My computer is Virtumonde infected, please help
- Thread starter randyhawk
- Start date
- Status
First use hijackthis to remove these items:
Download and run the Avenger from here: http://swandog46.geekstogo.com/
Let it scan for rootkits and check the box asking it to automatically remove the ones it finds.
Download and run super antispyware http://www.superantispyware.com/download.html
Do a complete scan and remove all items it finds.
Download and run malwarebytes http://www.malwarebytes.org/
Do a complete scan and remove all items it finds.
Keep scanning with super anti spyware and malwarebytes this until it can find and remove nothing.
Update your antivirus and make sure it's working properly. A recommended one is AVG. http://free.avg.com/
Switch to using Mozilla Firefox http://www.mozilla.com/en-US/firefox/ and DO NOT use Internet Explorer - it's a great big security hole.
Good luck
Download and run the Avenger from here: http://swandog46.geekstogo.com/
Let it scan for rootkits and check the box asking it to automatically remove the ones it finds.
Download and run super antispyware http://www.superantispyware.com/download.html
Do a complete scan and remove all items it finds.
Download and run malwarebytes http://www.malwarebytes.org/
Do a complete scan and remove all items it finds.
Keep scanning with super anti spyware and malwarebytes this until it can find and remove nothing.
Update your antivirus and make sure it's working properly. A recommended one is AVG. http://free.avg.com/
Switch to using Mozilla Firefox http://www.mozilla.com/en-US/firefox/ and DO NOT use Internet Explorer - it's a great big security hole.
Good luck
i have done all step by step as directed by SEANC and uninstall my old avg and i am trying to istall new ANG antivius but its giving problems
first it says some installation files are currupted...please download fresh copy
and some times its starts installing but says instaltion folder is missing
here is my fresh log
first it says some installation files are currupted...please download fresh copy
and some times its starts installing but says instaltion folder is missing
here is my fresh log
I find this the best process of removal
UPDATED 8-step Viruses/Spyware/Malware Preliminary Removal Instructions
I prefer Avira (in the above guide) as the only Antivirus installed; over AVG8, any day
But each to their own :suspiciou
UPDATED 8-step Viruses/Spyware/Malware Preliminary Removal Instructions
I prefer Avira (in the above guide) as the only Antivirus installed; over AVG8, any day
But each to their own :suspiciou
I'll have to give Avira a shot and see what it's like.
I quite like AVG but if there's a better free alternative then it's worth a try.
I got free licenses of Kasperskey Internet Security 2009 via my bank but was let down by a process that likes to stick at 100% and can only be cured by a reboot.
I quite like AVG but if there's a better free alternative then it's worth a try.
I got free licenses of Kasperskey Internet Security 2009 via my bank but was let down by a process that likes to stick at 100% and can only be cured by a reboot.
Put it this way I check and repair about 20+ Virus\Malware posts a day (although some days -- none)
And I always say get rid of what they have (really a huge assortment of things)
And install Avira.
Every single one has been then resolved (obviously doing other things too)
But in my view free Avira (with the annoying splash screen, only when it updates) is the best
Oh, and I use it too
And I always say get rid of what they have (really a huge assortment of things)
And install Avira.
Every single one has been then resolved (obviously doing other things too)
But in my view free Avira (with the annoying splash screen, only when it updates) is the best
Oh, and I use it too
randyhawk
Things are looking brighter but there's still a couple of files I've identified in your hijackthis log:
Please remove those, they're most likely the cause of your AVG problems.
Also run a couple more complete cycles of Malware Bytes and Super Anti Spyware (make sure they're updated!)
Did the log for avenger say it had found and removed a rootkit?
Things are looking brighter but there's still a couple of files I've identified in your hijackthis log:
Please remove those, they're most likely the cause of your AVG problems.
Also run a couple more complete cycles of Malware Bytes and Super Anti Spyware (make sure they're updated!)
Did the log for avenger say it had found and removed a rootkit?
Has that been done yet anyway?
Also here's the AVG removal tool
Here is the 32Bit version (most users): http://www.avg.com/filedir/util/avg_arm_sup_____.dir/avgremover.exe
Here is the 64Bit version: http://www.avg.com/filedir/util/avg_arv_sup_____.dir/avgremoverx64.exe
Yes please Attach all the logs
ie
MalwareBytes <= Ideally a recent updated scan, and manually removal of found issues, completed
SuperAntiSpyware <== It's amazing how many spywares this scan can find and remove, by itself
HijackThis<== After restarting; running this one, is the world's best way, of knowing what's running (Malware wise)
But your choice
ie
MalwareBytes <= Ideally a recent updated scan, and manually removal of found issues, completed
SuperAntiSpyware <== It's amazing how many spywares this scan can find and remove, by itself
HijackThis<== After restarting; running this one, is the world's best way, of knowing what's running (Malware wise)
But your choice
I don't mean to be rude, but your above post is usually what most users post on Post#1, but it has taken 15 posts for you to get there
In all cases of Virus\Malware issues, it is best to post these 3 logs, as per the guide, otherwise, well, it's just a waste of posts getting there.
I believe member seanc has helped extremely well under the circumstances (ie limited info supplied) But just to let you know, I personally don't check anything until the logs are supplied
1. Download VundoFix; Trojan.Vundo Removal Tool; VirtumundoBeGone and ComboFix.
2. Go Offline - pull the cable network, turn off wireless card, turn off your modem.
3. Restart computer and press F8 to run Windows in Safe Mode
4. Run VundoFix.. Click on the Scan for Vundo. Scanning will begin, which takes a long time. In the white box will display the names of infected files. After the scan is complete click Remove Vundo, removal will begin. Confirm by clicking Yes. The application should ask for permission to restart your computer - click Yes. Start Windows in Safe Mode again.
5. Run FixVundo. Click Start, and then follow the instructions. It should be noted that this application can deal only with older mutations Vundo (Virtumonde).
6. Run VirtumondoBeGone. Click Continue and wait for the report.
7. Run ComboFix. Then, in the two windows that appear click Yes, and start scanning and removal of any Vundo (Virtumonde) infection. During this operation, you are not allowed to move the mouse or perform other actions. After the scan is complete, program will show a text file - a report from the program's action.
8. Restart computer and run Windows normally.
9. Attach the report, and a new HJT log
In all cases of Virus\Malware issues, it is best to post these 3 logs, as per the guide, otherwise, well, it's just a waste of posts getting there.
I believe member seanc has helped extremely well under the circumstances (ie limited info supplied) But just to let you know, I personally don't check anything until the logs are supplied
1. Download VundoFix; Trojan.Vundo Removal Tool; VirtumundoBeGone and ComboFix.
2. Go Offline - pull the cable network, turn off wireless card, turn off your modem.
3. Restart computer and press F8 to run Windows in Safe Mode
4. Run VundoFix.. Click on the Scan for Vundo. Scanning will begin, which takes a long time. In the white box will display the names of infected files. After the scan is complete click Remove Vundo, removal will begin. Confirm by clicking Yes. The application should ask for permission to restart your computer - click Yes. Start Windows in Safe Mode again.
5. Run FixVundo. Click Start, and then follow the instructions. It should be noted that this application can deal only with older mutations Vundo (Virtumonde).
6. Run VirtumondoBeGone. Click Continue and wait for the report.
7. Run ComboFix. Then, in the two windows that appear click Yes, and start scanning and removal of any Vundo (Virtumonde) infection. During this operation, you are not allowed to move the mouse or perform other actions. After the scan is complete, program will show a text file - a report from the program's action.
8. Restart computer and run Windows normally.
9. Attach the report, and a new HJT log
That's ok
Please Scan with HJT and tick and fix all the following:
(best to have any Internet browser closed first)
Then run CCleaner again
Then restart
Clear & Reset System Restore's Cache
Go to Start >> Run - type or copy/paste control sysdm.cpl,,4 and then press Enter
* Tick on the checkbox - Turn off System Restore on all drives
* Click Apply
Turn it back 'On' by unticking the same checkbox & click Apply, and then OK
Then you're done
Please Scan with HJT and tick and fix all the following:
(best to have any Internet browser closed first)
Then run CCleaner again
Then restart
Clear & Reset System Restore's Cache
Go to Start >> Run - type or copy/paste control sysdm.cpl,,4 and then press Enter
* Tick on the checkbox - Turn off System Restore on all drives
* Click Apply
Turn it back 'On' by unticking the same checkbox & click Apply, and then OK
Then you're done
- Status
Latest posts
-
"CPUs Don't Matter For 4K Gaming"... Wrong!- yRaz replied
-
Rare Super Famicom prototype zooms to $40k bid at auction- Shawn Knight replied
-
DDR5 memory prices could rise 20% due to increasing demand for AI chips- ThrakazogZ replied
