Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virtumonde/defender Repeating Errors.


  • Please log in to reply
2 replies to this topic

#1 Katzman85

Katzman85

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 22 December 2007 - 02:49 PM

Hi im running windows xp pro service pack 2. i was recently infected with Virtumonde and saw your ad for the use of HJT and that whole thing. it came with The Defender program as well. I ran through all of the steps to remove it and it seemed to be removed.

Haven't done anything to make it want to come back but ive noticed the last 3 or 4 days in a row at 11:25 AM i get a pop up from my antispyware (Spybot S&D) saying that a value has been added named Wakteexo.dll, i deny the change and another window pops up and says Do you want to kill the process virtumonde.dll, with the executable named cjycsaui.exe. i kill the process and its all good. Ive even gone into regedit to remove the folders and files with the names virtumonde and defender and all the stuff that it came with.

until the next day at 11:25 it appears again. Ive run the Combofix and HJT and people told me what to remove but has yet to 100% fix it.


*****Also might i add it was being fueled through internet explorer 7. i had recently installed it because im regularly using Firefox. But a website wouldnt work through firefox so i had gotten internet explorer. With that popup it was also screwing with my internet explorer making all these pop ups appear. but i have gotten rid of IE because i didnt really need it.

******* Also it has deleted all my Restore Points. The only one i have is the day that it appeared.

Any Help Would Be Great
Thanks

Jared

Edited by Katzman85, 22 December 2007 - 05:32 PM.


BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:30 PM

Posted 23 December 2007 - 07:14 AM

See the following Bleeping Computer removal guide:

How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,093 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:30 PM

Posted 23 December 2007 - 07:28 AM

Ive run the Combofix and HJT and people told me what to remove but has yet to 100% fix it.

If you are being helped at another forum site, then you should not be asking for assistance elsewhere or make changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc.) Any modifications you make on your own can result in system changes which may not show it the log you already posted. Further, following advice outside of that post may cause confusion for the HJT Helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users