Solved Virtumonde.sdn can't remove

Status
Not open for further replies.
Do you have any suggestions for getting rid of this?

Download OTL to your Desktop.

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code:
    :OTL
    DRV - [2006/03/26 08:22:14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
    DRV - [2006/03/24 12:27:01 | 000,050,176 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
    DRV - [2006/03/13 05:38:23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
     
    
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

See, if that fixes the issue.
If it does, you can delete OTL and its log.
 
Thanks! Here is the log. I will reboot now : ).

========== OTL ==========
Error: No service named sfdrv01) StarForce Protection Environment Driver (version 1.x was found to stop!
Service\Driver key sfdrv01) StarForce Protection Environment Driver (version 1.x not found.
C:\Windows\System32\drivers\sfdrv01.sys moved successfully.
Error: No service named sfsync04) StarForce Protection Synchronization Driver (version 4.x was found to stop!
Service\Driver key sfsync04) StarForce Protection Synchronization Driver (version 4.x not found.
C:\Windows\System32\drivers\sfsync04.sys moved successfully.
Error: No service named sfhlp02) StarForce Protection Helper Driver (version 2.x was found to stop!
Service\Driver key sfhlp02) StarForce Protection Helper Driver (version 2.x not found.
C:\Windows\System32\drivers\sfhlp02.sys moved successfully.
File boot] not found.

OTL by OldTimer - Version 3.2.9.0 log created on 07152010_211257
 
Wow! That did the trick. I had installed Ad-aware and Malawarebytes when I was trying to fix this problem myself. Should I keep those programs installed or uninstall them?
Thanks again! I can't tell you how much I appreciate all of your help!
Jill
 
Malwarebytes is an excellent program. Keep it and run it on occasion.

Ad-aware is rather a tool of the past. I'd uninstall it.
 
Status
Not open for further replies.
Back