Sign In
Create Account
1
Hello, I was having a major issue with some spyware called TDSS.Trojan in my registry. In the beginning I was unable to access any of my anitvirus programs, but I restarted and safe mode and renamed all of my exes so that I could run them. I have the latest version of Malwarebytes and eventually Malwarebytes Anitspyware found and removed it, but if/when I restart my computer it just comes back and I have to re run the program to have it removed. It's already appeared twice in my quarantines, each time I've deleted the trojan however it still comes back in the next scan.
Is there a way that I can remove it permanently? Here is my log from my latest scan. Thank you for your time.
Malwarebytes' Anti-Malware 1.30
Database version: 1306
Windows 5.1.2600 Service Pack 3
12/4/2008 12:43:59 AM
mbam-log-2008-12-04 (00-43-59).txt
Scan type: Full Scan (C:\|)
Objects scanned: 140321
Time elapsed: 1 hour(s), 26 minute(s), 47 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 5
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06abffb8-e3f3-4b83-b1c0-440a4e62f2f9} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{06abffb8-e3f3-4b83-b1c0-440a4e62f2f9} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\WINNT\system32\netrax01 (Trojan.Agent) -> Quarantined and deleted successfully.
Files Infected:
C:\WINNT\system32\jxpekmhi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINNT\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINNT\BMbf6cdbe1.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINNT\BMbf6cdbe1.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\RECYCLER\ADAPT_Installer.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
-
This topic is locked
Back to top
#2
Posted 25 December 2008 - 05:52 PM
-
- Moderators
-
- 12,959 posts
exile
- Gender:Male
Greetings and welcome to the forum.
To get you fixed up please read the instructions here:
http://www.malwareby...?showtopic=2936
and post your logs in a new topic here:
http://www.malwareby...php?showforum=7
Please be sure not to install any software or use any removal/scanning tools exept those that you are
instructed to by the expert who will be assisting you as doing so can make their job much more difficult.
I hope I was helpful. Good luck and safe surfing.
To get you fixed up please read the instructions here:
http://www.malwareby...?showtopic=2936
and post your logs in a new topic here:
http://www.malwareby...php?showforum=7
Please be sure not to install any software or use any removal/scanning tools exept those that you are
instructed to by the expert who will be assisting you as doing so can make their job much more difficult.
I hope I was helpful. Good luck and safe surfing.
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
