Guest Victor Posted August 14, 2007 Posted August 14, 2007 Ok. my daughter loaded a ton of spyware on my pc (just a note avoid myspace layout sites when you can). I got rid of everything except this one called virtumonde. I have tried several posted remedies and none work. Defender finds it and "removes" it but it comes back every time and usually before the machine even reboots. Most postings either say to buy THEIR spyware removal tool which I dont honestly trust, or they say what files and registry entries to delete, but I dont even have those entries or files on my machine. I CAN find some files that seem to be involved with the virus but of course they cant be removed or renamed even in safe mode. Can anyone offer a solution on how to remove it, what to check for, or how to submit a request for an udate to defender that would actually fix the issue? Thanks a bunch. please dont bother posting and telling me to download "spyclean", "wincleaner", or my favorite "virtumonde remover 2007" Quote
Guest Malke Posted August 14, 2007 Posted August 14, 2007 Victor wrote:<span style="color:blue"> > Ok. my daughter loaded a ton of spyware on my pc (just a note avoid myspace > layout sites when you can). > > I got rid of everything except this one called virtumonde. I have tried > several posted remedies and none work. Defender finds it and "removes" it > but it comes back every time and usually before the machine even reboots. > > Most postings either say to buy THEIR spyware removal tool which I dont > honestly trust, or they say what files and registry entries to delete, but I > dont even have those entries or files on my machine. I CAN find some files > that seem to be involved with the virus but of course they cant be removed or > renamed even in safe mode. > > Can anyone offer a solution on how to remove it, what to check for, or how > to submit a request for an udate to defender that would actually fix the > issue? > > Thanks a bunch. please dont bother posting and telling me to download > "spyclean", "wincleaner", or my favorite "virtumonde remover 2007" > > </span> I won't bother telling you to download any of those programs you mention because those programs are malware! See this removal guide instead: http://www.bleepingcomputer.com/forums/topic3494.html If you have further problems, run HijackThis and post in BleepingComputer's HJT forum (not here, please). Malke -- Elephant Boy Computers www.elephantboycomputers.com "Don't Panic!" MS-MVP Windows - Shell/User Quote
Guest Bells Posted May 31, 2008 Posted May 31, 2008 Hi everyone, I would really appreciate some help; i've got my self into a pickle!! This morning my faithful computer informed me that it had a virus ("virus found Vundo") so i popped them in the virus vault. I also ran a spyware check- appears i also have Virtumonde (which i understand to be the same thing or similar!) so I also popped that in the vault! Now i keep getting these message that say it can't run a .dll file (along with the associated ads!) So i've tried fixvondu, and a number of other removals - they can't even see that i have a problem.. which clearly i do! So i have downloaded hijak this.. and would like to remove it manually.. I understnad roughly how i would do this, but i'd like some help in identifying my problem files!! If i post the output file from Hijackthis.. can someone please help me identify which files are infected? Thanks! style_emoticons/ -- Bells Posted via http://www.vistaheads.com Quote
Guest Mick Murphy Posted May 31, 2008 Posted May 31, 2008 Spybot Search & Destroy will remove it, but only in Safe Mode. Instructions on how to enter Safe Mode and remove probs are included below. Also included, good all over security programs for Vista. http://www.avast.com/eng/download-avast-home.html Avast Anti-Virus is Vista compatible (32bit and 64bit Versions), FREE, auto-updating, and a low resources user of your computer. And, only have 1(one) Anti-Virus installed / running on your computer at any one time.. Conflicts may occur if you have more than 1(one). http://www.spybot.info/en/index.html Spybot Search & Destroy 1.5.2 is a very good, FREE Anti-Spyware Program. Download, install, update, and immunize your System with it. Then SCAN with it. Update once a fortnight. http://www.javacoolsoftware.com/spywareblaster.html SpywareBlaster 4.0 is a non-intrusive, FREE Anti-Spyware Program that runs in the background. Update it once a fortnight, and let it do its work in the background! If you happen to find a problem that you can’t uninstall / delete, reboot the computer, and go into Safe Mode. To get into Safe mode, tap F8 right at Power On/ Startup, and use UP and DOWN arrow keys to get to Safe Mode, then hit ENTER. RESCAN your computer with Avast and Spybot S & D while in Safe Mode. -- Mick Murphy - Qld - Australia "Bells" wrote: <span style="color:blue"> > > Hi everyone, > > I would really appreciate some help; i've got my self into a pickle!! > This morning my faithful computer informed me that it had a virus > ("virus found Vundo") so i popped them in the virus vault. I also ran a > spyware check- appears i also have Virtumonde (which i understand to be > the same thing or similar!) so I also popped that in the vault! > > Now i keep getting these message that say it can't run a .dll file > (along with the associated ads!) > > So i've tried fixvondu, and a number of other removals - they can't > even see that i have a problem.. which clearly i do! > So i have downloaded hijak this.. and would like to remove it > manually.. I understnad roughly how i would do this, but i'd like some > help in identifying my problem files!! If i post the output file from > Hijackthis.. can someone please help me identify which files are > infected? > > Thanks! > style_emoticons/ > > > -- > Bells > Posted via http://www.vistaheads.com > > </span> Quote
Guest Malke Posted May 31, 2008 Posted May 31, 2008 Bells wrote: <span style="color:blue"> > > Hi everyone, > > I would really appreciate some help; i've got my self into a pickle!! > This morning my faithful computer informed me that it had a virus > ("virus found Vundo") so i popped them in the virus vault. I also ran a > spyware check- appears i also have Virtumonde (which i understand to be > the same thing or similar!) so I also popped that in the vault! > > Now i keep getting these message that say it can't run a .dll file > (along with the associated ads!) > > So i've tried fixvondu, and a number of other removals - they can't > even see that i have a problem.. which clearly i do! > So i have downloaded hijak this.. and would like to remove it > manually.. I understnad roughly how i would do this, but i'd like some > help in identifying my problem files!! If i post the output file from > Hijackthis.. can someone please help me identify which files are > infected?</span> You are definitely on the right track but you're in the wrong place. We don't analyze HJT logs here in the MS newsgroups because it takes a great deal of time and expertise to do so. Here is a list (in no particular order) of specialty forums where you can post your HJT log and get guided help. Choose one, read its posting FAQ, and you'll be on your way to a clean machine. http://aumha.org/downloads/hijackthis.zip http://www.aumha.org/a/hjttutor.htm - HijackThis tutorial by Merijn http://www.bleepingcomputer.com/forums/ind...showtutorial=42 - another tutorial http://aumha.net/ - Click on the HijackThis forum. Read the announcement and the stickies first . http://www.atribune.org/forums/index.php?showforum=9 http://aumha.net/viewforum.php?f=30 http://www.bleepingcomputer.com/forums/forum22.html http://castlecops.com/forum67.html http://www.dslreports.com/forum/cleanup http://www.cybertechhelp.com/forums/forumdisplay.php?f=25 http://www.geekstogo.com/forum/Malware_Rem...o_Here-f37.html http://gladiator-antivirus.com/forum/index.php?showforum=170 http://spywarewarrior.com/viewforum.php?f=5 http://forums.techguy.org/54-security/ http://forums.tomcoyote.org/ Malke -- MS-MVP Elephant Boy Computers www.elephantboycomputers.com Don't Panic! Quote
Guest Bells Posted June 1, 2008 Posted June 1, 2008 Thank you Malke, I'll get right on that style_emoticons/ -- Bells Posted via http://www.vistaheads.com Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.