Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

RKill not working against Virtumonde


  • Please log in to reply
1 reply to this topic

#1 CurseYouVirtumonde

CurseYouVirtumonde

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:28 PM

Posted 16 July 2012 - 05:08 PM

Hi! I've got the infamous Virtumonde deeply entrenched in my machine, and all of the types of RKill in the removal guide posted on this website are being blocked. By 'blocked' I mean the program immediately closes, followed by an error message saying "Installation failed.", then it re-opens and kills all other processes instead of killing the processes it's supposed to kill, giving another error message for each thing that was killed.

What can I do? I followed the guide and tried all the downloads for RKill but none are working.


Additional info about the problem:
Spybot and MSE both don't work. MSE won't update, scans really really slowly, and doesn't remove anything. Spybot will scan normally, but it won't remove anything.

When running Spybot I noticed tens of thousands of Virtumonde.sci files, and more files of a different file type, as well as many thousands of keylogger, malware, and spyware files. It's a miracle my machine even runs.

Few times over the past few weeks the date in the corner of the screen has changed to be a day behind twice now, and a few times there have been random freezes. Also, about a month ago some guy from Egypt accessed my gmail. I'm not sure if that's a separate thing or if it's from Virtumonde.


I know very little about computers, so apologies in advance if my ignorance or lack of useful info provided above is frustrating. OS is Windows 7, 64 bit.

UPDATE: Tried uninstalling Spybot to get the malware remover featured on this site, and it said the program was never installed to begin with.

UPDATE 2: Attempted to install DDS, but it wouldn't download, even when I clicked on the "click here" html. I'd get GMER but my OS is 64 bit. I had the same problem with downloading RKill.scr. Also, I cannot connect to wikihow.com at all, so I think it's messing with my ability to navigate the web.

Edited by CurseYouVirtumonde, 16 July 2012 - 09:11 PM.


BC AdBot (Login to Remove)

 


#2 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:02:28 PM

Posted 18 July 2012 - 09:32 PM

If you can please run MBAM.

Please Download Malwarebytes AKA MBAM

Update Malwarebytes via the update tab.
Run a full scan
Please post the results

The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

If you have trouble getting MBAM to run see post #2 here.
http://www.bleepingcomputer.com/forums/topic267354.html




Also if you haven't already you should change your email password.

Edited by Jimbob85, 18 July 2012 - 09:37 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users