Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Virtumonde infection

  • Please log in to reply
1 reply to this topic

#1 caseface


  • Members
  • 2 posts
  • Local time:07:37 AM

Posted 28 December 2008 - 07:01 PM

My computer (running Windows XP) became un-usable, running extremely slowly before crashing, with the internet only opening Pop-ups.

I have run McAfee Anti-virus, Spybot Search & Destroy, and Malwarebytes' Anti-Malware, both in 'Normal' and in 'Safe' modes. Each of these scans have found several Trojans / Malware which they apparently removed, including Trojan.virtumonde, Smithfraud-C and "Malware.Trace".

Currently Spybot is finding 3 occurances of "Win32.Agent.pz" every time it is run, and Malwarebytes shows "Malware.Trace" each time it's run, even though I choose to "fix problems" after scanning with both programmes.

Other current symptoms are slow operation (for example it takes a minimum of two minutes for an Internet Explorer window to open after clicking on the shortcut), my Windows Firewall being disabled each time the computer is started, and something which is trying to connect to the internet al lthe time.

BC AdBot (Login to Remove)


#2 boopme


    To Insanity and Beyond

  • Global Moderator
  • 73,490 posts
  • Gender:Male
  • Location:NJ USA
  • Local time:11:37 AM

Posted 28 December 2008 - 08:51 PM

Hello,please run Part 1 of S!Ri's SmitfraudFix

Please download SmitfraudFix

Double-click SmitfraudFix.exe
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.

Next:Open MBAM and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan.
After scan click Remove Selected, Post new scan log and Reboot.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users