Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win32:Ramnit-B and VBS-ExeDropper-gen [Trj]


  • This topic is locked This topic is locked
3 replies to this topic

#1 BlakeyUK

BlakeyUK

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:55 AM

Posted 03 October 2010 - 04:09 PM

Hi,
OK, I see I'm far from the first person with this nasty little bug. It's the first one I've ever been really hit with in years, so I'm particularly annoyed at it!

So, on with the normal info: I was running AVG free (updated automatically) when it suddenly started sprouting alerts. For some reason I thought it was AVG with some false positives, as it was getting the hits for the VBS-ExeDropper virus, even on files that I was pretty sure wouldn't have an issue, including some that I'd written myself (I'm a developer). So I unisntalled AVG, and installed Avast, which is now gradually filling the chest.

I've attached the DDS and GMER logs.

Also, following some advice here, I ran RKUnHooker, with the result attached.

Any help with this will be greatly appreciated.

QUICK EDIT AFTER INITIALLY POSTING THIS:
Rundll32 was being used to run something called gedpct.dll. I couldn't find any reference on this, and it's in the chest anyway. Not sure if that's important or not.

Regards,
Andy

Attached Files


Edited by BlakeyUK, 03 October 2010 - 04:13 PM.


BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,651 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:03:55 AM

Posted 10 October 2010 - 07:23 AM

hi BlakeyUK,

Your post is a few days old, if you still need help simply reply back.

How Can I Reduce My Risk to Malware?


#3 BlakeyUK

BlakeyUK
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:55 AM

Posted 11 October 2010 - 05:37 PM

Thanks shelf-life.

I actually gave up the attempt to fix it, and I rebuilt windows instead. My machine is a hell of a lot faster than it used to me, so there was a positive side!

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 PM

Posted 11 October 2010 - 05:42 PM

As this issue appears to be resolved I am closing the topic. Please send me (or any other Moderator) a Personal Message (PM) if you would like the topic re-opened.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users