Virtumonde Adware

Discussion in 'ESET NOD32 Antivirus' started by Warhammer, Aug 17, 2008.

Thread Status:
Not open for further replies.
  1. Warhammer

    Warhammer Registered Member

    Aug 17, 2008
    North Carolina
    I just spent the last two days trying to eliminate Virtumonde on my PC. It was a very amazing little bastard. It effectively took out my ability to do any kind of search using google or yahoo or anything related to searches on the Internet.

    I use Comodo Firewall with Comodo Defender AND ESET NOD 32. The file I got it from was scanned (I have the latest updates) and no warning came from the scan. And I have the scan setting on the highest paranoid level you can get. When the PC got infected, the ESET detected the threat and prevented it from opening up the webpage.

    After many using many different attempts with programs to eliminate it, I used Combofix to finally cure the virus.

    The problem(s) I have with this is:

    1. Why wasn't the virus detected during the scan?
    2. Why couldn't the program get rid of the virus once it was detected?
    3. Why doesn't the ESET knowledge base come up with any hits when I type in Virtumonde?

    From what I can gather from google searches, this is a pretty well-known virus. I know no virus scanner is 100%, but this is the first time in 13 years that I have gotten hit with a virus after scanning the downloaded program.
  2. Lusitano

    Lusitano Registered Member

    Jun 17, 2008
    The problem is that there are so many Virtumonde's variants, no AV can detect them all as new ones appear at every minute.
  3. Marcos

    Marcos Eset Staff Account

    Nov 22, 2002
    Virtumonde is quite resistant to remove. You can use Undll to remove an already injected Virtumonde dll.
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.