Anyone know how to kill Virtumonde?

Discussion in 'OT Technology' started by Irom, Jun 20, 2008.

  1. Irom

    Irom OT Supporter

    Joined:
    Apr 17, 2003
    Messages:
    49,726
    Likes Received:
    299
    Spybot S&D says it's there but can't remove it. It apparently very aggressive.
     
  2. P07r0457

    P07r0457 New Member

    Joined:
    Sep 20, 2004
    Messages:
    28,491
    Likes Received:
    0
    Location:
    Southern Oregon
    you can try avast or adaware with their run-after-boot scans.
     
  3. P07r0457

    P07r0457 New Member

    Joined:
    Sep 20, 2004
    Messages:
    28,491
    Likes Received:
    0
    Location:
    Southern Oregon
    according to a google search, the solution seems to be boot to the xp cd and use the recover console. delete the c:\windows\help\mui\accas.dll file, reboot to windows, and run spybot/adaware/anti-virus scans to clean things out.
     
  4. FartLighter

    FartLighter Resident Fart Expert OT Supporter

    Joined:
    Jul 5, 2005
    Messages:
    2,853
    Likes Received:
    9
    Location:
    Mammoth Lakes, CA
    That thing is horrible to kill. If all of the automatic methods don't get rid of it (adaware etc.), then try a manual removal in Safe Mode. You can find instructions by Googling. That was the only way I could finally get rid of it without it reinstalling itself.
     
  5. KoopaTroopa

    KoopaTroopa OT Supporter

    Joined:
    Jun 3, 2004
    Messages:
    4,661
    Likes Received:
    0
    Location:
    Fall River, Mass
    I had it a couple months ago. I had to reformat for my PC after f'ing up the removal. I thought I removed it, but it would restart itself a couple minutes later. Googled for help, f'ed something up in my boot drive, so I had to reformat my PC.
     
  6. GreyRS

    GreyRS Your ignorance cramps my conversation.

    Joined:
    Jun 8, 2000
    Messages:
    1,891
    Likes Received:
    0
    Location:
    FL
    Do a search for the following- Virtmundobegone, combofix, and Vundofix. Where I work at, we have been able to clear it up with one or all of these. You have to run them in safe mode with system restore turned off before you run them. I usaully ran SpyBot first. Good luck.
     
  7. Chris

    Chris New Member

    Joined:
    Oct 27, 2003
    Messages:
    14,711
    Likes Received:
    0
    Location:
    Texas on my mind
    :werd:

    you can also sign up for a 30 day trial of kaspersky anti-virus
     

Share This Page