Filed under: Windows Repair Software
How do I get rid of Virtumonde/Trojan.Winfixer? I've tried everything!?
August 14, 2010
10 thoughts on “How do I get rid of Virtumonde/Trojan.Winfixer? I've tried everything!?”
Comments are closed.
Clean Registry and Optimize PC
Visit http://www.downloads.com and download avg free edition,ad aware and spybot search and destroy.These programs worked great..After downloading this programs and scanning your computer,you might also want to tune up your computer and stuffs,visit this Microsoft website>>http://safety.live.com/site/en-us/default.htm .They offer free full service scan on your computer and will also tune up your computer by removing unnecessary files.Hope this information helps!PS:You can try to find out more about these virus and find the cure for it..Some websites tell you how to delete the virus step by step..
Dont listen to the plonkers who say AVG will remove this – it wont.
Try this link & use the free tool if it does not remove it post a HJT log for more help:
http://www.bleepingcomputer.com/forums/topic18610.html
you can download AVG antivirus from http://www.grisoft.com
to solve your problem.
You might have the Vundo rootkit variant, see below.
Vundo Fix
Windows all
VirtumundoBegone (if VundoFix does not work)
VirtumundoBeGone has not been tested on Vista platforms
http://www.bleepingcomputer.com/forums/topic18610.html
http://www.atribune.org/
Vundo Rootkit Removal
http://wiki.castlecops.com/Vundo_Rootkit_Detection_and_Removal_Procedure
========================
Install update and run Superantispyware
http://www.superantispyware.com/
Easily remove over 100,000 pests such as AntiVirGear, VirusProtectPro, DriveCleaner, SmitFraud, Vundo, WinFixer, SpyAxe, SpyFalcon, WinAntiVirus, AntiVermins, AntiSpyGolden and thousands more!
========================
If you follow all the following steps it should get rid of your problem and prevent future problems. All programs listed are free.
——————————
Update your Full Time (Active) antivirus and run a full scan.
If you do not have active virus protection, install only one. All are excellent.
AVG Antivirus 7.5 Free Edition
Windows 98/Me/NT/2000/XP/Vista
http://free.grisoft.com/freeweb.php/doc/avg-anti-virus-free/lng/us/tpl/v5
http://www.download.com/AVG-Anti-Virus-Free-Edition/3000-2239_4-10669237.html?tag=lst-0-1
or
Free antivirus – avast! 4 Home Edition
Windows 95/98/Me/NT/2000/XP/Vista
http://www.avast.com/eng/avast_4_home.html
or
Avira AntiVir PersonalEdition Classic
Windows 95/98/Me/NT/2000/XP/Vista
http://www.free-av.com/
http://www.download.com/3120-20_4-0.html?tg=dl-20&qt=Avira&tag=srch
———————————————————
Update your Full Time (Active) spyware protection and run a full scan. If you do not have active spyware protection, install:
Windows Defender (Included with Vista)
http://www.microsoft.com/athome/security/spyware/software/default.mspx
———————————————————
Install the following four programs and run weekly or at least monthly. You need all four. They are not a substitute for full time spyware and virus protection. They will greatly increase your protection. Spybot Search & Destroy and SpywareBlaster immunize your computer against over 47,000 threats Install and run now.
Ad-Aware SE Personal (update + full scan)
Windows 2000 (Pro and Server), Windows Server 2003, Windows XP (Home and Pro), Windows Vista (32-bit)
http://www.lavasoftusa.com/products/ad-aware_se_personal.php
Spybot Search & Destroy (update + immunize + scan)
Windows 98/Me/NT/2000/XP/Vista
Do not enable Tea Timer and SDHelper
After installation: update + scan + immunize
http://www.safer-networking.org/en/mirrors/index.html
SpywareBlaster 3.51: Update then open and click “enable all protection”.
Windows All
http://www.javacoolsoftware.com/spywareblaster.html
http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/SpywareBlaster.shtml
SUPERAntiSpyware free version: (update + scan)
Windows 98/Me/2000/XP/2003 Server/Vista
http://www.superantispyware.com/
——————————
Install:
CCleaner:
Windows 95/98/Me/NT/2000/XP/2003 Server/Vista
http://www.ccleaner.com/
Do not install optional toolbar.
Removes tracking cookies, unneeded files, history
In options.
Set to run when computer starts.
Place cookies you want to keep in save list
————————————————-
Install either one not both. I use McAfee Site Advisor.
McAfee Site Advisor: Internet Explorer and Firefox
IE: Windows 98/ME/2000/XP/Vista (XP recommended)
Firefox: Windows 98/ME/2000/XP/Vista, Linux and Mac OS X
http://us.mcafee.com/root/product.asp?productid=sa
McAfee SiteAdvisor helps protect you from all kinds of Web-based security threats including spyware, adware, spam, viruses, browser exploits, and online scams.
TrendProtect™
XP SP2, XP ProX64 SP1, Win 2000 SP4, Vista
http://www.trendsecure.com/portal/en-US/free_security_tools/trendprotect.php
TrendProtect is a FREE browser plug-in that helps you avoid Web pages with unwanted content and hidden threats.
——————————–
Note if a scan detects a problem but is unable to remove, start the computer in safe mode with the internet line disconnected and run a full scan.
In severe cases your system restore files will also be infected. In these cases you will need to turn off system restore to prevent malware hiding in the system restore files and reinfecting the computer during removal or during a future system restore. Turning off system restore deletes the system restore files.
Right click on "my computer"> Properties > System Restore Tab > Check box turn of system restore
After the malware is removed turn on system restore.
——————————
Run this time:
CWShredder: run
XP/2000/Me/98 SE/ NOT FOR VISTA
http://www.trendmicro.com/cwshredder/
Shoot The Messenger
NT/2000/XP / NOT FOR VISTA
http://www.grc.com/stm/shootthemessenger.htm
VX2 tool for Ad-Aware and run tool (Install and run)
Windows 2000 (Pro and Server), Windows Server 2003, Windows XP (Home and Pro), Windows Vista (32-bit)
http://www.lavasoftusa.com/support/securitycenter/vx2_cleaner.php
—————————————–
Special Removal Tools
Run only if indicated
Roguefix.bat Windows XP only
http://www.internetinspiration.co.uk/roguefix.htm
SmitFraudFix
SmitFraudFix only works with Windows XP or 2000
http://www.geekstogo.com/forum/How_to_use_SmitFraudFix-t109268.html
Vundo Fix
Windows all
VirtumundoBegone (if VundoFix does not work)
VirtumundoBeGone has not been tested on Vista platforms
http://www.bleepingcomputer.com/forums/topic18610.html
http://www.atribune.org/
Vundo Rootkit Removal
http://wiki.castlecops.com/Vundo_Rootkit_Detection_and_Removal_Procedure
——————————
Run this time and monthly:
Microsoft Update:
Run in "Custom Mode". Install everything, reboot and repeat until nothing is left to install.
http://www.update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us
Microsoft OneCare Live Safety Scan, run “full service scan”
Updates windows, virus and spyware scan, disk cleanup, disk fragmentation (if needed), backs up registry and then cleans registry, and checks for open firewall ports
Microsoft Windows XP, Windows 2003, or Windows 2000
http://onecare.live.com/site/en-us/default.htm
Safety Scan for Windows Vista
http://onecare.live.com/site/en-US/center/whatsnew.htm
Malicious Software Removal Tool (run “full scan”)
Vista, XP, Win 2000, and Server 2003
http://www.microsoft.com/security/malwareremove/default.mspx
——————————
Rootkit Removers
Pick any 2 install and run one each month.
AVG Anti-Rootkit
MS Windows 2000 (32-Bit) or MS Windows XP (32-Bit)
http://free.grisoft.com/doc/download-free-anti-rootkit/us/frt/0
F-Secure BlackLight
Windows 2000, XP (32 and 64-bit), 2003 Server (32 and 64-bit) and Vista (32-bit only)
http://www.f-secure.com/blacklight/
Panda Anti-Rootkit
Windows 2000/XP
http://www.pandasecurity.com/homeusers/downloads/register?Tipo=1&CodigoProducto=39&Idioma=2&TipoUsuario=1&sec=down&Country=US-en&TipoLead=2&Ref=WWEN-ROOTK-DES&track=36355
http://www.download.com/Panda-Anti-Rootkit/3000-2239_4-10717197.html?tag=lst-0-1
Sophos Anti-Rootkit
Win NT 4.0 (SP 6a with IE 4.0), Win 2000 , XP, Server 2003
http://www.sophos.com/products/free-tools/sophos-anti-rootkit.html
——————————
Online Free Scanners:
Run Trend Micro, Kaspersky, and Panda Scan now.
Run a different one each month.
BitDefender Online Scanner
http://www.bitdefender.com/scan8/ie.html
CA eTrust® PestScan
http://pestpatrol.com/pestscan/index.htm
ESET Nod32 Online Scanner
Win 98/ME/NT 4.0/2000/XP/Vista
http://www.eset.com/onlinescan/index.php
ewido anti-spyware
http://www.ewido.net/en/onlinescan/
eTrust Antivirus Web Scanner
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
F-Secure Online Virus Scanner
http://support.f-secure.com/enu/home/ols.shtml
Kaspersky – Free Online Virus Scan
http://www.kaspersky.com/virusscanner
McAfee – Free Scan
http://us.mcafee.com/root/mfs
Panda Software – ActiveScan
http://www.pandasecurity.com/homeusers/solutions/activescan/?
Symantec (norton) – Security Check
http://security.symantec.com/sscv6/default.asp
Trend Micro™ HouseCall
——————————
Additional Information:
http://www.techsupportforum.com/security-center/hijackthis-log-help/15968-updated-important-read-before-posting-log.html
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Overview
http://wiki.castlecops.com/Malware_Prevention:_Prevent_Re-infection
http://aumha.org/a/quickfix.htm
http://aumha.org/secure.htm
http://aumha.org/a/parasite.php
http://www.castlecops.com/t102301-Hijackthis_Guidelines_Read_Before_Posting.html
http://forum.aumha.org/viewtopic.php?t=4075&sid=901703d08c2ace31389ffef2d84b6607
iv had the same probelms you cant get rid of them they’ll destroy your scanners i suggest finding it and useing a unlocker(to delete any files no matter what)and find it and delete it maunaly
or set ur avg to delete it always
try avg…usually does the job…but u shud try looking for it manuelly….
VirtuMonde is an aggresive adware application that can seriously slow your computer and generate tonns of commercial pop up’s. VirtuMonde have a spyware module, designed to track all activity and monitor surfing habits. Also this nasty adware can hijack and redirect your browser.
—
try this manual removal instructions. good luck!
Go to http://www.atribune.org and click on Downloads, Download Vundo Remover, this will do the job for you. Virtumonde in a nasty virus in the Vundo family, this remover should clean you up, download AVG as well to refrain from future infections.
go to my computer and back set you computer to a previous date and this will fix the problem (i had a similar issue and this was the only fix). Very easy to do you do not have to be a techy….
Turn off your System Restore and run Super… again, this time in safe mode, with your hidden files shown.
How to start in safe mode: http://www.bleepingcomputer.com/tutorials/tutorial61.html
How to show your hidden files: http://www.bleepingcomputer.com/tutorials/tutorial62.html
How to turn System Restore off and on: http://www.pchell.com/virus/systemrestore.shtml
When you’re all done, reboot in normal mode, re-hide those files you unhid and turn System Restore back on.
This should do it.