Search:

Okay, I will keep it then. Thanks again Bio-Hazard! You can lock up the thread now.

By the way, What do I do with ATF Cleaner?

Hello Bio-Hazard! GREAT! Im grateful to you and the Spybot team for taking your time and helping me out with my problem. I will do as you said in your post and make sur everything is cleaned out as...

Actually, The only time it lags horriblely is when Spybot loads after I type my password at the welcome screen to log on. Only time around booting. I meant as I surf the internet, In some areas not...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:22:57 PM, on 4/29/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
...

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\WINDOWS\system32\rn.tmp moved successfully.
C:\Documents and Settings\Dave\My...

Seems stable but it does seem to be a little bit sluggish in some areas of loading. Not as bad as before how ever. Its much more quick with the email and web surfing. Just some loading seems to be...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:51:26 PM, on 4/29/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
...

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0 REPORT
Wednesday, April 29, 2009
Operating System: Microsoft Windows XP Home Edition...

It seems to be alright. Thank you for helping me out Bio-Hazard, Let me know how everything look's.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:37:05 PM, on 4/28/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
...

Malwarebytes' Anti-Malware 1.36
Database version: 2056
Windows 5.1.2600 Service Pack 3

4/28/2009 7:22:30 PM
mbam-log-2009-04-28 (19-22-30).txt

Scan type: Full Scan (C:\|D:\|)
Objects...

So far, It is acting more stable. It would be a pain to check my email. Now it isnt lol. So far, It looks ok.

Bio-Hazard, I have one question how ever, Why does Spybot start up sometimes when I...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:26:24 AM, on 4/28/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
...

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser...

info.txt logfile of random's system information tool 1.06 2009-04-27 13:00:18

======Uninstall list======

-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->rundll32.exe...

Logfile of random's system information tool 1.06 (written by random/random)
Run by Josh at 2009-04-27 13:00:02
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 39 GB (54%) free...

Malwarebytes' Anti-Malware 1.34
Database version: 1749
Windows 5.1.2600 Service Pack 3

4/27/2009 12:58:26 PM
mbam-log-2009-04-27 (12-58-26).txt

Scan type: Full Scan (C:\|D:\|)
Objects...

Im trying to update MBAM, But it won't let me? It think's im not connected to the internet? Im gonna run a full scan anyway's and give you the log's and i will try to keep updateing as well.

Hello Bio-Hazard, Thanks for helping me out here with this problem.

I downloaded HostXpert as you said and followed your instruction's and it say's that it cannot connect to the internet. It also...

Hello everyone. I ran into some trouble lol and I ran spybot to find out that I have Virtumonde.DLL and its variants as well as a Firewall Bypass Malware? Anyways, Please let me know what I have to...

Okay cool. Lol, I did get the wrong one after all. Anyway's, everything is quite with the system. I have to go into safemode to do the above procedure you mentioned.

I got Spybot and Comodo. So,...

As soon as I send the file, That is all it showed. How ever, I did notice this and is this the log?


Antivirus Version Last Update Result
a-squared 4.0.0.101 2009.03.18 -
AhnLab-V3 5.0.0.2...

This is the OTMoveIt report I just did like you had asked.

========== FILES ==========
C:\32788R22FWJFW.5.tmp moved successfully.
C:\32788R22FWJFW.4.tmp moved successfully....

This is the Virus Total Report.


MD5: 2ccc474eb85ceaa3e1fa1726580a3e5a
First received: -
Date: 03.18.2009 14:28:44 (CET) [>4D]
Results: 0/37
Permalink:...

Everything seems to be more stable. How ever, It won't let me delete the five files you mentioned to me to delete It says that the file is stil in use and make sure the dis is not full or...

I disabled the anti virus as much as pssible but was diffucult to disable the firewall even tho i had it off. I couldnt enable the windows recovery machine because i dont have internet in safe mode...

ComboFix 09-03-19.02 - Dave 2009-03-22 0:31:12.1 - NTFSx86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1918.1652 [GMT -4:00]
Running from: c:\documents and...

Just to let you know, I didnt hit reboot when i had asked me because I didnt see that you said it, Plus I rebooted anyways because I know it wnated me to after saying so and the log popped up and I...

Service\Driver npggsvc deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\GameMon.des.exe not found.
========== COMMANDS ==========
File delete failed....

Ken, I did what you just said. I opened up HJT and tried to remove the files like you stated. How ever the second one wont get out like the others did and I tried to type in the npggsvc like you said...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:12:59 PM, on 3/20/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
...

Heres the two logs you requested.

Malwarebytes' Anti-Malware 1.34
Database version: 1749
Windows 5.1.2600 Service Pack 3

3/20/2009 1:53:43 PM
mbam-log-2009-03-20 (13-53-43).txt

Scan type:...

Hello Ken545, Thanks for helping me out here. I have to mention how ever that I did the system scan just like you said but i couldn't find the on file you had mentioned which is the 02 BHO No name...

Okay, I have been infected with Virtumonde and Virtumonde Spx? or something like that and some type of firewall bypass i frgot the name, anyways here is the HJT log please help get them out i cant us...

I have a virtumonde infection and virtumonde prx? i think and oday one new virus was trying to bypass my firewall and its not letting me use IE and makes the pc freeze.

I wanna get rid of them...