Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: Help please: SS&D reports Virtumonde.dll | zlcommDB.dll

  1. #11
    Member
    Join Date
    Jul 2009
    Posts
    95

    Default

    I uninstalled SS&D 1.5 via Add/Remove Programs, accepted reboot, and installed v. 1.6.2.46, accepting all defaults and suggestions except changed D: to F:, and immunized.

    I now understand more about Prefetch than I did. I will keep watch on D:\Windows\Prefetch.

    The Spybot scan found 133 tracking cookies. I clicked on "Fix selected problems", so they are gone.

    ...chris

  2. #12
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    Some cookies are needed for access to secure sites and passwords, you can control the ones who are not, here is information.

    http://www.mvps.org/winhelp2002/cookies.htm
    http://mozilla.gunnars.net/firefox_h..._tutorial.html

    Let's see if we can wrap up like this:

    Remove combofix from the computer like this:

    Click START then RUN
    Now type or copy Combofix /u in the runbox and click OK.
    Note the space between the X and the U, it needs to be there.



    Clean the System Restore files like this:

    Turn off System Restore.
    On the Desktop, right-click My Computer.
    Click Properties.
    Click the System Restore tab.
    Check Turn off System Restore.
    Click Apply, and then click OK.

    Reboot

    Turn ON System Restore,
    On the Desktop, right-click My Computer.
    Click Properties.
    Click the System Restore tab.
    UN-Check *Turn off System Restore*.
    Click Apply, and then click OK.


    Update MBAM and scan to be sure we missed none of the junk, there is no need to post a clean scan result.
    (MBAM is yours to keep if you wish, keep it updated and run it once a month or so)

    Update Kaspersky Anti-Virus and scan the system, to be sure it is running right and scanning clean. If you have problems with the program, contact tech support for instructions.

    If all is well at this point, let me know and I will close the topic.

    Some good information for you:
    http://users.telenet.be/bluepatchy/m...wcomputer.html
    http://www.microsoft.com/windowsxp/u...s/mcgill1.mspx

    Here is some great information from experts in this field that will help you stay clean and safe online.
    http://users.telenet.be/bluepatchy/m...revention.html
    http://forums.spybot.info/showthread.php?t=279
    http://russelltexas.com/malware/allclear.htm
    http://forum.malwareremoval.com/viewtopic.php?t=14
    http://www.bleepingcomputer.com/forums/topict2520.html
    http://cybercoyote.org/security/not-admin.shtml

    http://www.malwarecomplaints.info/

    Thanks...pskelley
    Safer Networking Forums
    http://www.spybot.info/en/donate/index.html
    If you are reading this information...thank a teacher,
    If you are reading it in English...thank a soldier.

    How hard are your passwords to crack?
    http://www.microsoft.com/protect/you...d/checker.mspx

    http://users.telenet.be/bluepatchy/m...oes/Links.html
    http://www.microsoft.com/windows/ie/...rotection.mspx
    Improve the safety of your browsing and e-mail activities
    http://www.microsoft.com/protect/com.../browsing.mspx
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

  3. #13
    Member
    Join Date
    Jul 2009
    Posts
    95

    Default

    Before we proceed to the final stages, there are two other issues with this PC:

    1. Every few weeks, Firefox 3.0.12 aborts, a BSOD shows, and the PC reboots. This has been happening for at least six months. It has happened three times today. The third time was when I clicked on the link in your post to mvps.org. The BSOD is on the screen for less than a second, too short a time for me to read anything, but I can see that the screen is mostly full of text. Usually it happens when Firefox is the top window, but the second time today was when my wife was in Pegasus. Firefox was being used for receiving Internet radio. The first time was when she was in Firefox.

    Could this be a malware problem? It doesn't look like a hardware problem to me because, in my limited experience, hardware problems cause BSODs in several applications.

    2. In your first posting, you noted that my wife's PC does not have XP SP3. I wrote that I turned off Automatic Updates just before SP3, because I could not afford to risk losing sharing of logical drives between her PC and mine (which runs Win 2K SP4.) Please reread my posting on this subject. I didn't mention there that we share an email address, she uses Pegasus to receive email and to move emails for me to Pegasus on my PC. We would be slightly sunk if we lost that capability. I do have a copy of SP3.

    What do you recommend?

    ...chris

  4. #14
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    Chris, you said this:

    In your first posting, you noted that my wife's PC does not have XP SP3

    It is late at night and I have been helping folks online for many hours and I am far from fresh. I wish you to understand that we must talk about only one computer. If you have more than one, start a new thread and the first available helper will assist.

    If you have questions about the computer we just dealt with above, post those, making sure any error message are included, and any symptoms. Please do not confuse multiple computers.

    If your issues is with Firefox, my suggestion is to uninstall it completely and upgrade to Firefox 3.5.1.

    Thank you
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

  5. #15
    Member
    Join Date
    Jul 2009
    Posts
    95

    Default

    Phil,

    It is my wife's computer that this whole thread is about. I have no issues with mine (2000 SP4).

    I really appreciate all your hard work on her behalf. It appears that Virtumonde is gone, so I am in no rush regarding the other issues with her computer.

    ...chris

  6. #16
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    Finish the directions above and post the results of the MBAM and Kaspersky scans.

    Please understand this is a malware removal forum, I may be able to help, but likely I will suggest good free forums that deal with these problesm.

    Are you receiving any error messages when you get the BSOD?
    Post those word for word.

    How to troubleshoot the Blue Screen of Death
    http://www.edbott.com/weblog/?p=576

    A good support and troubleshooting site:
    http://kadaitcha.cx/

    Without the error message, these are hard to troubleshoot, but I often find out of date or faulty drivers involved. Let's have a look at a free diagnostic.
    You will need to register free to store the test results and send me the link.

    http://www.pcpitstop.com/pcpitstop/default.asp
    (there is no reason to purchase anything, the diagnostic report is free)

    Thanks
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

  7. #17
    Member
    Join Date
    Jul 2009
    Posts
    95

    Default

    I followed the instructions in your posting #12.

    Both the MBAM and KAV scans were clean. A strange thing is that the last Event in the KAV log is on 2008-12-01 10:02:41 and says Process (PID 1088) tried to access Kaspersky Anti-Virus process (PID 776), but the action has been blocked by the Self-Defense component. No action on your part is required.

    There are no (readable) error messages when I get a BSOD. The text on the BSOD is only there for 100 milliseconds or so: I can't read that fast. When XP comes up again after the self-reboot, I do sometimes get an invitation to send a report to Microsoft, which I decline. I can send you a copy of that next time I get such an invitations (which may be weeks away), if you like.

    I ran PitStop Overdrive from IE (no longer available from Firefox). The link is http://www.pcpitstop.com/betapit/sec.asp?conid=22484012


    ...chris

  8. #18
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    I do sometimes get an invitation to send a report to Microsoft, which I decline.
    If you send the report, the results will be information about how to correct the issues.

    You can also contact Microsoft free for support concerning the issue via chat or email: http://support.microsoft.com/
    Phone support likely requires a charge. If have used email support a few times, it takes a couple of days but the technicians are knowledgeable and will stay with you until they resolve your problem.

    I suggest you click the links to Recommended Fixes and follow the instructions. It is very possible an out of date driver is a problem. You have two: http://www.pcpitstop.com/betapit/sec.asp?conid=22484012

    You can get those drivers here:
    http://www.nvidia.com/page/support.html

    http://www.realtek.com.tw/products/p...Level=3&Conn=2
    If you have questions:
    http://www.realtek.com.tw/contact/

    Because stuff can happen, I suggest you backup the reqistry before making changes on the computer just in case.

    Hope this helps
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •