Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Conflicting Virtumonde reports

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Conflicting Virtumonde reports

Unread postby brewman84 » December 29th, 2008, 8:56 am

Yes I still have the .exe file
brewman84
Regular Member
 
Posts: 16
Joined: December 20th, 2008, 9:42 am
Advertisement
Register to Remove

Re: Conflicting Virtumonde reports

Unread postby tan_pang » December 29th, 2008, 11:33 am

Hmm... I have miss out something just now...
I see that Viewpoint is installed. Viewpoint, Viewpoint Manager, Viewpoint Media Player are Viewpoint components which are installed as a side effect of installing other software, most notably AOL and AOL Instant Messenger (AIM). Viewpoint Manager is responsible for managing and updating Viewpoint Media Player’s components. You can disable this using the Viewpoint Manager Control Panel found in the Windows Control Panel menu. By selecting Disable auto‑updating for the Viewpoint Manager ‑‑ the player will no longer attempt to check for updates. Anything that is installed without your consent is suspect. Read what Viewpoint says and make your own decision.
To provide a satisfying consumer experience and to operate effectively, the Viewpoint Media Player periodically sends information to servers at Viewpoint. Each installation of the Viewpoint Media Player is identifiable to Viewpoint via a Customer Unique Identifier (CUID), an alphanumeric identifier embedded in the Viewpoint Media Player. The Viewpoint Media Player randomly generates the CUID during installation and uses it to indicate a unique installation of the product. A CUID is never connected to a user's name, email address, or other personal contact information. CUIDs are used for the sole purpose of filtering redundant information. Each of these information exchanges occurs anonymously.

Viewpoint Manager is considered as foistware instead of malware since it is installed without user's approval but doesn't spy or do anything "bad". This may change, read Viewpoint to Plunge Into Adware.
I recommend that you remove the Viewpoint products; however, decide for yourself. To uninstall the the Viewpoint components (Viewpoint, Viewpoint Manager, Viewpoint Media Player):
  1. Click Start, point to Settings, and then click Control Panel.
  2. In Control Panel, double-click Add or Remove Programs.
  3. In Add or Remove Programs, highlight >>Viewpoint component<< , click Remove.
  4. Do the same for each Viewpoint component.

After uninstall the Viewpoint components (or even if you choose not to uninstall it), put the .exe file in your Desktop, after that go to "Start -> Run" and type this inside.
combofix /u


After finish all these step, please tell me your computer condition now...
tan_pang
Regular Member
 
Posts: 959
Joined: August 12th, 2007, 8:04 am

Re: Conflicting Virtumonde reports

Unread postby brewman84 » December 29th, 2008, 12:37 pm

From the Viewpoint website
Required with installation of AOL, AIM, current versions of the Netscape web browser, certain Adobe products, and some retail computers sold today.
I never had any of the above software except for Adobe reader and Photoshop unless it came with the laptop so it's history!
The computer has been running fine since I ran Malwarebytes, I've switched to using Opera as a browser as I hear it's more secure than IE and faster than FF. If you feel I am now malware free which I appear to be I'll report back to silver and see about joining MWRU. If there is nothing else again thanks for your help and keep on kicking malware ass!
brewman84
Regular Member
 
Posts: 16
Joined: December 20th, 2008, 9:42 am

Re: Conflicting Virtumonde reports

Unread postby brewman84 » December 30th, 2008, 7:45 am

Is there anything else I need do?
brewman84
Regular Member
 
Posts: 16
Joined: December 20th, 2008, 9:42 am

Re: Conflicting Virtumonde reports

Unread postby tan_pang » December 30th, 2008, 9:48 am

Now, your system is clean, kindly follow these simple steps in order to keep your computer clean and secure:

  1. CLEAR & RESET SYSTEM RESTORE'S CACHE - (System Volume Information folder)
    • Right-click on the My Computer on Desktop, and choose Properties
    • Click on the System Restore tab, and check the box Turn off System Restore on all drives
    • Click Apply
    • Turn it back 'On' afterward by unticking the same checkbox & click OK
  2. DISABLE THE VIEWING OF SYSTEM FILES
    From Windows Explorer, go to Tools>Folder Options> View tab.
    • Untick - Show hidden files and folder
    • Tick - Hide file extensions for known types
    • Tick - Hide protected operating system files
    Click Yes to confirm & then click OK
  3. ANTIVIRUS SOFTWARE
    It is imperative that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
  4. FIREWALL
    Without a firewall your computer is succeptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly. A tutorial on Firewalls and a listing of some available ones can be found here → http://www.bleepingcomputer.com/forums/tutorial60.html
  5. Microsoft Windows Updatehttp://www.windowsupdate.com
    Visit regularly. This will ensure your computer always has the latest security updates. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
    Alternatively, you can enable the automatic update by follow the instruction in here → http://www.microsoft.com/protect/comput ... es/mu.mspx
  6. SPYWAREBLASTER
    SpywareBlaster prevents the installation of malicious ActiveX, adware, browser hijackers, dialers, and other potentially unwanted software. Blocks spyware/tracking cookies & restricts the actions of potentially unwanted sites.

    Unlike other programs, SpywareBlaster does not have to remain running in the background. A tutorial on installing & using this product can be found here → http://www.bleepingcomputer.com/forums/tutorial49.html
  7. IE-SPYAD
    IE/Spyad places more than 4000 dubious websites and domains in the IE Restricted list. This severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites. A tutorial on installing this product can be found here http://www.spywarewarrior.com/uiuc/resource.htm
Update all these programs regularly. Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically. Here are some additional utilities that will further enhance your safety.
  • http://www.trillian.cc → Trillian or http://www.miranda-im.com → Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)
  • http://www.mozilla.org/products/firefox/ - Firefox - Use this alternate browser. Whilst Internet Explorer is not a bad browser, almost every exploit crafted is targeted to take advantage of an IE weakness.
  • http://java.com/en/index.jsp - Sun's Java - It's much more secure than Microsoft's Java Virtual Machine.
  • http://www.aumha.org/downloads/erunt-setup.exe - ERUNT - A useful freeware utility for users of Windows 2000/XP. It's made up of two parts - ERUNT & NTREGOPT.

    ERUNT will create daily complete backups of your computer's Registry. Whilst System Restore does the same thing, a corrupt registry file may prevent Windows from booting & this effectively renders disables System Restore. With ERUNT, you're able to restore the damaged Registry.

    NTREGOPT works by recreating each registry hive "from scratch", thus removing any slack space that may be left from previously modified or deleted keys. In other words, it compacts the Registry to a small size which allows Windows to load & perform faster.
To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein - http://www.castlecops.com/postlite7736-.html

After doing all these, your system will be optimised against future threats.

Have a safe & happy computing day. Image

Kindly respond to this thread once more so we can mark this thread as resolved.
tan_pang
Regular Member
 
Posts: 959
Joined: August 12th, 2007, 8:04 am

Re: Conflicting Virtumonde reports

Unread postby brewman84 » December 31st, 2008, 9:19 am

Thanks again for the help and suggestions.
brewman84
Regular Member
 
Posts: 16
Joined: December 20th, 2008, 9:42 am

Re: Conflicting Virtumonde reports

Unread postby NonSuch » January 3rd, 2009, 12:45 am

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove

Previous

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 481 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware