Removing Virtumonde / Vundo.

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Yuruka, Aug 25, 2008.

  1. Yuruka

    Yuruka Private E-2

    I used to have Virtumonde, and it is a NASTY virus that's for sure.

    Basically what I used is Spybot first to scan and remove, it didn't fix anything though, Avast found some viruses and deleted them, Then I tried a handy little program called T-R Trojan Remover And it fixed it perfectly, you just have to schedule a startup scan / a deep scan and reboot, it SHOULD go away.

    Hope this helps peeps out there with problems.

    ~S
     
    Yuruka, Aug 25, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    chaslang, Aug 26, 2008
    #2
  3. Yuruka

    Yuruka Private E-2

    Well in most cases Virtumonde is hidden in Windows, so when you start it up you have to make it check all the processes, then it should be able to kill it.
     
    Yuruka, Aug 27, 2008
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    There can be many many more hidden files that are not in any running processes and that is what I'm referring too. There can be randomly named file with any of the below file extensions:

    .dat
    .dat2
    .dll
    .exe
    .ini
    .ini2
    .tmp
    .tmp2

    In addition there can be dozens of registry keys infected too.
     
    chaslang, Aug 27, 2008
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds