help needed to remove trojan.bho in registry and adware vundo variant

[Jeyaraj]

Hi,

I need help to clear Trojan Virus permanently from my registery. I had ran super anti spy ware and malware bytes software and it keeps telling me 3 or 13 objects infected even after removing. Trojan keeps appearing after rebooting. I would appreciate any help that you can offer for removing the harmful TROJAN BHO and Malware Trace

Here is the logs,

Malware Bytes:

Malwarebytes' Anti-Malware 1.31

Database version: 1565

Windows 5.1.2600 Service Pack 3

12/29/2008 2:35:22 AM

mbam-log-2008-12-29 (02-35-16).txt

Scan type: Quick Scan

Objects scanned: 60513

Time elapsed: 3 minute(s), 37 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 3

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> No action taken.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Super Anti Spyware Logs:

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

Generated 12/29/2008 at 02:39 AM

Application Version : 4.23.1006

Core Rules Database Version : 3687

Trace Rules Database Version: 1663

Scan type : Custom Scan

Total Scan Time : 00:03:20

Memory items scanned : 539

Memory threats detected : 0

Registry items scanned : 4695

Registry threats detected : 35

File items scanned : 0

File threats detected : 13

Unclassified.Unknown Origin

HKLM\Software\Classes\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}

HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}

HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}\InprocServer32

HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}\InprocServer32#ThreadingModel

C:\WINDOWS\SYSTEM32\RORIJEYA.DLL

HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}

Adware.Tracking Cookie

C:\Documents and Settings\ejloga.000\Cookies\ejloga@doubleclick[2].txt

C:\Documents and Settings\ejloga.000\Cookies\ejloga@at.atwola[2].txt

C:\Documents and Settings\ejloga.000\Cookies\ejloga@xiti[1].txt

C:\Documents and Settings\ejloga.000\Cookies\ejloga@ads.bleepingcomputer[1].txt

C:\Documents and Settings\ejloga.000\Cookies\ejloga@directtrack[2].txt

C:\Documents and Settings\ejloga.000\Cookies\ejloga@tribalfusion[1].txt

C:\Documents and Settings\ejloga.000\Cookies\ejloga@statcounter[1].txt

C:\Documents and Settings\ejloga.000\Cookies\ejloga@tacoda[2].txt

C:\Documents and Settings\ejloga.000\Cookies\ejloga@ad.yieldmanager[2].txt

C:\Documents and Settings\ejloga.000\Cookies\ejloga@casalemedia[2].txt

C:\Documents and Settings\ejloga.000\Cookies\ejloga@angleinteractive.directtrack[2].txt

C:\Documents and Settings\ejloga.000\Cookies\ejloga@advertising[1].txt

Adware.Vundo Variant/Rel

HKLM\SOFTWARE\Microsoft\MS Juan

HKLM\SOFTWARE\Microsoft\MS Juan#RID

HKLM\SOFTWARE\Microsoft\MS Juan\DJZERO

HKLM\SOFTWARE\Microsoft\MS Juan\DJZERO#LTM

HKLM\SOFTWARE\Microsoft\MS Juan\DJZERO#CDY

HKLM\SOFTWARE\Microsoft\MS Juan\DJZERO#CNT

HKLM\SOFTWARE\Microsoft\MS Juan\metajuan

HKLM\SOFTWARE\Microsoft\MS Juan\metajuan#LTM

HKLM\SOFTWARE\Microsoft\MS Juan\metajuan#CDY

HKLM\SOFTWARE\Microsoft\MS Juan\metajuan#CNT

HKLM\SOFTWARE\Microsoft\MS Juan\metajuan#LBL

HKLM\SOFTWARE\Microsoft\MS Juan\metajuan#MN

HKLM\SOFTWARE\Microsoft\MS Juan\meta_mg

HKLM\SOFTWARE\Microsoft\MS Juan\meta_mg#LTM

HKLM\SOFTWARE\Microsoft\MS Juan\meta_mg#CDY

HKLM\SOFTWARE\Microsoft\MS Juan\meta_mg#CNT

HKLM\SOFTWARE\Microsoft\MS Juan\profiling4

HKLM\SOFTWARE\Microsoft\MS Juan\profiling4#LTM

HKLM\SOFTWARE\Microsoft\MS Juan\profiling4#CDY

HKLM\SOFTWARE\Microsoft\MS Juan\profiling4#CNT

HKLM\SOFTWARE\Microsoft\MS Juan\superjuan

HKLM\SOFTWARE\Microsoft\MS Juan\superjuan#LTM

HKLM\SOFTWARE\Microsoft\MS Juan\superjuan#CDY

HKLM\SOFTWARE\Microsoft\MS Juan\superjuan#CNT

HKLM\SOFTWARE\Microsoft\MS Juan\TrackDJuan

HKLM\SOFTWARE\Microsoft\MS Juan\TrackDJuan#LTM

HKLM\SOFTWARE\Microsoft\MS Juan\TrackDJuan#CDY

HKLM\SOFTWARE\Microsoft\MS Juan\TrackDJuan#CNT

HKLM\SOFTWARE\Microsoft\MS Track System

HKLM\SOFTWARE\Microsoft\MS Track System#Uid

Thanks & Regards,

Jeyaraj

[Tigger93]

Hello.

Please read and follow the instructions provided here: Pre- HJT Post Instructions

When ready please post your logs here: Malware Removal - HijackThis Logs

Someone will be happy to assist you further with cleaning your system.

During this scan and cleanup process you should not install any other software unless requested to do so.