Vundofix Madness – 6150 infected objects

So, what the ~ censored ~ is happening with my PC? I’ve just ran a scan with this program Vundofix suggested to remove that damn Virtumonde which came with the fake Vitality crack for Mass Effect (i’d like to kill the author of that crap) and I find that 6150 files are infected by something. There are most, if not all, of the files of the XP SP3, system files and some hundred of DLLs.
Should I tell VundoFix to fix everything or not? By “fixing” does it mean he’ll delete every damn file he has recognized as infected?
Answer #1
fix everything……….thats a bad bad virus man. I got hit with it before and no matter what i did i couldnt get the ~ censored ~ out. I had to reformat and even that didnt stop it for a while
good luck
Answer #2
I’m doing a complete scan with Superantispyware. Hope it’ll fix it without the need of deleting everything with Vundofix.
Answer #3
You should download and install Spybot Search & Desroy . I believe this one checks for quite a few versions of Virtumonde and is able to get rid of this properly.
Even though I have never heard of “VundoFix”, it will probably delete the detected files indeed, theyre way too many to store them somewere anyway. if you want to keep the files for some reason, you should RAR them and not touch them. With a password ofcourse.
Though, appearantly most of the detected files are system files, so the best method would be to format your pc. Ofcourse first make a backup. Oh and if you do make a backup of infected files, be sure to use active shields when you acces them again after format. You dont want another infection now do you :S
Good luck man . This is something serious.
Answer #4
ur pic is sssoooo funny
any way u should try combofix first and malwarebytes
google them and find info about how to use combofix
Answer #5
MalwareBytes ftw
Answer #6
I had the same problem and I ran the following in safe mode with internet disabled: SUPERAntiSpyware Free Edition, Malwarebytes’ Anti-Malware and Spybot Search & Destroy. And it worked like a charm. hope this helps you it sure helped me
Answer #7
Don’t forget that it help a lot to start your computer in safe mode
most of the PC require you to tap on the F8 key on boot (until a menu appears) If it’s a menu where you see your cd-rom/harddrive , choose your harddrive with your windows on it (the one you use to boot.. C , It will be identified by the brand of your harddrive , not by the letters
once you did this , keep tapping the F8 key , another menu will appears , choose one of the first option , Safe mode (no need to use network enable , since I suggest you not be connected on internet)
After that you’ll see your computer boot and I warn you , the color will be awfull , everything will be awfull (it’s normal) , then start your anti-spyware/vundofix or any scan you have to do. That way the virus/trojan/worms , won’t be running on boot or be in progress while you scan (so he can’t multiply or hide himself)
I wish you the best of luck !
Answer #8
Just so you know, MBAM works better in normal mode according to the developers
Answer #9
A good AV counter for Virtumonde is Combofix, It worked for me