PDA

View Full Version : Virtumonde.dll and Vundo on IMAC running XP


jpodman
2008-10-09, 20:35
Hello,

Thank you in advance to anyone that can help me out. I have an IMAC and run OSX as well as windows XP as a virtual machine using VMWare Fusion. On some bad advice and my own ignorance, I was not running any anti-virus/anti-spy/etc. on the virtual windows XP machine. As a result, the virtual machine became riddled with spyware and viruses.

I have since installed and ran spybot and Mcafee antivirus and others many times in safe mode and normal, but still have lingering and regenerating malware on the Windows XP virtual machine. The MAC platform runs perfectly. No problems at all.

The two main problems that seem to keep reoccuring are Virtumonde.dll and Vundo. If any one can offer me any advice or guidance it would be greatly appreciated. Thank You.

Jason
katana
2008-10-11, 01:25
Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:
1. If you don't know, stop and ask! Don't keep going on.
2. Please reply to this thread. Do not start a new topic.
3. Please continue to respond until I give you the "All Clear"
(Just because you can't see a problem doesn't mean it isn't there)

If you can do those three things, everything should go smoothly :D

Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe
----------------------------------------------------------------------------------------
These instructions should all be done in XP

Download and Run RSIT

Please download Random's System Information Tool by random/random from here (http://images.malwareremoval.com/random/RSIT.exe) and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open:

log.txt will be opened maximized.
info.txt will be opened minimized.

Please post the contents of both log.txt and info.txt.