Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: Virtumonde.sdn TrojansC-04

  1. #11
    Junior Member
    Join Date
    Mar 2010
    Posts
    10

    Default S&D 1.6.2 Log

    Virtumonde.sdn: [SBI $4F0ABAF2] Settings (Registry key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\PFW
    --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
    2009-01-26 blindman.exe (1.0.0.8)
    2009-01-26 SDFiles.exe (1.6.1.7)
    2009-01-26 SDMain.exe (1.0.0.6)
    2009-01-26 SDShred.exe (1.0.2.5)
    2009-01-26 SDUpdate.exe (1.6.0.12)
    2009-01-26 SDWinSec.exe (1.0.0.12)
    2009-01-26 SpybotSD.exe (1.6.2.46)
    2009-03-05 TeaTimer.exe (1.6.6.32)
    2010-03-21 unins000.exe (51.49.0.0)
    2009-01-26 Update.exe (1.6.0.7)
    2009-11-04 advcheck.dll (1.6.5.20)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2009-01-26 SDHelper.dll (1.6.2.14)
    2008-06-19 sqlite3.dll
    2008-10-22 Tools.dll (2.1.6.8)
    2009-01-16 UninsSrv.dll (1.0.0.0)
    2010-02-17 Includes\Adware.sbi (*)
    2010-03-16 Includes\AdwareC.sbi (*)
    2010-01-25 Includes\Cookies.sbi (*)
    2009-11-03 Includes\Dialer.sbi (*)
    2010-03-16 Includes\DialerC.sbi (*)
    2010-01-25 Includes\HeavyDuty.sbi (*)
    2009-05-26 Includes\Hijackers.sbi (*)
    2010-03-16 Includes\HijackersC.sbi (*)
    2010-01-20 Includes\Keyloggers.sbi (*)
    2010-03-16 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2010-03-02 Includes\Malware.sbi (*)
    2010-03-17 Includes\MalwareC.sbi (*)
    2009-03-25 Includes\PUPS.sbi (*)
    2010-03-16 Includes\PUPSC.sbi (*)
    2010-01-25 Includes\Revision.sbi (*)
    2009-01-13 Includes\Security.sbi (*)
    2010-03-16 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2010-03-02 Includes\Spyware.sbi (*)
    2010-03-16 Includes\SpywareC.sbi (*)
    2010-03-08 Includes\Tracks.uti
    2010-03-03 Includes\Trojans.sbi (*)
    2010-03-16 Includes\TrojansC-02.sbi (*)
    2010-03-16 Includes\TrojansC-03.sbi (*)
    2010-03-16 Includes\TrojansC-04.sbi (*)
    2010-03-17 Includes\TrojansC-05.sbi (*)
    2010-03-16 Includes\TrojansC.sbi (*)
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll

  2. #12
    Junior Member
    Join Date
    Mar 2010
    Posts
    10

    Default Didn't think it would 'Fix'

    After I sent the previous scan log I let S&D run Fix. It gave me the message that it did fix the Virtumonde.sdn.

    Virtumonde.sdn: [SBI $4F0ABAF2] Settings (Registry key, fixed)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\PFW
    --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
    2009-01-26 blindman.exe (1.0.0.8)
    2009-01-26 SDFiles.exe (1.6.1.7)
    2009-01-26 SDMain.exe (1.0.0.6)
    2009-01-26 SDShred.exe (1.0.2.5)
    2009-01-26 SDUpdate.exe (1.6.0.12)
    2009-01-26 SDWinSec.exe (1.0.0.12)
    2009-01-26 SpybotSD.exe (1.6.2.46)
    2009-03-05 TeaTimer.exe (1.6.6.32)
    2010-03-21 unins000.exe (51.49.0.0)
    2009-01-26 Update.exe (1.6.0.7)
    2009-11-04 advcheck.dll (1.6.5.20)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2009-01-26 SDHelper.dll (1.6.2.14)
    2008-06-19 sqlite3.dll
    2008-10-22 Tools.dll (2.1.6.8)
    2009-01-16 UninsSrv.dll (1.0.0.0)
    2010-02-17 Includes\Adware.sbi (*)
    2010-03-16 Includes\AdwareC.sbi (*)
    2010-01-25 Includes\Cookies.sbi (*)
    2009-11-03 Includes\Dialer.sbi (*)
    2010-03-16 Includes\DialerC.sbi (*)
    2010-01-25 Includes\HeavyDuty.sbi (*)
    2009-05-26 Includes\Hijackers.sbi (*)
    2010-03-16 Includes\HijackersC.sbi (*)
    2010-01-20 Includes\Keyloggers.sbi (*)
    2010-03-16 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2010-03-02 Includes\Malware.sbi (*)
    2010-03-17 Includes\MalwareC.sbi (*)
    2009-03-25 Includes\PUPS.sbi (*)
    2010-03-16 Includes\PUPSC.sbi (*)
    2010-01-25 Includes\Revision.sbi (*)
    2009-01-13 Includes\Security.sbi (*)
    2010-03-16 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2010-03-02 Includes\Spyware.sbi (*)
    2010-03-16 Includes\SpywareC.sbi (*)
    2010-03-08 Includes\Tracks.uti
    2010-03-03 Includes\Trojans.sbi (*)
    2010-03-16 Includes\TrojansC-02.sbi (*)
    2010-03-16 Includes\TrojansC-03.sbi (*)
    2010-03-16 Includes\TrojansC-04.sbi (*)
    2010-03-17 Includes\TrojansC-05.sbi (*)
    2010-03-16 Includes\TrojansC.sbi (*)
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll

  3. #13
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    Please upload C:\Windows\SysWow64\UmxWNP.dll file to http://www.virustotal.com to see its results. As I said earlier, I suspect that Spybot finding is a false positive.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  4. #14
    Junior Member
    Join Date
    Mar 2010
    Posts
    10

    Default Link to test result

    analisis/7d67c524f1dc71a56e7dfd2243648e6b89a5474a429dd0c8c86fd7f1a20ca6c9-1253628253

    I can copy and past the results if this link doesn't work.

  5. #15
    Junior Member
    Join Date
    Mar 2010
    Posts
    10

    Default I'm still getting start up problems

    I still takes on average about 3 tries to get my computer to boot up.

  6. #16
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    You could post a topic on false positives area about that entry Spybot is finding.

    Click start->run and type services.msc followed by enter. Make sure Event Log service is started and its startup type is automatic.

    Run a disk check instructed here. Have you defragged hard drive lately?
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  7. #17
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Due to inactivity, this thread will now be closed.

    Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

    If it has been less than four days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •