Home > Need Help > Need Help Removing Trojan.Vundo - HiJackThis Log Attached

Need Help Removing Trojan.Vundo - HiJackThis Log Attached

what is the virus? Vundo may cause many websites to be inaccessible.

However, one has got me stumped.... Please visit HERE if you don't know how.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~here is my combofix log:ComboFix 09-03-15.01 - Don 2009-03-17 18:00:37.2 - NTFSx86Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1527 [GMT -4:00]Running from: c:\documents and settings\Don\Desktop\ComboFix.exeAV: Total Protection scan completed successfullyhidden files: 0**************************************************************************.--------------------- DLLs Loaded Under Running Processes ---------------------- - - - - - - > 'winlogon.exe'(908)c:\windows\system32\Ati2evxx.dll- - - - - - - > 'lsass.exe'(964)c:\windows\system32\cwalsp.dllc:\windows\system32\wxbase28u_vc_CW.dll.------------------------ Other Running Processes ------------------------.c:\windows\system32\ati2evxx.exec:\windows\system32\WLTRYSVC.EXEc:\windows\system32\BCMWLTRY.EXEc:\program C:\WINDOWS\system32\drmgs.sys (Rootkit.Agent) -> Quarantined and deleted successfully.

O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 4.0\resources\en-US\local\search.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu Strange .dll's in msconfig wont go away. Installs adware that sometimes is pornographic.

That may cause it to stall ===================== Download Superantispyware (SAS) free home version http://www.superantispyware.com/superantispywarefreevspro.html Install it and double-click the icon on your desktop to run it. · It will ask if Many rootkits can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. The list is not all inclusive. One of the Programs I use on my own Machine also, when finding a way around Malware, part of the Program was detected by Norton,  The File detected, Symantec after I

unable to change background after malware removal system32\firefox.exe Costrat Trojan Need Help Clearing Security Toolbar 7.1 HJT log (lost internet connection [SOLVED] hijackthis log - vundo removal, help please! Vundo can impede download progress. THanks! Click Apply then OK.

Vundo can impede download progress. Deletes the network connection under My Network Places.

Some firewalls or antivirus software may also be disabled by Vundo leaving the system even more vulnerable.

Some firewalls or antivirus software may also be disabled by Vundo leaving the system even more vulnerable. To find out what programs need to be updated, please run the Secunia Software Inspector Scan.Happy Surfing again! How should I reinstall?Help: I Got Hacked.

The log from MalwareBytes is attached and then I ran HijackThis and its log is attached too.

Back to top #3 MoNsTeReNeRgY22 MoNsTeReNeRgY22 1337 Malware Destroyer Members 611 posts OFFLINE Gender:Male Location:So Cal Local time:10:52 PM Posted 11 January 2008 - 09:55 PM Hello Tredders,Please download ComboFix Vundo may attempt to prevent the user from removing it or otherwise impede its operation, such as by disabling the task manager, registry editor, and msconfig, thereby preventing the system from I had updated Malwarebytes on the clean PC before transferring the missing .exe file to the infected PC. Back to top #5 MoNsTeReNeRgY22 MoNsTeReNeRgY22 1337 Malware Destroyer Members 611 posts OFFLINE Gender:Male Location:So Cal Local time:10:52 PM Posted 12 January 2008 - 01:24 PM Hi, Can you please

When downloading what Browser are you using to do so?? I have see where settings within Firefox screwed can cause .exe files to state downloaded when they don't actually do.