2 replies to this topic

[rjos]

My computer has been infected with Trojan vundu and a bunch of other stuff... I got Latest Mcafee, Spybot , PC doctor , Smithfraufix and now Malware bytes Anti Malware on my system to fight this nuisance.

My scans have shown improvement but I keep getting messages from PCdoctor that Trojan Vundu is trying to change registry.


My Malware bytes last 3 scans have just give 1 infection - it cleans it but in next scan its there still - all of them have the same registry value. I dont understand when it deletes it why is this thing still there in the registry value. How can this be fixed- pls help .


Malwarebytes' Anti-Malware 1.33
Database version: 1658
Windows 5.1.2600 Service Pack 3

1/16/2009 8:11:00 AM
mbam-log-2009-01-16 (08-11-00).txt

Scan type: Quick Scan
Objects scanned: 62953
Time elapsed: 7 minute(s), 24 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\diyyfayadgaah (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[Katana]

Quote

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:

• Please Read All Instructions Carefully
  
• If you don't understand something, stop and ask! Don't keep going on.
  
• Please do not run any other tools or scans whilst I am helping you
  
• Please continue to respond until I give you the "All Clear"
  (Just because you can't see a problem doesn't mean it isn't there)

If you can do those few things, everything should go smoothly

Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe
----------------------------------------------------------------------------------------


Download and Run RSIT

• Please download Random's System Information Tool by random/random from here and save it to your desktop.
  
• Double click on RSIT.exe to run RSIT.
  
• Click Continue at the disclaimer screen.
  
• Once it has finished, two logs will open:
  
  • log.txt will be opened maximized.
    
  • info.txt will be opened minimized.
• Please post the contents of both log.txt and info.txt.

[AdvancedSetup]

Due to the lack of feedback this Topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.