Virtumonde.dll detected!! Pls help

[ken545]

We don't live with redirects, there not normal.

Please download TDSSKiller.zip

• Extract it to your desktop
• Double click TDSSKiller.exe
• Press Start Scan
  • Only if Malicious objects are found then ensure Cure is selected
  • Then click Continue > Reboot now
• Copy and paste the log in your next reply
  • A copy of the log will be saved automatically to the root of the drive (typically C:\)

 

[Diwis]

Scan completed with TDSSKiller and no threads found. I have been on internet for a few hours and no redirect has occured....

So I would say that is fine, what you think???

 

[ken545]

Sounds good. Lets do this. Use your computer for a few days and then post back and let me know how its behaving

 

[Diwis]

ok thanks!!:santa:

 

[Diwis]

Hi Ken545,

Hope you are ok

I do have a redirect once in a while, I do run ATF-Cleaner and it's cool. I'm telling you that it happens once every two days, nothing major. Other than that I did run everything you gave me and all clean!:rockon:

Thank you so much for your help and all the tools you gave me. You been really helpfull and really patient

:thanks:

 

[ken545]

Thanks for getting back to me, where are the redirects taking you ??

I am going to look over your post and see if we missed anything, be back around noon

 

[Diwis]

No redirect today, done all the scans and nothing. It was a sort of search site but I can't remeber which one. If next time occurs I let you know

 

[ken545]

OK, if it happens again besure to write down where its taking you. Post the info back, we close threads after 3 days so if its closed you can just PM me to reopen it .

Open OTL and click on CleanUp and it will remove programs we have used and there backups from your system

• 
  How did I get infected in the first place ?
  Read these links and find out how to prevent getting infected again.
• Tutorial for System Restore <-- Do this first to prevent yourself from being reinfected.
• WhattheTech
• Grinler BleepingComputer
• GeeksTo Go
• Dslreports

Safe Surfn
Ken

 

[Diwis]

Hi ken545

That's the website that takes to me first thing and then doesn't do it for the day;

http://allgreatwebsites.net/?q=jobcentreonline&src=precisead&refurl={referrer}&url={url}

 

[ken545]

Lets flush your DNS Cache

Copy and paste these lines in Note pad.

@Echo on
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0

Save as flush.bat to your desktop. Double click to run.
*** note: Win Vista and Win 7 need to right click and choose to "run as Administrator" .. the computer will reboot itself.



Let me know if it helped ?

 

[Diwis]

Hi there

I did what you told me to do yesterday and this morning on my first search on google again that stupid redirect

http://allgreatwebsites.net/?q=freecycle&src=precisead&refurl={referrer}&url={url}

Only does it once and is just on the first search then that's it for the day...

 

[ken545]

Do you use a router ?

 

[Diwis]

Lan connection but i'm moving house today and i would be having my own router. Do you recon that i get the redirects due to sharing network?

 

[ken545]

Hi,

I have worked on about a half dozen or so threads in the last month that once the router was reset the redirects stopped . They do get a bit haywire sometimes and can get infected.

When you move and set up your wireless, will this be a new router , if so then you should be alright. Have any of the people that where hooked up to your lan experienced any redirects ?