Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think I'm still infected with virtumondo


  • Please log in to reply
5 replies to this topic

#1 akia13

akia13

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 06 March 2009 - 03:20 AM

Well i came on here a year ago. with two trojans. i followed your guides and i thought i have succesfully deleted all the threats.

I play an online mmo and it's been hacked twice since then. So apparantly i didn't do a thorough enough job or i have a hidden back door.

I have since the recent hack downloaded Zone Alarm (firewall) and Spybot. Spybot detected virtuemondo.dll the day of dl'ing it. and ever since then my symantic antivirus has been detecting something daily. (past two days)

Just seeing what steps i should take to rid myself of these lingering threats.

Thanks in Advance

BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,820 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:50 AM

Posted 06 March 2009 - 06:41 AM

I think you should download Malwarebytes Antimalware and see if it finds something.

[post="http://www.bleepingcomputer.com/forums/t/196644/error-ads-need-to-be-loaded-from-adcode-if-you-keep-getting-this-error-contact-your-account-rep/?p=1100727"]Malwarebytes antimalware instructions[/post]

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 akia13

akia13
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 06 March 2009 - 01:07 PM

Thank you Elise, I'll do that this morning

#4 akia13

akia13
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 06 March 2009 - 01:49 PM

Malwarebytes' Anti-Malware 1.34
Database version: 1824
Windows 5.1.2600 Service Pack 2

3/6/2009 12:48:47 PM
mbam-log-2009-03-06 (12-48-47).txt

Scan type: Full Scan (A:\|C:\|D:\|E:\|F:\|)
Objects scanned: 231083
Time elapsed: 32 minute(s), 15 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\Gameeeeee.vbs (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.


Any of that bad?

#5 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,820 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:50 AM

Posted 06 March 2009 - 03:31 PM

It is good to doublecheck to see if the found items are definitely gone, so you should perform a new scan to see if the items do not reappear.
To check for spyware I suggest Super Antispyware.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#6 akia13

akia13
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 06 March 2009 - 03:40 PM

thanks again. will do.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users