remove virtumonde help

Discussion in 'Malware Help (A Specialist Will Reply)' started by thepirate, Jul 6, 2008.

  1. thepirate

    thepirate Private E-2

    I see that there are several virtumonde threads and posts, but I was not sure if removing it is a case by case bases. So I was hoping to post my HJT log so that Someone might be able to help me directly. I have the latest version of the vundo fix program. I have run spybot, and AVG 8.0 and have been able to find out that this computer is infected with virtumonde. So any advise would be greatly appreciated. Not sure but i think I am supposed to run winxp in safemode then run the vundofix program but I am not 100% sure on what to do. Thanks again for any help.
     

    Attached Files:

    thepirate, Jul 6, 2008
    #1
  2. thepirate

    thepirate Private E-2

    Oh, I forgot to say that when I run vundofix in safe mode to try and remove the virus, It does not find anything.
     
    thepirate, Jul 6, 2008
    #2
  3. thepirate

    thepirate Private E-2

    I think If i Run HJT I am supposed to checkmark all the 02 bho and the 020 winlogin app and fix them.
    or the items below.
    (O2 - BHO: (no name) - {17F75949-1435-4CBE-950C-15E05B512FB1} - (no file)
    O2 - BHO: (no name) - {32242FCA-6331-4EBF-BA91-A3A0D4BB8824} - (no file)
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O2 - BHO: (no name) - {AE850C18-2443-4C2F-BCA0-647CB978E780} - (no file)
    O2 - BHO: (no name) - {B99DC664-63FF-4D9A-967C-3E5825CBFECB} - (no file)
    O2 - BHO: (no name) - {F919FA26-5413-4910-B4D7-C70A4449268F} - (no file)

    &

    O20 - AppInit_DLLs: avgrsstx.dll
    O20 - Winlogon Notify: geBqQJCt - geBqQJCt.dll (file missing)
     
    thepirate, Jul 6, 2008
    #3
  4. Shadow_Puter_Dude

    Shadow_Puter_Dude MG Authorized Malware Fighter

    Welcome to Major Geeks!

    Please follow the instructions in the below link and attach the requested logs when you finish these instructions. If something does not run, write down the info to explain to us later but keep on going. Do not assume that because one step does not work that they all will not.

    READ & RUN ME FIRST. Malware Removal Guide
     
    Shadow_Puter_Dude, Jul 6, 2008
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds