Virtumonde now coming with other rootkits
As you will know from reading this blog Virtumonde has been aroudn since 2004. This Trojan virus is always mutating and changing to avoid detection. It does seem that now when people are infected with Virtumonde they also are being infected with root kits. This is a very big deal as rootkits are some of the hardest infections to remove.
On this site you will notice we do recommend using Spyware Doctor with Antivirus as it’s one of the only security suits that can remove virtumonde. It is very important for those that end up purchasing this program that they go to the settings and click the check box to “Scan for hidden Rookits”. This will help Spyware Doctor with Antivirus not only fully remove virtumonde but also clean any of the hidden rootkits out.
As always we do recommend following out Expert Removal guide located on top. This will help give you an action plan for removing this threat. As well if you are in over your head and need an expert we suggest using www.onlinecomputerrepair.org. This is a U.S. based computer repair company that can remote into your computer and fully remove all viruses and trojans or you don’t pay a cent. The best part is it’s about half the cost of taking your computer to a shop and a whole lot cheaper then calling in a tech. This is a very small company and they have a total of 3 workers. Mark, Ryan and Jason. All three are great to work with. I have used them many times before when I am too busy to clean clients computers myself.
January 29th, 2009 at 4:48 am
Thanks for your information. I have just recently been infected with this trojan and I am having a hard time trying to get rid of it. I used spyware doctor but it says I have to pay to be able to remove the virus. Is there another way?
January 29th, 2009 at 5:12 am
There are always other ways. We do encourage people to purchase a REAL client as all free clients don’t offer jack for protection. Only Avast has upfront protection out of all the free clients and that one is very stripped down compared to the real version.
Have you checked out our FREE software section on top? We list ALL the most popular free clients and have links to the sites. It’s a really great resource. If you download them all and run all the scans you should be virus free. In the end you should still run a scan of Spyware Doctor just to make sure you don’t have anything left. It it just finds cookies then don’t worry about. Still as an expert I don’t care what you buy but get a real client and not a free one.
February 3rd, 2009 at 1:29 am
Thanks for the tips. I purchsed 3 different programs, Mcaffe, Norton and the paid AVG version. None of them worked. I tried the Spyware Doctor program and it removed everything. Finally got my Computer back. Thanks again for letting me know what works to remove virtumonde.
I’m going to get my money back on the other products as they did nothing to fully stop this threat. Can’t belive how hard this thing is to remove.
February 10th, 2009 at 7:41 am
This software worked for me to remove virtumonde. I still am not sure were I got infected because I only go to a few websites each day and they are all the same. Maybe it was from an e-mail. Regardless I am clean and protected
March 17th, 2009 at 2:46 pm
My computer has been infected with the Virtumonde Trojan, and as recommended on this site, I downloaded Spyware Doctor with Antivirus, purchased a license, and scanned my computer. I’ve done maybe three or four full scans, which take a considerable amount of time. At the end of each scan, I fix all the problems and reboot if Spyware Doctor says it’s necessary.
However, through all this, I am still unable to clear the virus from my system. (And yes, I did turn on ‘Scan for hidden rootkits’.)
Do you have any ideas as to why this isn’t working?
Thanks much.
March 17th, 2009 at 3:14 pm
From time to time people who are heavily infected may need more help then just one program.
I would suggest you use the free Spybot search and destroy and the free malwarebytes as well. Install both of them and make sure they are up to date.
Then boot into safe mode and run all three scans.
If you are still infected then I would use Smitfraud.exe and combofix.exe. Just google both of those and you will find the free program. Please make sure to backup all your computer files first just in case something goes wrong.
If after all of this you are still infected then it is time to call in a pro. We do suggest using http://www.onlinecomputerrepair.org because they are very good at removing viruses and they have very affordable plans.
Keep in mind that PCtools does offer free support as well for all of their products. They can also assist you in removing threats.
March 17th, 2009 at 3:21 pm
Thanks much. I will try those.
I’ve run both Spybot S&D and Smitfraud scans, still haven’t tried combofix.exe due to the risk of system troubles I’ve about in regards to that program. If it were my personal computer, I wouldn’t have any reservations, but it’s a work computer that’s been infected.
Thanks again for the suggestions. I’ll post here when I’m done to let everyone know how it went.
March 20th, 2009 at 3:51 pm
Ok. I rebooted in Safe Mode and ran full scans with Spybot Search & Destroy, Malwarebytes, and Spyware Doctor with Antivirus. Any problems that arose were fixed. Upon a confirmatory scans, a few new problems were found related to Virtumonde/Vundo, and I fixed those as well. After that, I’ve run two more confirmatory scans each with Malwarebytes and Spyware Doctor with Antivirus while in normal Windows mode. Everything has shown up clean, and as far as I can tell, my system is clear of the virus.
However, I’ve had some performance troubles since then. My computer has locked up periodically, but overall, everything is working much better. To anyone that has tried to remove Virtumonde using Spyware Doctor with Antivirus and failed, I would recommend the steps suggested by the Virtumonde Removal website listed in response to my first question on this post.