
    Join Date
    Aug 2006
    Location
    Bavaria
    Posts
    1,169

    Default

    Quote Originally Posted by tashi View Post
    Hello csnomolas, your post containing a HJT log has been moved to the Malware forum.
    http://forums.spybot.info/showthread.php?t=52551

    Best regards.
    Wrong post?


    Quote Originally Posted by cireza View Post
    Hi Matt,

    First of all, thank you for answering me.

    I read your post entirely and there is no need for me to post a log file from Spybot because you were able to solve my problem.

    I was indeed worried by the fact that so many rules had the Virtumonde name because I thought that I had as many files on my hard-drive that were infected.

    But in fact, I do not have any warning like the ones you have shown me in your picture, so everything is fine then. I was just a little bit worried because of the time it spent on searching for this malware !

    Thanks
    You're welcome.
    Best regards - Beste Grüße,

    Matt

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •