It got me. A devious, awful spyware took me down mid-computing Monday evening. It didn’t take long to figure out I had acquired Virtumonde, a horrible adware program that’s goal is to get you to pay for the “software” to remove it. I think it’s more than one group of hijackers that’s in on it too. The real kick-in-the-groin is that I had Panda Pro 2009 super, crackshot, anti-everything running while the malware attacked. Not only did Virtumonde get through, it tore my cute little panda faced protection to pieces and changed my desktop wallpaper to a flashing warning to really scare the money out of my wallet. “Please check up the computer” it said. I was dead in the water.
“Thank” The warning is even done insultingly bad.
BACK ON MY FEET
After trying some do-it-yourself fixes I found from top Virtumonde sites (created by who, I wonder) that involved downloading and installing 3 or 4 Spyware programs – some I’ve used before, some not. I kind of got the virus off, but my system was as slow as a Morgan OI pointing upwind. It took all day Tuesday and about 200 restarts to figure this thing out.
THE SOFTWARE
Spybot Doctor was the recommended software to remove the malware. It cost $40, seemed to work but my machine would constantly lock up on startup. Finally removed SpybotDoc and machine got back up to speed. I then discovered that Windows offers a free malware program called Defender that, according to some website was the best available. Other sites said it was “crap”, but these were the “official sites” dedicated to removing Virtumonde – pimping SpybotDoc- Hmmmm….
LESSONS LEARNED
Download and run Defender. It’s by Microsoft so what more can you say – and it’s free. That should block malware and your antivirus should take care of the rest. I’m mentally wiped after this experience and almost out of rum from all the extra drinking it required to take care of the problem. My monitor narrowly escaped a full out assault from whatever blunt object was within reach – my keyboard, not so much. Still working though, well crafted by again, Microsoft.
If I ever, ever find or run across the individuals that created this infecting malware – the ones that cost me time, money and inflicted severe mental anguish…. All I can say is “swim for the wreckage”.
{ 2 comments… read them below or add one }
I feel your pain. I was attacked by the same malware. It zipped right through McAfee.
Here are a couple of additional items:
- It DELETED “MRT.EXE” which is Microsoft’s “Malicious Software Removal Tool” which gets automatically updated each month via windows update.
- It destroyed system restore points prior to the day before it showed up (I have used system restore to counteract promiscuous malware before.)
- It corrupted AdAware so that it would not run at all.
My solutions:
- I clicked off the Wifi button on my laptop to stop the info-flow from my system.
- I ran system restore.
- I copied MRT.EXE from my desktop system to a USB Flash drive.
- I ran MRT on my laptop from the Flash Drive and it found & deleted the malware.
- I logged back onto the net and also downloaded Windows Defender.
One additional thing: the settings on MacAfee were totally altered by this stuff.
If they ever get hold of the ‘holes that continue to write & introduce this stuff, they need to take them “on tour” of large arenas around the country. The first 1000 people through the turnstyles all get a free box-cutter, and 30-seconds face time with the jerk.
- Nuf ‘Sed.
Sounds exactly what happened to me. Restore points had vanished, destroyed Panda, etc. I don’t see how this malware is even tolerated by whatever agency regulates the net. It should be trace and blockable I would think.