Results 1 to 10 of 20

Thread: Assistance needed to eradicate Virtumonde.Dll trojan

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. 2009-08-16, 20:39 #6
    Dakeyras
    Dakeyras is offline
    Security Expert-Emeritus Dakeyras's Avatar
    Join Date
    Sep 2008
    Location
    The Tundra
    Posts
    1,173

    Default

    Hi

    Pity about the death of Phil Kelley. The world needs more like him (and all the other Spybot crew)- people giving their time and effort to help others. Thanks for taking on my problem.
    Thank you for the kind words and you are welcome!

    Re: your advice. I looked at the “Crucial” website. They did not have the Acer Aspire model SA XP-H MHD11927 listed, so it seems they do not cater for RAM expansion on that model. Perhaps it is not a common model outside of Australia?
    Strange indeed, you could try the below site and or visit any reputable IT/Laptop Repair Centre in your locality.

    http://www.pcworld.idg.com.au/

    Even another 256 MB module of installed memory will improve performance overall.

    For my education, can you give me a brief and simple explanation for the HJT “fix” of;
    06 HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    014 IERESET.INF.START_PAGE_URL=http://www.optusnet.com.au/
    O6 - This relates to the Administrative lock down of the Control Panel, it was either due to malware and or set inadvertently during the installation of Spybot. Either way it is deemed unnecessary in a home use environment.

    014 - This relates to Reset Web Settings hijack that basically means it is what Internet Explorer uses when you reset options back to their Windows default.

    In the case of your mothers computer it was set by Optuszoo website and though not malware related it should not be there at all in my humble opinion overriding the IE default.

    On a diff note I have noticed the Erunt is set to create a registry backup with every system reboot, did you set this purposely during the installation or not? As not really needed and creating a backup manually once per week should suffice.

    Next:

    Thank you for the overall situation update, it has proved to be quite useful to myself and with this in mind I think it prudent to run a deeper benign scan before proceeding with the malware removal process.

    Scan with RSIT:

    • Please download Random's System Information Tool by random/random from here and save it to your desktop.

    Make sure that RSIT.exe is on the your Desktop before running the application!
    • Double click on RSIT.exe to run RSIT.
    • Click Continue at the disclaimer screen.
    • Once it has finished, two logs will open:
      • log.txt will be opened maximized.
      • info.txt will be opened minimized.
    • Please post the contents of both log.txt and info.txt.


    When completed the above, please post back the following in the order asked for:

    • How is you computer performing now, any further symptoms and or problems encountered?
    • Both RSIT logs. <-- Post them individually please, IE: one Log per post/reply.
    Last edited by Dakeyras; 2009-08-16 at 20:51.
    Mammuthus Hibernian Scouserus, member of ASAP and UNITE.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules