Jump to content

VIRTUMONDE.PRX CAN NOT BE REMOVED


julesbg

Recommended Posts

I recently removed some malware and am still having trouble getting rid of one last infection. I run Spybot, Malwarebytes and others and it says it removes it but it is still there.

My computer seems to be running fine, but would like to get rid of this remaining piece!

I am attaching my HJT log, Panda Active Scan, and Malwarebytes log. Any help will be greatly appreciated.

MBAM Log

Malwarebytes' Anti-Malware 1.30

Database version: 1439

Windows 5.1.2600 Service Pack 3

11/30/2008 4:59:04 PM

mbam-log-2008-11-30 (16-59-04).txt

Scan type: Quick Scan

Objects scanned: 64201

Time elapsed: 9 minute(s), 19 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\pekefevipo (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

PANDA ACTIVE SCAN LOG

;*******************************************************************************

********************************************************************************

*

*******************

ANALYSIS: 2008-11-30 18:11:35

PROTECTIONS: 2

MALWARE: 5

SUSPECTS: 0

;*******************************************************************************

********************************************************************************

*

*******************

PROTECTIONS

Description Version Active Updated

;===============================================================================

================================================================================

=

===================

McAfee Internet Security Suite 2007 8.1 No Yes

McAfee VirusScan Plus 12.1 No No

;===============================================================================

================================================================================

=

===================

MALWARE

Id Description Type Active Severity Disinfectable Disinfected Location

;===============================================================================

================================================================================

=

===================

00035937 adware/exact.searchbar Adware No 0 Yes No c:\documents and settings\matt\local settings\temp\blank.gif

00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Matt\Cookies\matt@com[2].txt

00456116 Adware/Antivirus2009 Adware No 0 Yes No C:\Documents and Settings\Matt\Local Settings\Temporary Internet Files\Content.IE5\OTV3L48W\freescan[1].htm

00519333 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\Matt\Local Settings\Temporary Internet Files\Content.IE5\5D69M59H\VirtumundoBeGone[1].exe

03548697 Trj/Clicker.ALY Virus/Trojan No 1 No No C:\WINDOWS\system32\g65.exe[■%%\

Link to post
Share on other sites

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:

  1. Please Read All Instructions Carefully

  2. If you don't understand something, stop and ask! Don't keep going on.

  3. Please do not run any other tools or scans whilst I am helping you

  4. Please continue to respond until I give you the "All Clear"

    (Just because you can't see a problem doesn't mean it isn't there)

If you can do those few things, everything should go smoothly laechel.gif

Please Note, your security programs may give warnings for some of the tools I will ask you to use.

Be assured, any links I give are safe

----------------------------------------------------------------------------------------

I apologize for the delay in responding, but as you can probably see the forums are quite busy

and helpers look for posts with zero replies.

Unfortunately there are far more people needing help than there are helpers.

If you still require help please do the following

I will be notified and I will get back to you ASAP.

Download and Run RSIT

  • Please download Random's System Information Tool by random/random from here and save it to your desktop.

  • Double click on RSIT.exe to run RSIT.

  • Click Continue at the disclaimer screen.

  • Once it has finished, two logs will open:

    • log.txt will be opened maximized.

    • info.txt will be opened minimized.

    [*]Please post the contents of both log.txt and info.txt.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.