Solved more Virtumonde trouble

Hi
Ok good. How are things running.

Now lets clean up.

Please re-open HiJackThis and scan only. Check the boxes next to all the entries listed below.

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Now close all windows other than HiJackThis, then click Fix Checked.

Close HJT.


Click Start > Run in the run box copy and paste or type ComboFix /u then hit Enter to uninstall ComboFix and remove the files/folders it created. This action will also reset the System Restore points, removing any infected files there as well.
Please check and verify that C:\Qoobox and C:\ComboFix folders were removed, as well as the C:\ComboFix.txt file.

You can Delete RSIT.exe and this folder. C:\rsit.

Let me know how things are running.

Thanks
Geri

 

Just completed the last tasks.

Things are running great, thanks so much for your help Geri!

 

Hi
OK that's great to hear.

Please re-open HiJackThis and scan only. Check the boxes next to all the entries listed below.

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Now close all windows other than HiJackThis, then click Fix Checked.

Close HJT.


Please look at this link for some preventive recommendations, It could keep you from ending up back here to the Malware and Virus Removal Forums.
http://www.windowsbbs.com/showthread.php?t=67958

I'll mark this one resolved.

Surf Safely.
Geri