View Full Version : Virtumonde + Smitfraud-c.888

2007-06-22, 04:28
hi :)

im equally sorry for starting a new post but i dont fully understand how to remove these items - (plus the infinite number of others that continue to respwan without provocation) or whether they r my only problems.

ive run spybot s&d without being able to remove virtumonde and smitfraud keeps coming back, as with up to 60 other issues. ive run adaware with 2 problems coming in with a TAI of 10. Noadware is also unable to remove the problems, repeatedly prompting me to block suspicious files from running at startup and AVG is going berserk, while i add to my extensive vault.

ive downloaded combofix, atfcleaner and avenger etc. would someone please beable to guide me through the process.

thanks alot

2007-06-22, 06:38
i looked thruogh the others and solved the problem. this paragraph from the archives was particularly useful;

# Double-click VundoFix.exe to run it.
# Click the Scan for Vundo button.
# Once the scan is complete, Right Click inside the listbox (white box) and click add more files
# Copy&Paste the 3 entries below into the top 3 boxes
# C:\WINDOWS\system32\hggebxy.dll
# C:\WINDOWS\system32\yxbeggh.*
# C:\WINDOWS\system32\ayqhyxip.dll
# Click Add Files and Click Close Window
# Click the Remove Vundo button.
# You will receive a prompt asking if you want to remove the files, click YES
# Once you click yes, your desktop will go blank as it starts removing Vundo.
# When completed, it will prompt that it will reboot your computer, click OK.

After id disabled the internet and used SmitFraudFix.

Thanks a lot.

2007-06-25, 03:17
Welcome to Safer Networking, I wish to be sure you have viewed and understand this information. "BEFORE you POST" (READ this Procedure before Requesting Assistance)
All advice given is taken at your own risk.
Please make sure you have read this information so we are on the same page.

I would like to make sure you saw the instructions posted above and they are also pinned to the top of the forum.
I am also very glad you were able to solve your problem, and I sure hope this is the case. I can tell you this infection (Vundo) is hard to remove. If you wish a check to be sure you are clean, then read the directions and when it comes time to post a HJT log, do this:

Download Trend Micro Hijack This™
Download it to your Program Files folder.
Doubleclick the HijackThis_V2.exe to start it.
Click "Do a System Scan and save a logfile"
This will create a HijackThislog.
Copy and paste the contents of the log in your next reply

Your call...thanks

2007-07-01, 23:17
This topic is closed due to lack of a response.