virtumonde, buritos.exe

Discussion in 'Malware Help (A Specialist Will Reply)' started by ashv85, Nov 24, 2008.

  1. ashv85

    ashv85 Private E-2

    Hello,

    I have been trying to help my friend fix his computer for about a week now.
    Apparently the notable virus is Virtumonde, which I can't seem to delete for the life of me. There are some other problems, such as when the computer starts I have to press F1 because it says "floppy diskette failure". Also when logging on I get 2 prompts, which say something like "drive cannot be loaded", or something similar. Also when I first got a hold of this computer there was a program called Antivirus XP 2008. I guessed it was fraudulent and deleted it. There was also Norton and Mcaffee but they seemed corrupted and I had to uninstall them.

    Here are the programs I've been using:
    Adaware
    Spybot S&D with resident shield
    Eset NOD32
    HijackThis
    Process Explorer
    Vundofix and virtumondobegone

    A couple of days ago the vundofix and vundobegone programs were detecting the virus, but today they aren't. A scan in adaware also doesn't detect anything but a cookie. But a scan in spybot detects 16 viruses. In process explorer I can see buritos.exe and gamevance32. Not sure if they are spyware but they look suspicious. I also can't search in IE, which was the default browser, but luckily I got firefox and it works fine.

    If anyone could help me I would greatly appreciate it!
     
    ashv85, Nov 24, 2008
    #1
  2. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    http://www.majorgeeks.com/images/grenade.gifWelcome! to MajorGeeks.com!http://www.majorgeeks.com/images/grenade.gif

    Please follow the instructions in the below link and attach the requested logs when you finish these instructions.


    • If something does not run, write down the info to explain to us later but keep on going.
    • Do not assume that because one step does not work that they all will not.
    Notes:
    1. If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode. You can run steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
    2. If you have problems downloading on the problem PC, download the tools on another PC and burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
     
    bjgarrick, Nov 25, 2008
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds