PDA

View Full Version : Smitfraud/virtumonde


Xanos
2008-11-30, 22:14
I have discovered that after letting a friend borrow my external hard drive that plugging my EHD into a computer infects it with smitfraud and virtumond, as well as many smaller infections. I would like help removing what i assume is a fake driver on this EHD. I have read other reports about these viruses and I believe i can clean the computers that have already been infected by my EHD, but my main goal right now is cleaning the EHD and stopping the spread.
Also a quick question, if i am to run HJT, should i plug in the external hard drive while doing so?
katana
2008-12-04, 12:59
Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:
Please Read All Instructions Carefully
If you don't understand something, stop and ask! Don't keep going on.
Please do not run any other tools or scans whilst I am helping you
Please continue to respond until I give you the "All Clear"
(Just because you can't see a problem doesn't mean it isn't there)


If you can do those few things, everything should go smoothly http://www.countingcows.de/laechel.gif

Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe

----------------------------------------------------------------------------------------

I apologize for the delay in responding, but as you can probably see the forums are quite busy.
Unfortunately there are far more people needing help than there are helpers.

If you still require help please do the following


Please ensure that any USB/Flash/External drives are connected whilst we are cleaning your machine.

Download and Run RSIT

Please download Random's System Information Tool by random/random from here (http://images.malwareremoval.com/random/RSIT.exe) and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open:

log.txt will be opened maximized.
info.txt will be opened minimized.

Please post the contents of both log.txt and info.txt.