125 replies to this topic

[Matt T]

Hello, I believe I have Virtumonde on my computer. I tried Vundofix and Virtumundobegone. And I also used Norton 2008, SpySweeper, and Ad-Aware. And nothing has removed it. Spysweeper detects Adware: Virtumonde but can't remove it. I also found these and I think they are related to the problem: awtqn.dll and gebayyw.dll
If you could help me I'd really appreciate it. Thanks

Hey jacquelyn and welcome to Geeks To Go!

Please read and follow the instructions [Here] and then post a log in the [Malware Forum].

A helper will be with you asap, but if it's been over 3 days without help, post a topic in the [Waiting Room]

Good luck
~Matt

[abbf086]

i would just like to say that that program was brill got rid of 8 out of 9 problems, software is great. I had to use another program to delete the remaining vundo virus, but thanks alot. this site rocks.

[litsa]

Hi

Im new in this so be patient

i have the symantec antivirus and after a scan it detencted a trojan horse in the file c:\WINDOWS\system32\clusap.dll

however, it could not clean it or quarantine it. So i tried searching how to remove it. I found a website called www.prevx.com which had the clusap.dll clasified as a trojan.vundo. The thing is that when i downloaded their own software called Prevx CSI it didnt detect any threads or trojans on my pc. Then i found ur forum and i downloaded VundoFix.exe. Again it didnt detect anything.

I presume then that clusap.dll is not a trojan.vundo. What can i do? Does anybody else found something similar?

Thnx for reading this and sorry if i shouldnt post this here

Litsa

[don77]

Hello and welcome Litsa

Please run through the steps outlined in this Topic
Post back a fresh log in the Malware forum please

[Mortalis]

Your link for Vundofixer is either dead or not working. Cannot go to atribune.org

[RatHat]

Your link for Vundofixer is either dead or not working. Cannot go to atribune.org

The link is up and running: http://vundofix.atribune.org/, try it again.

[hifikilla]

thank you guys so much. I have been dealing with this virtumonde for weeks. I have used every spyware remover one can conjure up. VundoFix is a miracle cure.

[Essexboy]

Thank you for registering and giving us feedback

[cocacola23]

I've been reading many forums and cannot get rid of the vundo trojan

I used the vundofix.exe file and it deleted quite a bit, I also re-ran it, yet some files still remain

I also used the VirtumundoBeGone.exe file and the report showed nothing:


[02/07/2008, 16:58:40] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Rinita\My Documents\VirtumundoBeGone.exe" )
[02/07/2008, 16:58:43] - Detected System Information:
[02/07/2008, 16:58:43] - Windows Version: 5.1.2600, Service Pack 2
[02/07/2008, 16:58:43] - Current Username: Rinita (Admin)
[02/07/2008, 16:58:43] - Windows is in NORMAL mode.
[02/07/2008, 16:58:43] - Searching for Browser Helper Objects:
[02/07/2008, 16:58:43] - BHO 1: {0230112a-88e5-44bd-a4ab-b129b450c476} ()
[02/07/2008, 16:58:43] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/07/2008, 16:58:43] - Checking for HKLM\...\Winlogon\Notify\vshndfiu
[02/07/2008, 16:58:43] - Key not found: HKLM\...\Winlogon\Notify\vshndfiu, continuing.
[02/07/2008, 16:58:43] - BHO 2: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[02/07/2008, 16:58:43] - BHO 3: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/07/2008, 16:58:43] - BHO 4: {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} (McAfee AntiPhishing Filter)
[02/07/2008, 16:58:43] - BHO 5: {5CC3F95E-EC38-4D53-9370-812A4257FFB3} ()
[02/07/2008, 16:58:43] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/07/2008, 16:58:43] - Checking for HKLM\...\Winlogon\Notify\awvvv
[02/07/2008, 16:58:43] - Key not found: HKLM\...\Winlogon\Notify\awvvv, continuing.
[02/07/2008, 16:58:43] - BHO 6: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/07/2008, 16:58:43] - BHO 7: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/07/2008, 16:58:43] - BHO 8: {D7FD6C15-4927-4AAE-BF12-FBDABD287EB1} ()
[02/07/2008, 16:58:43] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/07/2008, 16:58:43] - Checking for HKLM\...\Winlogon\Notify\hggdcaw
[02/07/2008, 16:58:43] - Key not found: HKLM\...\Winlogon\Notify\hggdcaw, continuing.
[02/07/2008, 16:58:43] - Finished Searching Browser Helper Objects
[02/07/2008, 16:58:43] - Finishing up...
[02/07/2008, 16:58:43] - Nothing found! Exiting...

help would be greatly appreciated!

[Essexboy]

If you require further help in cleaning your system then please read this thread and follow the instructions. http://www.geekstogo...-Log-t2852.html and someone will be along to help if you still have problems once you have posted in the right forum

[tal_techy]

Removed worthless link

this is a really helpful video for the matter. i have encountered these problems too and it has helped me a lot.

[Essexboy]

That actually adds nothing as that is just one of the very many places where malware will be dropped, but there may well be a lot of other entries in there that are legitimate. And doing your own repairs without knowing why could cause more problems than it fixes

[okioniwa]

I ran vundo fix, but the malware re appears every time I delete it. I've been locked out of one of the screen names on my computer. I can't delete the virus/trojan. Every time I access the internet it gets worse. I'm typing this from my laptop. I wrote down some of the names of the trojan/malware responsible down. I don't want to loose any info on my old computer and I'm in desperate need. I need help and fast!

[Rorschach112]

You will need to go to the malware removal forum

Make sure you read the sticky threads before posting

[ndfan53]

Help needed.

I have been working all day on removing WinReanimator from my computer and I think I finally have but I still have the red X in my tray saying there is a system infection. I looked and seen one of my .dll's is awvvw.dll which I am thinking is not good lol. I can not run either the Hijack this or the Vundofix.exe files on my computer. I can download the exe file but then once it is on my desktop my computer is not letting me download it. I double click and nothing happens. Would greatly appreciate any and all help.
ndfan