Go Back   Computer Forums > General Computing > Cyber Safety and Computer Security
Click Here to Login
Join Computer forums Today

Thread Tools Search this Thread Display Modes
Old 10-06-2004, 07:46 AM   #11
Beta Member
Join Date: Sep 2004
Posts: 4

Allright, here is what I did. Removed the following files:

I also did a search for and removed all instances of tunva.* hostx.* avnut.* & bkinst.*

next using regedit I removed the following keys (I recommend backing up your registry before doing this):

HKLM\software\classes\atl.events (there were 2 instances of this but atl.registrar is supposed to be there so leave it alone)

HKLM\software\microsoft\windows\currentversion\run once avnut.exe
HKLM\software\microsoft\windows\currentversion\run avnut.exe

I also did a search in the registry for hostx, avnut & tunva and removed all the associated keys under CLSID

After the reboot it did not come back and everyone is happy.

Good Luck!

teqmod is offline   Reply With Quote
Old 10-06-2004, 09:30 AM   #12
Beta Member
Join Date: Sep 2004
Posts: 3

Unfortunately, I have none of those files you mentioned. I must have something else. Thanks for trying. Appreciate it.

KYR is offline   Reply With Quote
Old 10-08-2004, 11:06 PM   #13
The Candyman
~mr mixx~'s Avatar
Join Date: Jun 2004
Location: USA
Posts: 11,352
Default Re: Trojan Del-457 Please help???

ok, did you boot-up to safe mode, and search for:"oledoc.exe".

delete, all above findings that have the name(oledoc.exe)

teqmod , is on the right track though....you must check your (run) & (run once) folders....they will be in the :HKEY_CURRENT_ USER & HKEY_LOCAL_MACHINE: this scan is a reg scan...

scan those to find the run & run once foder for the oledoc.exe, and delete it.

also in safe mode: check the start-up tab by going to
start/ run/ type "msconfig" without the quotes, then startup tab, and check to see if the (oledoc.exe) is there: if it is then uncheck the box for it.
" Let the music move you "
~mr mixx~ is offline   Reply With Quote
Old 10-11-2004, 02:28 PM   #14
Beta Member
Join Date: Oct 2004
Posts: 1

You can find a guide on removing this here:

How to remove Virtumonde DEL-457 Host.exe malware

Hope this helps

Skalek is offline   Reply With Quote

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

All times are GMT -5. The time now is 07:36 AM.

Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2018, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0