Home > I Think > I Think I'm Still Infected With Virtumonde

I Think I'm Still Infected With Virtumonde

Apr 18, 2009 #18 Tungstencalais TS Rookie Topic Starter Hi Bobbye, I uninstalled Daemon Tools pro, but there still seem to be remnants of the program, and the sptd.sys file is Firefox and IE have whitescreens where it takes almost 10 min before they finally show up websites like Google, Wikipedia, and Yahoo. Steve: N.M.N.F. Click OK on each of these. Source

The forums are there for a reason. Also, the main problem i have at the moment is that sometimes when accessing normal web pages, like this help forum, there seems to be some adware downloading according to the Thanks. Comments Deej says: October 31, 2010 at 12:47 pm HELP! http://www.bleepingcomputer.com/forums/t/299183/i-think-im-still-infected-with-virtumonde/

I have tried many ways to remove Virtumonde to no avail. It will go thorough the list and remove all of the tools it finds and then delete itself (requiring a reboot). Click to open the log> 2. Apr 11, 2009 #3 Bobbye Helper on the Fringe Posts: 16,335 +36 Tungstencalais, we have some work to do before making sure the Rootkit is gone: 1.

If you're really paranoid and want a final scan, remove your anti-virus software (uninstall) reboot and run combofix. "Living tomorrow is everyone's sorrow. Double-click MCPR.exe to run the removal tool. 5. not sure what I did, they kept coming back after deletion. No internet connection needed.

Hope it isn't a problem.All of the necessary logs are attached, and here is the post from the DDR.Txt file:DDS (Ver_09-12-01.01) - NTFSx86 Run by Clemons at 11:03:08.62 on Sun 02/28/2010Internet Apr 11, 2009 #2 Tungstencalais TS Rookie Topic Starter Hi Bobbye, thanks for the help. remember what I told you about removing processes from Startup. https://forums.malwarebytes.org/topic/17814-virtumondesdn-detected/ Indifference will be the downfall of mankind, but who cares?

I suggest you disable that for now so you don't backup malware. I initially tried to get Malwarebytes and a McAfee uninstaller on a flash drive from a clean comp to my infected comp in safe mode, but it doesn't recognise the USB I then found this article of yours on Google and I tried what you said and guess what it's gone! You need internet for it to update, so try regular mode then safe mode with networking.

then boot into safe mode and run the free Spybot and the vundofix.exe program. my response By joining you are opting in to receive e-mail. The virus also writes to cookies on the infected computer and may visit more than one internet site. Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Freddo says: August 14th, 2008 at 16:53 I got one… Thanks for telling me how to kill it. this contact form Clean sources for files: http://www.filehippo.com/download_ccleaner/ http://www.bleepingcomputer.com/download/rkill/ http://www.bleepingcomputer.com/download/tdsskille... I'm still not sure, but I definitely think my computer is faster before the computer got infected. Seen it a lot lately.

I'd imagine Ubuntu to be one of the most consumer-friendly distros on the market. Time flies like an arrow, however, fruit flies like a banana. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. have a peek here These aren't related to the current issue though, I don't think.

It doesn't seem to be affecting the system at all, so I'm probably not going to do anything more with it for now, unless you think I should delete the sptd.sys Apr 14, 2009 #8 Tungstencalais TS Rookie Topic Starter Hi Bobbye, I'll rescan with MBAM, SAS then Combo-Fix and HJT again. Because I have the feeling that Winpatrol is interfering here with Spybot after reboot.Then post a new HijackThislog in your next reply.

Webmaster Forum RE: virtumonde kjv1611 (IS/IT - Management) 27 May 14 13:03 LOL - yeah, I'd like to go all Linux myself, but there are some applications that I use on

Digital Footprint Internal IP Address Broadband Speed Test Speed Test (Java) Keyboard Lesson Mortgage Calculator Yes or No? and sometimes my antivirus can not detect them. I had to run explorer.exe from the task manager. Please do not multiple post here, as that only pushes you further down the queue and causes confusion to the staff.Please be patient.

Security Tests Free Software Web Tools Email Scams & Spam Computer Security News Spy Gear Internet Safety Miscellaneous Old About AuditMyPC.com Kudos Free Icons for Linking Dedicated Web Server Hosting Stay Please?Hello While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. Did you then delete the files? http://tagnabit.net/i-think/i-think-i-have-a-virus-virtumonde-sdn.php Having a full list of objects infected with VirtuMonde.C, I compared them to the ones discovered by the other antispyware packages and was left with two.

How do I get a hold of the SuperAntiSpyware? Anyway, can you try to install it with your Antivirus, Firewall or any other security program disabled? Run combofix.exe. So do you think I'm infected?

Can you get into Safe Mode? 3. The main problems are with IE - it's not letting me access too many sites (e.g. I then reversed a change that I had made initially when I contracted the virus, when I changed from a selective start-up of programs (which I was using before I got I'd like to comment on a couple of things, and point out another: I agree with Goomba almost 100% on Spybot S&D - I don't generally use it, but occasionally it

RE: virtumonde goombawaho (MIS) 19 May 14 11:52 Here's a good question: WHY are you getting Virtumonde in the first place. Okay, from the Application Errors ID#1000, we know IE had a problem, but no module is given and I can't ID fault address 0x10051e39. Internet is working fine, with no error messages at all.