dude, linky the tool you used
| H|H ~ The Hampshire Heavies Community : Forum http://www.thehh.eu/forum/ |
|
| Trojan halp - Virtumonde http://www.thehh.eu/forum/viewtopic.php?f=30&t=6913 |
Page 1 of 2 |
| Author: | Bedizen [ Sat Nov 27, 2010 8:20 pm ] |
| Post subject: | Trojan halp - Virtumonde |
Well. Spybot picked this up the other day and after a scan, remove, reboot it was still present on the next round. Thinking "oh well, it was about time anyway" I formatted my OS partition and did a fresh install of XP. Still there on the next scan. Since then I've tried nailing the little fucker down, but here my woes begin. When I scan my system with Avast (free), Malwarebytes, SuperAntiSpyware, Rootrepeal and MGTools nothing is showing up. Zero. Nada. But it's still showing up in Spybot. I've spent the whole day watching scanning status bars so tell me: WHO DO I TRUST, WHAT CAN I BELIEVE, WHO IS TELLING THE TRUTH?! |
|
| Author: | Sen-Commander [ Sat Nov 27, 2010 8:30 pm ] |
| Post subject: | Re: Trojan halp - Virtumonde |
Nasty thing, had it once, spread via the network. Remove Version A with : http://www.atribune.org/ccount/click.php?id=4 Remove Version B with : http://www.symantec.com/business/securi ... 10-3747-99 More info: http://hubpages.com/hub/Virtumonde-Removal-Tools |
|
| Author: | bomaster [ Sat Nov 27, 2010 8:31 pm ] |
| Post subject: | Re: Trojan halp - Virtumonde |
lol im having a similar problem, not tried spybot but my os is behaving strangely as of late and again avast picks up nothing. as soon as i see firefox opening on its own and loading bollox i know somethings amiss.also avast is unable to update since this has started. if i find out what kills it ill let you know |
|
| Author: | Bedizen [ Sat Nov 27, 2010 10:34 pm ] |
| Post subject: | Re: Trojan halp - Virtumonde |
Did it! Booted into safe mode, ran spybot once again, it killed the files and they haven't returned on a normal reboot. Created new system restore point, cleaned all the shit. Sorted. Spybot is an awesome program, I do recommend it to anyone with problems - just run it in safe mode if you are definitely sure you are infected (especially with trojans, which constantly change file/registery names). |
|
| Author: | bomaster [ Sat Nov 27, 2010 11:24 pm ] |
| Post subject: | Re: Trojan halp - Virtumonde |
dude, linky the tool you used
|
|
| Author: | fluff-a-licious [ Sun Nov 28, 2010 12:32 am ] |
| Post subject: | Re: Trojan halp - Virtumonde |
http://www.safer-networking.org/en/index.html I guess you meant Spybot Search & Destroy right? Oh bo, you are so lazy 
|
|
| Author: | bfox [ Sun Nov 28, 2010 12:53 am ] |
| Post subject: | Re: Trojan halp - Virtumonde |
hmm id go with not having a partition tbh |
|
| Author: | Bedizen [ Sun Nov 28, 2010 12:00 pm ] | |||||||||
| Post subject: | Re: Trojan halp - Virtumonde | |||||||||
Weeeell, having a partition means I've list no data from formatting and doing a fresh install. It's useful. And yes, fluffs link is the one bo. |
||||||||||
| Author: | bomaster [ Sun Nov 28, 2010 4:02 pm ] |
| Post subject: | Re: Trojan halp - Virtumonde |
didnt work, installed sophos rootkit and found 8 files but it wont remove them... the reason i didn't look for that myself is that iv not used it before and couldn't tell the genuine from the fake AV tool. the amount of fakes out there are incredible |
|
| Author: | Negcreep [ Tue Nov 30, 2010 12:43 pm ] |
| Post subject: | Re: Trojan halp - Virtumonde |
Another one to try is a program called 'Malware bytes'. It can spot some things that spybot won't. http://www.malwarebytes.org/ |
|
| Page 1 of 2 | All times are UTC [ DST ] |
| Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/ |
|
