virtumonde driving me nuts

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by donthebookie, Oct 27, 2006.

  1. donthebookie

    donthebookie Private E-2

    tried both versions of vundofix, lavasoft virtumonde remover, virtumudobegone, ad-aware, avg antispyware, webroot, spybot s & d. With v 6.26 of vundofix nothing is found. with command prompt version unable to delete (with any program) tried everything in safe mode and normal mode. here's my logs
     

    Attached Files:

    donthebookie, Oct 27, 2006
    #1
  2. donthebookie

    donthebookie Private E-2

    I am unable to remove vtstu.dll. I tried both versions of vundofix, lavasoft virtumonde remover, virtumudobegone, ad-aware, avg antispyware, webroot, spybot s & d. With v 6.26 of vundofix nothing is found. with command prompt version unable to delete (with any program) tried everything in safe mode and normal mode. here's my logs:
     
    donthebookie, Oct 27, 2006
    #2
  3. donthebookie

    donthebookie Private E-2

    runkeys.txt

    here's my runkeys.txt
    I am running a dell dimension 4550 p4 2.4, 256 Meg ram, xp home service pack 1. I think this may have something to do with a root kit and kernel hook?? ANY help would be appreciated.
     
    donthebookie, Oct 28, 2006
    #3
  4. donthebookie

    donthebookie Private E-2

    runkeys.txt

    runkeys.txt
     

    Attached Files:

    donthebookie, Oct 28, 2006
    #4
  5. donthebookie

    donthebookie Private E-2

    ANY Help

    Seriously, I can't be the only person to have had this problem.
     
    donthebookie, Oct 28, 2006
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Re: ANY Help

    No you are not! But you did not follow directions in the READ & RUN ME sticky and I also guess you did not read this sticky either: Don't Bump! It Only Hurts You!!!


    You must attach ALL of the logs requested in the READ ME and you must follow the directions properly. You did not even install and rename HijackThis as required and your infection is one of the main reasons why this is necessary. And you must also make sure you are in Normal Startup mode and not Selective Startup mode with MSconfig. Also HijackThis should have been run ONLY AFTER everything else was run.

    Here are the logs requested in the READ ME and the order in which the must be obtained.
    • CounterSpy - ONLY IF you were not able to run Windows Defender
    • Bitdefender - from step 6
    • Panda Scan - from step 6
    • runkeys.txt - the log from GetRunKey.bat
    • newfiles.txt - the log from ShowNew.bat
    • HijackThis
    However, now that you also have run those other tools (Combofix and Virtumonde Remover), how are things working.
     
    Last edited: Oct 29, 2006
    chaslang, Oct 29, 2006
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds