VM103 virtumonde

Discussion in 'malware problems & news' started by rocknman, Jan 23, 2009.

Thread Status:
Not open for further replies.
  1. rocknman

    rocknman Registered Member

    Joined:
    May 6, 2006
    Posts:
    8
    Hi. Operating system: Windows XP Pro Initially had a couple of items and got them removed with Malwarebytes Anti-Malware. They were:
    C:\WINDOWS\Fbumadava.dll.e
    C:\WINDOWS\anucabenewig.dll.e
    Still have virtumonde. Detected by a Webroot program.
    I have run the following:
    Spybot S&D
    Malwarebytes Anti-Malware
    Superantispyware
    A Squared
    Arovax Antispyware
    CCleaner
    Avert Stinger 10
    Windows Malicious Removal
    F Secure Blacklight Rootkit
    CW Shredder
    Avast Virus/Worm Cleaner
    Trojankiller
    Mcafee Rootkit Detective
    Trend Micro Rootkit Buster
    Runscanner
    Webroot Spyaudit
    HijackThis (log)

    Here is HJT log:

    {HJT log/etc. snipped - Please see here - Blue}

    Your help is appreciated! Thank you!
     
    Last edited by a moderator: Jan 23, 2009
  2. TechOutsider

    TechOutsider Registered Member

    Joined:
    Sep 26, 2008
    Posts:
    549
    Run Panda Active Scan.
     
  3. rocknman

    rocknman Registered Member

    Joined:
    May 6, 2006
    Posts:
    8
    Hi. Ran Panda Active Scan.

    While scanning, detected one (1) item. However, before ending it got "stuck" scanning file:

    D:\I386\Apps\App12546\verfile.tic

    So had to abort.
    Other suggestions?
     
  4. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
  5. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    Safe mode. Rescan in safe mode with DR WEB CURE IT or Dr webs live CD. Maybe try specific tools if your sure of the infection. Vundofix comes to mind.
     
  6. TechOutsider

    TechOutsider Registered Member

    Joined:
    Sep 26, 2008
    Posts:
    549
    So does ComboFix.

    There are literally millions of ways to attack this problem. Try other online scanners, NOD32, Kaspersky, OneCare, Symantec, etc. etc.
     
Thread Status:
Not open for further replies.