Page 2 of 2 FirstFirst 12
Results 11 to 12 of 12

Thread: Please help me remove Virtumonde and Security Toolbar

  1. 2007-11-21, 00:45 #11
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    patientzero,

    You have to understand a few things, first off when you have an infection like you have we need to work to remove it, removing part of it and not posting for a week or so just lets this stuff download more of it.

    The second thing is that a lot of thought goes into these fixes and the things we post for you to do are for a reason, if not we would not post them, you never disabled the Tea Timer like I asked.


    You need to disable the Tea Timer in Spybot Search and Destroy or it may prevent the fixes from taking.

    1. Run Spybot-S&D in Advanced Mode.
    2. If it is not already set to do this Go to the Mode menu select "Advanced Mode"
    3. On the left hand side, Click on Tools
    4. Then click on the Resident Icon in the List
    5. Uncheck "Resident TeaTimer" and OK any prompts.
    6. Restart your computer.



    Open HijackThis > Do a System Scan Only, close your browser and all open windows including this one, the only program or window you should have open is HijackThis, check the following entries and click on Fix Checked.


    O2 - BHO: (no name) - {8E5342BC-58B9-4D77-9D82-67373B03D128} - C:\WINDOWS\system32\geeda.dll


    Drag Vundofix to the trash as there is a newer version.

    VundoFix.exe to your desktop.
    • Double-click VundoFix.exe to run it.
    • Click the Scan for Vundo button.
    • Once the scan is complete, Right Click inside the listbox (white box) and click add more files
    • Copy&Paste the files listed below into the boxes


      C:\WINDOWS\system32\geeda.dll

    • Click Add Files and Click Close Window
    • Click the Remove Vundo button.
    • You will receive a prompt asking if you want to remove the files, click YES
    • Once you click yes, your desktop will go blank as it starts removing Vundo.
    • When completed, it will prompt that it will reboot your computer, click OK.
    • Please post the contents of C:\vundofix.txt and a new HiJackThis log.


    Note: It is possible that VundoFix encountered a file it could not remove.
    In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.


    Post a new HJT log and the Vundofix log please
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  2. 2007-11-26, 18:01 #12
    tashi
    tashi is offline
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,961

    Default

    patientzero, this topic has been moved to archives and will not be reopened.

    "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance)
    If one of our volunteer helpers is working with you towards cleaning up your computer, and you are going away before closure, please do let them know.
    If you still require help, please start a new topic and include a fresh HijackThis log and a link to this thread in your new topic.

    Regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules