Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trying to be sure Virtumonde is gone


  • Please log in to reply
5 replies to this topic

#1 Resheal

Resheal

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 01 February 2010 - 01:21 PM

Hello,
I have a Sony Vaio Desktop with Windows 7 installed. It is on a network with 2 other computers. The Vaio is Ethernet connected, the other 2 are wireless.
Until yesterday the vaio was running xp. I encountered the virus 3 days ago. I had three antivirus softwares installed, they are AVG Antivirus, Malwarebytes, and Spybot search and destroy. I ran spybot after becoming suspicious when malwarebytes would not open. Spybot picked up Virtumonde. I had already planned to change the OS from XP to 7. When I found the virus I thought that change would be good to do then. During the os change windows created "windows old". I reinstalled all programs and antivirus, AVG found nothing, Spybot nothing, Malwarebytes found Vundo in the "Windows Old" file. I also backed up 110gb of data from the XP environment to a WD 500gb external drive. I am not sure if my fresh install has been infected or if I should access any of my backed up data. Are the other computers on the network infected? I don't know what to do. Thanks for any advice in advance. Randy

BC AdBot (Login to Remove)

 


#2 whiteac2k4

whiteac2k4

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:57 AM

Posted 01 February 2010 - 01:31 PM

Scan and clean windows.old. You should be fine. The virus/malware needs to be ran/installed into say the registy, startup, etc. Since you did a fresh install and backed up everything from teh previous install i would delete windows.old and pull data over to your new OS from your backup drive.

#3 Resheal

Resheal
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 01 February 2010 - 03:27 PM

Thank you for the response. One more question though, does it matter that the 110gb of data I have backed up was compiled by Windows Easy Transfer? Could it have backed up the virus in some file or setting? Sorry if this is a dumb question, I just want t be rid of this virus. Thanks, Randy

Edited by Resheal, 01 February 2010 - 03:29 PM.


#4 whiteac2k4

whiteac2k4

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:57 AM

Posted 02 February 2010 - 09:14 AM

Yes it could have backed up the virus as well. I would run a full system scan on the backup with Malwarebytes and any good AV program.

#5 Resheal

Resheal
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 02 February 2010 - 10:26 PM

Thanks again for the help. I've scanned the backup file with Malwarebytes and AVG. I'll also scan the computer each time I re-introduce an old file. Overkill?

#6 whiteac2k4

whiteac2k4

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:57 AM

Posted 03 February 2010 - 02:10 PM

Personally I am a fanatic when it comes to secruity and my PCs overall well being. I dont think its overkill at all. Good luck and I am glad you came to BC.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users