Another Virtumonde attack

Hi,

Might be worth backing up files there to external hard drive for example and then empty the folder.
 
I think I'll do that, but before I saw your most recent post I'd started running kaspersky again, just to be sure the computer was clear, & it seems the viruses it found originally have come back:
**************
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Tuesday, February 17, 2009
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Tuesday, February 17, 2009 04:17:41
Records in database: 1806620
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\

Scan statistics:
Files scanned: 71612
Threat name: 2
Infected objects: 3
Suspicious objects: 0
Duration of the scan: 01:40:39


File name / Threat name / Threats count
C:\System Volume Information\_restore{B6387AD4-48E1-4511-AA40-A245D4C401AE}\RP4\A0000121.dll Infected: not-a-virus:AdWare.Win32.VB.ad 1
C:\System Volume Information\_restore{B6387AD4-48E1-4511-AA40-A245D4C401AE}\RP4\A0000122.exe Infected: not-a-virus:AdWare.Win32.VB.ad 1
C:\System Volume Information\_restore{B6387AD4-48E1-4511-AA40-A245D4C401AE}\RP4\A0000122.exe Infected: Trojan-Clicker.Win32.VB.zc 1

The selected area was scanned.
 
Hi,

Each of those were found in system restore which should be fine after following these steps in one of my previous posts:
Let's reset system restore
Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: You will lose all previous restore points which are likely to be infected. Please note you need Administrator Access to do clean the restore points.

1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

2. Reboot.

3. Turn ON System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.
NOTE: only do this ONCE,NOT on a regular basis
Click to expand...
 
You're welcome :)

Monitor your system for a few days and keep me updated of the situation.
 
Hi,

Everything seems to be fine now. I re-ran the system restore and I got rid of everything in the download folder. Now everything seems to be running as befor.

Thanks again.
 
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help. :)

Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than four days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.
 
You must log in or register to reply here.
Back
Top