Guest geir.moi@gmail.com Posted February 25, 2008 Posted February 25, 2008 Here's what is did. I removed Virtumonde successfully. I have Windows Vista Home Premium To remove the Virtumonde Trojan, please proceed with the following steps at your own risk. STEP 1: Clean Temp folders Start > All Programs > Accessories > System Tools > Disk Cleanup > push OK STEP 2: Run Vundo Fix. Run > Run > Scan for Vundo > Remove Vundo (when scan is completed) > Reboot PC http://www.atribune.org/ccount/click.php?id=4 STEP 3: Run Virtumundobegone.exe Run > Run > Continue > Start > Yes > Reboot (may need to perform manual reboot if PC freezes) http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe STEP 4: Run Vundo Fix again. Run > Run > Scan for Vundo > Remove Vundo (when scan is completed) > Reboot PC http://www.atribune.org/ccount/click.php?id=4 STEP 5: Hijackthis Log Save to Desktop > Double click on icon 'hijackthis' > Run > 'Do a system scan only and save logfile' > save log in notepad and attach to e-mail. http://nod32-av.com/utilities/HiJackThis%2.../hijackthis.exe STEP 6: Run ComboFix USE THIS STEP WITH CAUTION!!!!! Save to Desktop > Double click on icon 'combofix' > Run http://download.bleepingcomputer.com/sUBs/ComboFix.exe STEP 7: Run Vundo Fix again. Run > Run > Scan for Vundo > Remove Vundo (when scan is completed) > Reboot PC http://www.atribune.org/ccount/click.php?id=4 STEP 8: Smitfraudfix Save to Desktop > Double click on icon 'smitfraudfix' > Run > Option 2 http://siri.urz.free.fr/Fix/SmitfraudFix.exe Quote
Guest Milo Posted February 25, 2008 Posted February 25, 2008 Thanks for sharing How much time did you extend removing the vundo in your system? -- Milo "geir.moi@gmail.com" wrote: <span style="color:blue"> > Here's what is did. I removed Virtumonde successfully. > I have Windows Vista Home Premium > > To remove the Virtumonde Trojan, please proceed with the following > steps at your own risk. > > > STEP 1: Clean Temp folders > Start > All Programs > Accessories > System Tools > Disk Cleanup > > push OK > > STEP 2: Run Vundo Fix. > Run > Run > Scan for Vundo > Remove Vundo (when scan is completed) > > Reboot PC > http://www.atribune.org/ccount/click.php?id=4 > > STEP 3: Run Virtumundobegone.exe > Run > Run > Continue > Start > Yes > Reboot (may need to perform > manual reboot if PC freezes) > http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe > > STEP 4: Run Vundo Fix again. > Run > Run > Scan for Vundo > Remove Vundo (when scan is completed) > > Reboot PC > http://www.atribune.org/ccount/click.php?id=4 > > STEP 5: Hijackthis Log > Save to Desktop > Double click on icon 'hijackthis' > Run > 'Do a > system scan only and save logfile' > save log in notepad and attach to > e-mail. > http://nod32-av.com/utilities/HiJackThis%2.../hijackthis.exe > > STEP 6: Run ComboFix USE THIS STEP WITH CAUTION!!!!! > Save to Desktop > Double click on icon 'combofix' > Run > http://download.bleepingcomputer.com/sUBs/ComboFix.exe > > > > STEP 7: Run Vundo Fix again. > Run > Run > Scan for Vundo > Remove Vundo (when scan is completed) > > Reboot PC > http://www.atribune.org/ccount/click.php?id=4 > > STEP 8: Smitfraudfix > Save to Desktop > Double click on icon 'smitfraudfix' > Run > Option 2 > http://siri.urz.free.fr/Fix/SmitfraudFix.exe > </span> Quote
Guest Jim Posted February 26, 2008 Posted February 26, 2008 Quicker solution. Pop Windows Setup CD. Unplug PC. Wait 30 secs. Boot from CD and run setup :-) <geir.moi@gmail.com> wrote in message news:56355b58-743b-47a5-a6bb-e08eaf63ffc1@e23g2000prf.googlegroups.com...<span style="color:blue"> > Here's what is did. I removed Virtumonde successfully. > I have Windows Vista Home Premium > > To remove the Virtumonde Trojan, please proceed with the following > steps at your own risk. > > > STEP 1: Clean Temp folders > Start > All Programs > Accessories > System Tools > Disk Cleanup > > push OK > > STEP 2: Run Vundo Fix. > Run > Run > Scan for Vundo > Remove Vundo (when scan is completed) > > Reboot PC > http://www.atribune.org/ccount/click.php?id=4 > > STEP 3: Run Virtumundobegone.exe > Run > Run > Continue > Start > Yes > Reboot (may need to perform > manual reboot if PC freezes) > http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe > > STEP 4: Run Vundo Fix again. > Run > Run > Scan for Vundo > Remove Vundo (when scan is completed) > > Reboot PC > http://www.atribune.org/ccount/click.php?id=4 > > STEP 5: Hijackthis Log > Save to Desktop > Double click on icon 'hijackthis' > Run > 'Do a > system scan only and save logfile' > save log in notepad and attach to > e-mail. > http://nod32-av.com/utilities/HiJackThis%2.../hijackthis.exe > > STEP 6: Run ComboFix USE THIS STEP WITH CAUTION!!!!! > Save to Desktop > Double click on icon 'combofix' > Run > http://download.bleepingcomputer.com/sUBs/ComboFix.exe > > > > STEP 7: Run Vundo Fix again. > Run > Run > Scan for Vundo > Remove Vundo (when scan is completed) > > Reboot PC > http://www.atribune.org/ccount/click.php?id=4 > > STEP 8: Smitfraudfix > Save to Desktop > Double click on icon 'smitfraudfix' > Run > Option 2 > http://siri.urz.free.fr/Fix/SmitfraudFix.exe </span> Quote
Guest Milo Posted February 26, 2008 Posted February 26, 2008 That's the last option, Reformating / or clean installing your system means you've been defeated by those who made it. I'de say you give it 30 Minutes to an hour get a proper support from here or some support group. We are here to help and give you another avenue than formatting. -- Milo "Jim" wrote: <span style="color:blue"> > Quicker solution. Pop Windows Setup CD. Unplug PC. Wait 30 secs. Boot from > CD and run setup > :-) > > <geir.moi@gmail.com> wrote in message > news:56355b58-743b-47a5-a6bb-e08eaf63ffc1@e23g2000prf.googlegroups.com...<span style="color:green"> > > Here's what is did. I removed Virtumonde successfully. > > I have Windows Vista Home Premium > > > > To remove the Virtumonde Trojan, please proceed with the following > > steps at your own risk. > > > > > > STEP 1: Clean Temp folders > > Start > All Programs > Accessories > System Tools > Disk Cleanup > > > push OK > > > > STEP 2: Run Vundo Fix. > > Run > Run > Scan for Vundo > Remove Vundo (when scan is completed) > > > Reboot PC > > http://www.atribune.org/ccount/click.php?id=4 > > > > STEP 3: Run Virtumundobegone.exe > > Run > Run > Continue > Start > Yes > Reboot (may need to perform > > manual reboot if PC freezes) > > http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe > > > > STEP 4: Run Vundo Fix again. > > Run > Run > Scan for Vundo > Remove Vundo (when scan is completed) > > > Reboot PC > > http://www.atribune.org/ccount/click.php?id=4 > > > > STEP 5: Hijackthis Log > > Save to Desktop > Double click on icon 'hijackthis' > Run > 'Do a > > system scan only and save logfile' > save log in notepad and attach to > > e-mail. > > http://nod32-av.com/utilities/HiJackThis%2.../hijackthis.exe > > > > STEP 6: Run ComboFix USE THIS STEP WITH CAUTION!!!!! > > Save to Desktop > Double click on icon 'combofix' > Run > > http://download.bleepingcomputer.com/sUBs/ComboFix.exe > > > > > > > > STEP 7: Run Vundo Fix again. > > Run > Run > Scan for Vundo > Remove Vundo (when scan is completed) > > > Reboot PC > > http://www.atribune.org/ccount/click.php?id=4 > > > > STEP 8: Smitfraudfix > > Save to Desktop > Double click on icon 'smitfraudfix' > Run > Option 2 > > http://siri.urz.free.fr/Fix/SmitfraudFix.exe </span> > > > </span> Quote
Guest Jim Posted February 29, 2008 Posted February 29, 2008 "Milo" <jfcoel@hotmail.com> wrote in message news:DADC98CA-B01D-4B1D-A1E3-C1F402E0BB7C@microsoft.com...<span style="color:blue"> > That's the last option, Reformating / or clean installing your system > means > you've been defeated by those who made it.</span> Really? I'd say you're defeated the moment your PC got hit. <span style="color:blue"> > I'de say you give it 30 Minutes to an hour</span> An hour to clean up infections? I'm impressed. I wasted a week trying to remove friggin trojan infections. Ended up reformatting/reinstalling OS. It's quicker, easier and guaranteed it's 100% clean. <span style="color:blue"> > get a proper support from here or some support group. We are here to help > and > give you another avenue than formatting.</span> Unlike some people I don't have days/weeks to spend cleaning craps from PCs. I admit that sometimes I'm curious too. So I spend a day or two attempting to get rid of infections. If it keeps popping back... heck... format it. Somehow I don't feel safe using a PC even after virus infections have been cleaned unless the PC gets reformatted and the OS is freshly reinstalled. 99.9999% of the time I end up reformatting. Yeah, I'm that kind of person. <span style="color:blue"> > -- > Milo > > > > "Jim" wrote: ><span style="color:green"> >> Quicker solution. Pop Windows Setup CD. Unplug PC. Wait 30 secs. Boot >> from >> CD and run setup >> :-) >> >> <geir.moi@gmail.com> wrote in message >> news:56355b58-743b-47a5-a6bb-e08eaf63ffc1@e23g2000prf.googlegroups.com...<span style="color:darkred"> >> > Here's what is did. I removed Virtumonde successfully. >> > I have Windows Vista Home Premium >> > >> > To remove the Virtumonde Trojan, please proceed with the following >> > steps at your own risk. >> > >> > >> > STEP 1: Clean Temp folders >> > Start > All Programs > Accessories > System Tools > Disk Cleanup > >> > push OK >> > >> > STEP 2: Run Vundo Fix. >> > Run > Run > Scan for Vundo > Remove Vundo (when scan is completed) > >> > Reboot PC >> > http://www.atribune.org/ccount/click.php?id=4 >> > >> > STEP 3: Run Virtumundobegone.exe >> > Run > Run > Continue > Start > Yes > Reboot (may need to perform >> > manual reboot if PC freezes) >> > http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe >> > >> > STEP 4: Run Vundo Fix again. >> > Run > Run > Scan for Vundo > Remove Vundo (when scan is completed) > >> > Reboot PC >> > http://www.atribune.org/ccount/click.php?id=4 >> > >> > STEP 5: Hijackthis Log >> > Save to Desktop > Double click on icon 'hijackthis' > Run > 'Do a >> > system scan only and save logfile' > save log in notepad and attach to >> > e-mail. >> > http://nod32-av.com/utilities/HiJackThis%2.../hijackthis.exe >> > >> > STEP 6: Run ComboFix USE THIS STEP WITH CAUTION!!!!! >> > Save to Desktop > Double click on icon 'combofix' > Run >> > http://download.bleepingcomputer.com/sUBs/ComboFix.exe >> > >> > >> > >> > STEP 7: Run Vundo Fix again. >> > Run > Run > Scan for Vundo > Remove Vundo (when scan is completed) > >> > Reboot PC >> > http://www.atribune.org/ccount/click.php?id=4 >> > >> > STEP 8: Smitfraudfix >> > Save to Desktop > Double click on icon 'smitfraudfix' > Run > Option 2 >> > http://siri.urz.free.fr/Fix/SmitfraudFix.exe</span> >> >> >> </span></span> Quote
Guest Shaken_not_stirred13 Posted March 2, 2009 Posted March 2, 2009 I have this virus and I've been following different methods of removing it all day. I'm not working through these steps. Can someone let me know why I need to run step 6 with caution? I'm new to this. Thanks, Liz -- Shaken_not_stirred13 ------------------------------------------------------------------------ Shaken_not_stirred13's Profile: http://forums.techarena.in/members/shaken_not_stirred13.htm View this thread: http://forums.techarena.in/security-virus/920614.htm http://forums.techarena.in Quote
Guest The Real Truth MS MVP Posted March 2, 2009 Posted March 2, 2009 Use my Remove-it software, it will remove that malware from your system. Choose yes for all options when prompted. Download it here http://www.ms-mvp.org/ -- The Real Truth http://pcbutts1-therealtruth.blogspot.com/ WARNING Do NOT follow any advice given by the people listed below. They do NOT have the expertise or knowledge to fix your issue. Do not waste your time. David H Lipman, Malke, PA Bear, Beauregard T. Shagnasty, Leythos. "Shaken_not_stirred13" <Shaken_not_stirred13.3oeibb@DoNotSpam.com> wrote in message news:Shaken_not_stirred13.3oeibb@DoNotSpam.com...<span style="color:blue"> > > I have this virus and I've been following different methods of removing > it all day. I'm not working through these steps. Can someone let me > know why I need to run step 6 with caution? I'm new to this. > > Thanks, > Liz > > > -- > Shaken_not_stirred13 > ------------------------------------------------------------------------ > Shaken_not_stirred13's Profile: > http://forums.techarena.in/members/shaken_not_stirred13.htm > View this thread: http://forums.techarena.in/security-virus/920614.htm > > http://forums.techarena.in > </span> Quote
Guest Shaken_not_stirred13 Posted March 2, 2009 Posted March 2, 2009 Thanks for the reply. I'll give that a try. I also have to apologize for a typo in my first post. I meant to say I was working through the steps listed. I was just unsure about why step 6 had a warning. Thanks. -- Shaken_not_stirred13 ------------------------------------------------------------------------ Shaken_not_stirred13's Profile: http://forums.techarena.in/members/shaken_not_stirred13.htm View this thread: http://forums.techarena.in/security-virus/920614.htm http://forums.techarena.in Quote
Guest Leythos Posted March 2, 2009 Posted March 2, 2009 In article <PqIql.18984$c45.4660@nlpi065.nbdc.sbc.com>, toidi@tpap.com says...<span style="color:blue"> > WARNING Do NOT follow any advice given by the people listed below. > They do NOT have the expertise or knowledge to fix your issue. Do not waste > your time. > </span> Chris, Stalking on the internet is a crime, your signature indicates you are a sick individual stalking myself as well as others, you have warned, again. -- Leythos - spam999free@rrohio.com (remove 999 to email me) Public Service Warning: Learn about PCButts before you trust: http://www.velocityreviews.com/forums/t513...f-removeit.html http://www.google.com/search?hl=en&q=pcbutts1+thief http://tinyurl.com/4rruwd Quote
Guest ---Fitz--- Posted March 3, 2009 Posted March 3, 2009 Please do NOT follow the instructions given by this MVP imposter. He does NOT represent MS MVPs and installing one of his glorified batch files is liable to install someting you do NOT want...susch as a modified hosts file. Quote
Guest Adam Posted March 18, 2009 Posted March 18, 2009 Ms Defender or Spy-Bot would be easiest. I know Vundo/Virtumonde is removed by spy-bot, and assume that Ms Defender also can remove this? not sure. "Shaken_not_stirred13" <Shaken_not_stirred13.3oeqnb@DoNotSpam.com> wrote in message news:Shaken_not_stirred13.3oeqnb@DoNotSpam.com...<span style="color:blue"> > > Thanks for the reply. I'll give that a try. > > I also have to apologize for a typo in my first post. I meant to say I > was working through the steps listed. I was just unsure about why > step 6 had a warning. > > Thanks. > > > -- > Shaken_not_stirred13 > ------------------------------------------------------------------------ > Shaken_not_stirred13's Profile: > http://forums.techarena.in/members/shaken_not_stirred13.htm > View this thread: http://forums.techarena.in/security-virus/920614.htm > > http://forums.techarena.in > </span> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.