Help w/Vundo/Virtumonde

Hi peku006,

The Bitdefender scan is about 1/2 done, currently scanning c:\Program Files\Adobe and says it has an hour and 15 minutes left to finish. So far, it has found 5 viruses and 14 infected files. The viruses are identified as Generic.Peed.Eml.xxxxxxxx (various extensions for the xxxxxxxx).

Although I selected the settings for "report only" as you requested, it has deleted 16 files after trying to disinfect. It says at least one of the infected files could not be disinfected or deleted.

Do you want me to let this run to completion, or stop scanning?

Regards,

InfectedComputer
 
Hi peku006,

Here is the Bitdefender report. [I was puzzled as to how to send this to you, since it is a .html file which is not an allowable attachment. I was going to zip it, but I decided to try cut and paste, which seems to have worked.]

Regards,

InfectedComputer

---------------------------------------------------

BitDefender Online Scanner

Scan report generated at: Mon, Apr 06, 2009 - 10:21:31

Scan path: A:\;C:\;D:\;E:\;F:\;

Statistics

Time
01:52:50

Files
299858

Folders
8906

Boot Sectors
0

Archives
11618

Packed Files
33471



Results

Identified Viruses
9

Infected Files
21

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
23




Engines Info

Virus Definitions
2828941

Engine build
AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)

Scan plugins
17

Archive plugins
45

Unpack plugins
7

E-mail plugins
6

System plugins
4




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status
 
Last edited by a moderator:
Hi InfectedComputer

the scans are fine and it looks like your machine is clean :yahoo:

To remove all of the tools we used and the files and folders they created do the following:
Start OTScanIt2
Click the CleanUp button

* OTScanIt2 will delete any tools downloaded and files/folders created and then ask you to reboot so it can remove itself. Click Yes.

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Disable and Enable System Restore-WINDOWS XP
This is a good time to clear your existing system restore points and establish a new clean restore point:

Turn off System Restore
  • On the Desktop, right-click My Computer.
  • Click Properties.
  • Click the System Restore tab.
  • Check Turn off System Restore.
  • Click Apply, and then click OK.
  • Reboot.
Turn ON System Restore
  • On the Desktop, right-click My Computer.
  • Click Properties.
  • Click the System Restore tab.
  • UN-Check *Turn off System Restore*.
  • Click Apply, and then click OK.
This will remove all restore points except the new one you just created.

Here are some free programs I recommend that could help you improve your computer's security.

Spybot Search and Destroy 1.6
Download it from here. Just choose a mirror and off you go.
Find here the tutorial on how to use Spybot properly here

Install SpyWare Blaster 4.0
Download it from here
Find here the tutorial on how to use Spyware Blaster here

Install WinPatrol
Download it from here
Here you can find information about how WinPatrol works here

Install FireTrust SiteHound
You can find information and download it from here

Install MVPS Hosts File from here
The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
Find Tutorial here : http://www.mvps.org/winhelp2002/hosts.htm

Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector
F-secure Health Check

Visit Microsoft often to get the latest updates for your computer.
http://www.update.microsoft.com

Please check out Tony Klein's article "How did I get infected in the first place?"

Read some information here how to prevent Malware.


Happy safe surfing! :bigthumb:
 
Hi peku006,

Thank you for all your help.

Two issues --

1. If you recall, I mentioned at the outset that I had at least one of my USB flash drives and and at least one of my external USB hard drives connected when the machine got infected. I removed the flash drive, not sure if I ever reconnected it. I removed the USB hard drive and haven't reconnected it. Is there anything I need to do to check those to make sure they are clean, or are the infections we found not the kind that infect those devices?

2. When I made my last post, I didn't realize there was some personal information in the log file that should be removed. Can you change your settings so I can PM you?

Regards,

InfectedComputer
 
Hi InfectedComputer

you can check your USB flash drive and external hard drive,with the Kaspersky Online Scanner or MBAM, (but I am sure that they are clean )

please check you PM
 
Hi peku006,

I tried to reply to your PM, but I got the error message "peku006 has chosen not to receive private messages or may not be allowed to receive private messages." What am I doing wrong?

Regards,

InfectedComputer
 
Hi InfectedComputer
I do not know why the PM does not work
but I sent you my e-mail address,if there is even more what is needed to remove

Thanks peku006
 
Hi peku006,

Thank you, nothing else needs to be removed from the post with the Bitdefender log.

Will I be able to post any follow-up questions if any issues come up as I install the tools you mentioned and upgrade my service pack? How soon will the thread be archived?

Finally, thank you so much for your help. I am so relieved to have a clean computer, and I will be making a donation. Keep up the good work.

Regards,

InfectedComputer
 
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.
 
You must log in or register to reply here.
Back
Top