spyware - help cannot remove - virtumonde !!
- Thread starter jase555
- Start date
Caporegime
- Joined
- 21 Nov 2005
- Posts
- 41,423
- Location
- Cornwall
If you find out how to get rid of it please post how you did it. I spent most of Monday and Tuesday trying to remove it from a users laptop and failed. Ended up formatting and starting again.
As said in this thread, install:
Spybot search and destroy
ad aware
malwarebytes
spywareblaster
Then run hijack this and post the logfile and have a read of this:
http://www.bleepingcomputer.com/malware-removal/remove-vundo-virtumonde
Spybot search and destroy
ad aware
malwarebytes
spywareblaster
Then run hijack this and post the logfile and have a read of this:
http://www.bleepingcomputer.com/malware-removal/remove-vundo-virtumonde
argghhh man this pos gets everywhere. I got caught by it on winxp (it turned a/v , windows firewall off and installed in the blink of an eye)
so i moved to vista.
now you have it , on vista
in addition to all the stuff above google for "vundofix.exe", i cant remember the site i got it from, but it will get rid of the damn thing.
what firewall, a/v were you using m8 ?
so i moved to vista.
now you have it , on vista
in addition to all the stuff above google for "vundofix.exe", i cant remember the site i got it from, but it will get rid of the damn thing.
what firewall, a/v were you using m8 ?
Ahh man, I feel your pain. As well as knowing what Mittens went thru. I also had a job of removing this nasty piece of malware, which had infected a friends PC after he clicked on a .txt file that was in fact an .exe (Curse of not having extensions on) from some dodgy crap he'd been downloading. I had a stab at this, tried vundofix and virtumondebegone both still left virtumonde replicating itself at every bootup.
After what was 2 days fiddling with different methods, I gave up, inserted my backup drive and restored his harddrive. Upon doing so, my boot up virus detector (motherboard feature) informed me that a virus was in the master boot record.
Now I never tried it, and it was just a theory of mine to delete and remake the master boot record before you boot back into windows after using vundofix/begone. I did mention this to Mittens, but I can't remember whether he actually tried it.
The little bugger is persistent and always hides somewhere, of course deleting your master boot record can cause problems, and you can try it at your own risk. You have my sympathys. But due to my experience with it, the only solution is to kill the disk. Just make sure in future, that you backup your initial installation so the reinstall process is less of a cumbersome chore.
After what was 2 days fiddling with different methods, I gave up, inserted my backup drive and restored his harddrive. Upon doing so, my boot up virus detector (motherboard feature) informed me that a virus was in the master boot record.
Now I never tried it, and it was just a theory of mine to delete and remake the master boot record before you boot back into windows after using vundofix/begone. I did mention this to Mittens, but I can't remember whether he actually tried it.
The little bugger is persistent and always hides somewhere, of course deleting your master boot record can cause problems, and you can try it at your own risk. You have my sympathys. But due to my experience with it, the only solution is to kill the disk. Just make sure in future, that you backup your initial installation so the reinstall process is less of a cumbersome chore.