I think I have Virtumonde

Discussion in 'Malware Help (A Specialist Will Reply)' started by TheNateGBent, Jul 31, 2008.

  1. TheNateGBent

    TheNateGBent Private E-2

    Hey all.
    Recently my computer's been acting up. I get random pop-ups (they open a new tab in FireFox). I've run AdAware, SpyBot and AVG a dozen times, and they seem to try to remove the same trojans every time, namely Vundo and Virtumonde. I've seen online that they are in face one and the same, so I figure I should be able to wipe out both in a single swoop.
    I browsed around on the forums, and it looks like the removal process changes from user to user, depending on their HijackThis log.
    I'd really appreciate any help with this, because I can't seem to make a dent in whatever is causing this, and if I see one more millionairecasino.com advert I'll go insane.
    Thanks again for your time
     
    TheNateGBent, Jul 31, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Please follow the instructions in the below link and attach the requested logs when you finish these instructions. If something does not run, write down the info to explain to us later but keep on going. Do not assume that because one step does not work that they all will not.

    READ & RUN ME FIRST. Malware Removal Guide


    Note: If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode. You can running steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

    Starting your computer in Safe mode
     
    chaslang, Jul 31, 2008
    #2
  3. TheNateGBent

    TheNateGBent Private E-2

    Alright I've ran SUPERAntiSpyware a few times and it gives me the same trojan alerts everytime, namely Adware.Vundo Variant/Resident, Trojan.Vundo-Variant/Small-GEN, and Adware.Vundo Variant/Rel. I've attached the log files for both SUPERAntiSpyware and HijackThis, if theres any more information you need I can post that as well.
     

    Attached Files:

    TheNateGBent, Jul 31, 2008
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Please attach the logs that are requested in the cleaning procedure. We do not ask for a HijackThis log. You need to attach the logs from the below tools
    • Malwarebytes Anti-Malware
    • ComboFix
    • MGtools
    You also need to disable Spybot's Teatimer as requested in the READ & RUN ME.


    And you may need to uninstall ALL but one antivirus which was one of the first things requested. I see AVG8 and Symantec. So unless what you have installed from Symantec does not have an antivirus, one program needs to be uninstalled.
     
    chaslang, Jul 31, 2008
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds