im having a nitemare with the computer..spybot has shown ive got virtumonde infestation (in various different forms)..and it cant wipe it out properly..its now really messing with my browser.

any tips on how to remove it...bearing in mind im not massively comptuer savvy

virtumonde - sounds like something that pops up if you visit too many porn sites, Beavertastic.

lol..trust you to think that way!

typical woman....make the coment and offer nothing useful! lol!

I was wired wrong

that doesnt really help...lol

ooo unlucky mate - that one is a pain in the arse to remove

i will look into it, as i have removed this before

will get back to you

cheers mate!

Name Virtumonde
Type Adware
Type Description Adware, also known as advertising software, displays third-party advertising on the computer. The ads can take several forms, including pop-ups, pop-unders, banners, or links embedded within web pages or parts of the Windows interface. Some adware advertising might consists of text ads shown within the application itself or within side bars, search bars, and search results. Adware is often contextually or behaviorally based and tracks browsing habits in order to display ads that are meant to be relevant to the user.
Category Adware (General)
Category Description Adware, also known as advertising software, displays third-party advertising on the computer. The ads can take several forms, including pop-ups, pop-unders, banners, or links embedded within web pages or parts of the Windows interface. Some adware advertising might consists of text ads shown within the application itself or within side bars, search bars, and search results. Adware is often contextually or behaviorally based and tracks browsing habits in order to display ads that are meant to be relevant to the user.
Level Elevated
Level Description Elevated risks are typically installed without adequate notice and consent, and may make unwanted changes to your system, such as reconfiguring your browser's homepage and search settings. These risks may install advertising-related add-ons, including toolbars and search bars, or insert advertising-related components into the Winsock Layered Service Provider chain. These new add-ons and components may block or redirect your preferred network connections, and can negatively impact your computer's performance and stability. Elevated risks may also collect, transmit, and share potentially sensitive data without adequate notice and consent.
Advice Type Remove
Description Virtumonde is an adware program that displays pop-up advertisements on the desktop. Virtumonde also downloads other software from various remote servers.
Add. Description There are many variants of Virtumonde, some with trojan-like behaviors including downloading other software without notice and consent, transmitting information to remote servers without notice and consent, and lowering system security on the infected machine. Some Virtumonde variants are known to resist removal.
Author Virtumonde
Author URL virtumonde.com
Release Date
Last updated on Jan 3 2009

The program periodically makes an HTTP connection to virtumonde.com, on port 80 or 8081, to download commands and popup advertisements - ideally, you need to close these ports if they are open on your system. What antivirus do you use??

Try using LavaSoft AdAware instead of SpyBot

You beat me to LavaSoft AdAware

Sssh - let's not talk about the beating

Hardly any of the programs out there will remove it

The ONLY way to do it properly, is to physically do it yourself in Windows SAFE mode

That's scary stuff though Tony - he might get his pretty, manicured hands dirty!

hey..ive tried putting windows in safe..after a spybot sscan..and it removes most of it..then it comes back..ahhh!

and whats wrong with manicured hands???????????

Try Windows Defender, a free spyware and virtumonde removal tool located at

http://www.microsoft.com/athome/security/spyware/software/default.mspx

It may work, if not, get back to me.

Dont forget to turn off system restore.
Or it will come back, as that's where it will hide,

once its gone, turn system restore back on

ok..how do i shut ports 80 and 8081

how do i turn off sytem restore...

ok system restore is off....er now im scared!!!

Watch the nails!!!

Try this

http://wareseeker.com/free-virtumonde-removal-tool/

Now remove it

That's just a random google search you can take your pick

http://www.google.co.uk/search?hl=en&q=%22removal+tool+virtumonde+removal%22&btnG=Google+Search&meta=

It'll teach you to not surf too much porn again, Beaver

Be careful next time mate

And dont forget to switch System Restore back on once you have restarted your computer

not surfing ANY porn...

anyhoo..i think ive sorted it...now..turning off system restore and doing it in safe mode seems to have solved the problem!

lets see....

switch System Restore back on before you go online again

system restore already back on ta!.....

no pop ups so far....

Is that because you've stopped surfing porn?

Glad it's sorted, just wish I'd checked back here before I started doing an "idiots guide" on how to do stuff for you

Hmm, I made some idiot guides in work...while they talked of developing my role. Then when they had what they wanted they shafted me. I am so tempted to 'lose' all the documentation I made when I go back.

Ooops!! Maybe you should "lose" it all, would teach them not to mess with you again

I don't think Mr Tastic would shaft me - seems a thoroughly nice chap to me.

jaci

Now what!?! It was a thoroughly innocent comment. I meant as in he'd not be horrid and behave like Suzy's co-workers did - Suzy started the shafting, not I

ok guys

this needs to get back on topic - gone way too far off

Yes Sir Capan Tony

but isnt that just how the male mind works...lol

and...anyhow..it seems to have come back..doh!

What antivirus software are you using?
If its free then that's why your having the problems,
you know how it goes, pay for what you get.

Do all of the above again.
This time do a second re-boot before you turn system restore back on.

Try a different removal tool, from a different site,
try nortons website, symantic.