Help I have a bug!

knip

knip

knip

Soldato
Joined
28 Jun 2006
Posts
11,102
Location
Somewhere in Bristol
Ok so my norton expired today and it wasnt a legal version anyway, so I today got myself AVG antivirus and AVG spyware. I already have spybot search and destroy and Ad-Aware, BUT, I keep getting pop ups, and when I just ran the spybot, it found something called Virtumonde, which it says it cannot delete because its in use in the computer memory.
Help!
What can I do to get rid of it?
 
It doesnt say virtumonde in the processes list though, and its only since I got rid of the norton to install the AVG this has happened, my norton was fine for a year.
What am I looking for in the processes, the things I have running at the moment are
NM index store
Task mgr
IE7
WG111v2.exe
cftmon.exe
avg.exe
msn
NDS tray
I tunes
explorer.exe
(more avg stuff)
hotkey
SynTPEnh.exe
guard.exe
svchost.exe
lsass.exe
services.exe
winlogon.exe
csrss.exe
alg.exe
 
Safe mode is F8 when booting.

Norton is bloody rubbish by the way. Half of the pc's i have been asked to look at have had problems due to one or more of their products.

You do have a firewall as well don't you? Windows has it's own built in but it's not very good. Comodo Personal Firewall is excellent and is also free. Comodo Firewall.

If you download and install Hijack This run it and then copy and paste the logfile here it will analyse and tell you whats good and whats bad. You can then delete it using Hijack This. Couple that with an Adaware scan and a virus scan in safe mode and hopefully it should be gone.

Another good free antispyware program is A-Squared free . I use that with Adaware, Winpatrol, Spyware blaster, AVG 7.5 and Comodo firewall and they work brilliantly for me.
 
Ok I ran my AVG and Spybot search and destroy both in safe mode last night, the AVG found nothing, the Spybot found the virtumonde again, but still says it couldnt delete it due to it being in use in the memory.
Am going to work in a bit, but when I get back I will try the things suggested above.
Whatever has happened, its slowing the PC down, and I keep getting pop ups for gambling sites, and something telling me ive been looking at adult sites, which I havent and I should download their programme to stop it (which I havent done obviously)

edit:how can I tell where my firewall is, I presume I had one built in with my norton? (yes yes I know I know, but I am a girl!)
 
Last edited:
*crosses fingers toes and eyes while she types this*

I THINK I have finally got rid of it, thankfully (for me at least) I pay 6 quid a month to have 24 hour a day tech support from *purple shirt shop :D *, and after trying everything everyone had suggested, (and I really am grateful, and thankyou) and installing most of what people suggested, and it still hadnt gotten rid of it, I rang tech support and a very nice helpful lady got me to run some stuff, which has (touchwood) gotten rid of the trojan.

Now I just need to work out how to put the email protectio back on it my AVG (which has somehow disappeared) and get my temperature thing back and all will be well.

Knip is smiling again after a weekend of pulling her hair out! :D
 
Last edited:
knip said:
I THINK I have finally got rid of it, thankfully (for me at least) I pay 6 quid a month to have 24 hour a day tech support from *purple shirt shop*
Click to expand...

Quickly - hide the competitor name!

I DOOoo hope their phone support is better than in store anyway - they are embarrassingly bad in store.
 
Jaffa_Cake said:
Quickly - hide the competitor name!

I DOOoo hope their phone support is better than in store anyway - they are embarrassingly bad in store.
Click to expand...
Done :p
They were really really good, and me and the lady got into a bit of a girl power thing about her getting people asking to speak to the technician when she is one and me being determined to fix things!
(any ideas why the email scanner has suddenly stopped working on my AVG?)
 
Norton itself is fine, just sometimes it slows the comp down, thats my only issue with it.

Symantec the site is good for removal tools normally...Dont know if you got rid of it, but download the removal tool from the site:

http://www.symantec.com/security_response/writeup.jsp?docid=2003-120914-4108-99&tabid=3

Dont know why no one else didnt think of looking on there to be honest :p

Try it in safe mode, as it'll probably be better to do the scan that way.

**EDIT**

Oh and if your feeling brave, look in the registry for the file as well, just to double check that its definetly gone, and if you think you have removed it anyway, just run the removal tool to double check. :)
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom