PleaseAdvise
New member
Hello. Let me please start by saying that Vista is my O/S. I hope you can help me. 
This morning, I uninstalled an older version of Spybot-S&D (SSD) and downloaded and ran SSD v. 1.6.2. All worked well, I think: During the scan, no malware was detected.
However, prior to uninstalling/installing this morning, over the past three days, I was receiving red alerts from SSD about a Virtumonde infection, as well as notices from SSD that there had been deletions to my registry regarding SSD. Whenever I received those notices, I tried to "deny changes" to the registry, but that didn't work; those S&D notice boxes kept jumping into view. I also repeatedly asked SSD to clean up the Virtumonde infection, but that didn't work, either.
I was, therefore, very nervous and ran, two days ago, Vundofix.exe (which specifically roots out and supposedly destroys Virtumonde) and also installed Malwarebytes-AntiMalware (MWAB). To my surprise, neither Vundofix nor MWAB found any Virtumonde infection (nor did Norton Internet Security (NIS), which I already had installed), but despite repeated reboots, SSD continued to alert me to this infection. (Please note that it has always been my practice to run SSD updates and immunizations prior to each scan.) I began to suspect a false-positive reading from SSD regarding Virtumonde, especially since I have not been subjected to any pop-up windows (although it's true that I have blocked all pop-ups in my Windows security settings), nor have I noticed any other system problems at all.
This morning (after deleting SSD's older version), as part of the process of installing SSD v. 1.6.2, I allowed SSD to make a back-up of my [registry?]. Now, I am wondering if, by my having made a back-up, whatever changes to my registry that Virtumonde -- if it did or does exist on my laptop -- may have made prior to this morning's back-up, would no longer be detectable by SSD. Should I NOT have made the back-up with today's date???
In short, should I take SSD's previous red alerts about Virtumonde seriously and believe that my laptop was indeed (and may still be) infected with this Trojan -- or was this a false positive from an older version of SSD?
I'm sorry that I didn't record the exact name of the Virtumonde infection that SSD was detecting or the registry changes to which it was alerting me. I hope this is sufficient information for you to address my concern. Thanks in advance for your help!
P.S.: Please note that MWAB found and removed two other infections (Rogue.SpyCleaner and Rogue.WinAntivirus) that neither SSD nor NIS were able to detect.
				
			
This morning, I uninstalled an older version of Spybot-S&D (SSD) and downloaded and ran SSD v. 1.6.2. All worked well, I think: During the scan, no malware was detected.
However, prior to uninstalling/installing this morning, over the past three days, I was receiving red alerts from SSD about a Virtumonde infection, as well as notices from SSD that there had been deletions to my registry regarding SSD. Whenever I received those notices, I tried to "deny changes" to the registry, but that didn't work; those S&D notice boxes kept jumping into view. I also repeatedly asked SSD to clean up the Virtumonde infection, but that didn't work, either.
I was, therefore, very nervous and ran, two days ago, Vundofix.exe (which specifically roots out and supposedly destroys Virtumonde) and also installed Malwarebytes-AntiMalware (MWAB). To my surprise, neither Vundofix nor MWAB found any Virtumonde infection (nor did Norton Internet Security (NIS), which I already had installed), but despite repeated reboots, SSD continued to alert me to this infection. (Please note that it has always been my practice to run SSD updates and immunizations prior to each scan.) I began to suspect a false-positive reading from SSD regarding Virtumonde, especially since I have not been subjected to any pop-up windows (although it's true that I have blocked all pop-ups in my Windows security settings), nor have I noticed any other system problems at all.
This morning (after deleting SSD's older version), as part of the process of installing SSD v. 1.6.2, I allowed SSD to make a back-up of my [registry?]. Now, I am wondering if, by my having made a back-up, whatever changes to my registry that Virtumonde -- if it did or does exist on my laptop -- may have made prior to this morning's back-up, would no longer be detectable by SSD. Should I NOT have made the back-up with today's date???
In short, should I take SSD's previous red alerts about Virtumonde seriously and believe that my laptop was indeed (and may still be) infected with this Trojan -- or was this a false positive from an older version of SSD?
I'm sorry that I didn't record the exact name of the Virtumonde infection that SSD was detecting or the registry changes to which it was alerting me. I hope this is sufficient information for you to address my concern. Thanks in advance for your help!
P.S.: Please note that MWAB found and removed two other infections (Rogue.SpyCleaner and Rogue.WinAntivirus) that neither SSD nor NIS were able to detect.
 
	 
			
		
		
		
	
	
			
		 
 
		