Can't eliminate virtumonde virus [Archive] - Glock Talk
PDA

View Full Version : Can't eliminate virtumonde virus

Dragline
12-27-2008, 08:31
My wife's notebook computer got a dose of the virtumonde virus or trojan.

Spybot was able to find and eliminate most of it. But two files still remain (see pic) and I don't seem to be able to delete them.

Spybot finds them every time and indicates they have been deleted but they keep coming back.
I went into regedit, found them, and attempted to delete them manually from there. Deletion apppears successful at first, but these two files reinstall themselves within minutes.

Any ideas of how they could be permanently deleted?

http://img.photobucket.com/albums/v95/pal531/Sale%20Items/Viruspic01.jpg

This may produce a larger view of the pic.

http://img.photobucket.com/albums/v95/pal531/Sale%20Items/Viruspic01.jpg
StarfoxHowl
12-27-2008, 08:49
Back up all documents/settings on the laptop to an external disk drive, format and reinstall the operating system, applications and finally the data.
srhoades
12-27-2008, 09:12
Back up all documents/settings on the laptop to an external disk drive, format and reinstall the operating system, applications and finally the data.


Or you could acutally fix the problem. Download malwarebytes from malwarebytes.org. Install it, if the updater fails during the install just run it again from the actual program.
Blitzer
12-27-2008, 11:16
Delete the registry keys with regedit and run the Microsoft malicious software removal tool or malwarebytes.org software.
Dragline
12-27-2008, 11:32
Or you could acutally fix the problem.

Yeah, that was kinda my hope.
I'll try malwarebytes and if that doesn't do it maybe I'll try one or more of these from bleepingcomputer.

http://www.bleepingcomputer.com/malware-removal/remove-vundo-virtumonde

Thanks, I'll post later how I make out.
Neo31rex31
12-27-2008, 11:48
I had this on my PC before, got rid of it with "Hijack this" (if i remember correctly there were actually 6 registry keys associated with this) there is also fix you can download from www.majorgeeks.com
Dragline
12-27-2008, 18:57
Or you could acutally fix the problem. Download malwarebytes from malwarebytes.org. Install it, if the updater fails during the install just run it again from the actual program.

Well malwarebytes seemed to have worked!!
It found a bunch of stuff that spybot did not find, and those values found in my regedit search seem to be gone as well.
Hopefully this takes care of it for good.

Thanks so much for the info and the recommendation of this tool!