Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Computer Infected With Virtumonde?!

  • Please log in to reply
1 reply to this topic

#1 lee1234


  • Members
  • 1 posts
  • Local time:02:22 AM

Posted 14 January 2008 - 10:11 PM

Hello, I have a problem that I have seen before in this forum but don't know how to get rid of it. I get an antivirus popup ad when I restart my computer in the lower right icon tray. It want's me to run their program. I just close it. Also all of my old restore points were erased. It also seemed to disable my Microtrend PCillin so I was stuck. So I downloaded a trial version Pcillin pro from trend. It said it had quarintined many items of spyware including virtumonde. I also had a view viruses I had not seen before. I recognize most of them as being versions of virtumondein .dll files. Well I ran Vundofix and Virtumondebegone that I got from advice here. Well neither one worked. It still has the popup when I start and quarintines virtumonde every time I start up. I can create restore points but I know they have the virus. I have Windows XP, PCillin Pro, and hijack this. So what do I do? Thanks.

BC AdBot (Login to Remove)


#2 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 51,595 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:22 AM

Posted 15 January 2008 - 10:19 AM

Some variants of vundo may not be detected by Vundofix so the "Add more files" or "Drag & Drop" options are other ways of ridding this malware. These files need to be identified and posting a hijackthis log will enable an expert to advise you which files to add if you continue to have problems. If the infection remains after using VundoFix, then you should post a hijackthis log.

Please read and follow all instructions in the pinned topic titled "Preparation Guide For Use Before Posting A Hijackthis Log". In step #9 there are instructions for downloading HijackThis and creating a log. (This is a self-extracting version which will automatically install HJT in the proper location.)

Important: Some variants of vundo malware will hide certain entries in a hijackthis log to prevent detection so you need to rename HijackThis before using it.
  • After installing HijackThis, open My Computer or Windows Explorer and navigate to the HijackThis Folder.
  • Inside the folder, right-click on the HijackThis.exe file and rename it Scanner.exe.
  • Double-click on Scanner.exe (which is still HijackThis) run a scan, save the logfile and copy/paste it into a new topic in the HijackThis Logs and Analysis Forum, NOT here, for assistance by the HJT Team Experts.
Give your topic, a relevant title and post your log along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. Please include the top portion of the HijackThis log that lists version information. An expert will analyze your log and reply with instructions advising you what to fix.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users