Virtumonde and possibly other issues

Status
Not open for further replies.
KASPERSKY ONLINE SCANNER REPORT
Friday, November 16, 2007 5:26:47 PM

Number of infected objects: 6

C:\Program Files\Trend Micro\AntiVirus 2007\Quarantine\ <<< delete the contents of that quarantine folder, all six items are in there.

Delete the tools we used during the cleanup, you may keep ATF-Cleaner if you wish.

http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/tips/mcgill1.mspx

Here is some great information from experts in this field that will help you stay clean and safe online.
http://users.telenet.be/bluepatchy/miekiemoes/prevention.html
http://forums.spybot.info/showthread.php?t=279
http://russelltexas.com/malware/allclear.htm
http://forum.malwareremoval.com/viewtopic.php?t=14
http://www.bleepingcomputer.com/forums/topict2520.html
http://cybercoyote.org/security/not-admin.shtml

Thanks...pskelley
Safer Networking Forums
http://www.spybot.info/en/donate/index.html
If you are reading this information...thank a teacher,
If you are reading it in English...thank a soldier.
 
Last edited:
Woops!

So I made a little mistake. Well a little bit bigger than a little mistake. I accidentally restored my computer to the way it was this morning. The instructions given on the website were different than it was in system restore. I couldn't seem to change the settings for some reason. So it looks like all it did was it put back on that last file we were working on. I went ahead and used vundofix on it so I hope it is clean again. I'm not at home otherwise I would post an HJT log. When I do get back what would you like me to post. A fresh HJT log and a Kaspersky scan? Thanks.
 
I really don't know, I was going to ask if you had System Restore turned off? You should not, a bad System Restore point is better than no System Restore point in an emergency. If you turned an infected System Restore off and then restored that infected point, then yes, you would reinfect yourself.

I have no way of knowing what you have done from here. Since the last Kaspersky scan was clean except for those six quarantine items, a Kaspersky scan should be clean. I do not need to see a clean scan results.

Thanks
 
Well what happened was it restored me to this morning at 1:16 AM. So still ahs a trace of the infection. Would you like me to just post a HJT log as soon as I can?
 
Like I said, I really can tell nothing from here, I would suggest you run a Kaspersky scan, the results should tell you.
 
Ok thank you so much. As soon as I can I'll post a Kaspersky report. And then once I'm clean I'll do what you suggested and have that website run a free report. Thank you again your a life saver.
 
OK and thanks, I see no major problems and the results are fairly fairly easy to understand. I'll look for security issues and you should read it all. Let me know if you have questions. Once again, I do not suggest any purchases.

Defragment files (Drive C)
I suggest you Defrag about once a month, if Windows says you need it or not.

Reduce System Restore space:
Here is information from Microsoft:
http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/tips/mcgill1.mspx

Warning >Saving Web Page Passwords with IE May Present a Security Risk

Warning >Form Filling with IE May Present a Security Risk

Warning >Saving Web Page Passwords with Firefox May Present a Security Risk

Warning >Form Filling with Firefox May Present a Security Risk

Thanks
 
Yea I read through it all and most of it made good sense. Again I thank you so much for your help. You've gone above and beyond the call of duty.
 
Status
Not open for further replies.
Back
Top