Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Virtumonde Infection (and More?)

  • Please log in to reply
1 reply to this topic

#1 BootLeg


  • Members
  • 1 posts
  • Local time:06:01 PM

Posted 19 May 2008 - 07:11 PM

Recently, I found that my Firefox wouldn't load pages every other try. I did a few scans with Spybot and found that Virtumonde would keep reappearing. I read a tutorial on this site and tried VundoFix and VirtumundoBegone. Neither found anything in both normal and safe modes so I did a full scan with SpywareDoctor. It located and deleted Virtumonde and several other malware that I didn't know I had. Rebooted my computer and rescanned; Virtumonde was back. Same result from Ad-Aware scans.

I don't know if this matters but I also browsed through my processes and noticed that vsmon.exe, svchost.exe, and explorer.exe looked to be using too much memory. This lead me to believe there might be other malware bogging down my computer.

I hope someone here can help me out :thumbsup:

BBCode errors keep me from posting the logs so I've attached them to this post. If you could find a work-around for me, I'd gladly post rather than attach.

Attached Files

Edited by BootLeg, 19 May 2008 - 07:18 PM.

BC AdBot (Login to Remove)


#2 Yourhighness


    The BSG Malware Fighter

  • Malware Response Team
  • 7,943 posts
  • Gender:Male
  • Location:Hamburg
  • Local time:11:01 PM

Posted 15 June 2008 - 03:49 AM

Hello BootLeg and welcome to BleepingComputer!

Apollogies for the delay. The forum has been very busy lately and. If you are still having problems, then please post a brand new HijackThis log as a reply to this topic. Before posting the log, please make sure you follow all the steps found in this topic: Preparation Guide For Use Before Posting A Hijackthis Log.

When posting your log, please make sure you post the HijackThis log as a reply and not as an attachment.



"How did I get infected?" - "Safe-hex" - Member of UNITE -
Posted Image

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users