Jump to content

PUM.USERWLoad & Trojan.Agent


Recommended Posts

MalwareBytes shows in Quarantine the following...

 

1)- "Trojan.Agent - registry value - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|20353

 

2)PUM.USERWLoad- Registry Value - HKCU\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Windows|Load

 

   I'm running windows 7 ultimate and I can not get rid of these...In MWB, I click delete all, then do the reboot as asked and then run MWB again and they are still there...I booted into safe mode and did the same procedure with the same results...I tried deleting with Regedit and it will not allow me to delete..I'm set up as Administator , tried both regular boot up and safe mode, and the same results.

  

I'm using Microsft Security Essentials which shows the following..I don't know if this is part of the above items showing in MWB, but again I can not delete..I found a file in the same location with the same name, "005d03e8.exe" and by changing the name first, then the extension I was able to delete said file, but I can not do the same with the registry or this file line.

3) Trojan:Win32/Dusvext.B - located at file C:\Users\Me|AppData\Local\Temp\005d03e8.exe

 

 I would greatly appreciate any help or information about these. I've attached 2 screenshots showing the results after doing "remove all" and rebooting.

 

Thank you folks and hope you all have a great day.

post-147980-0-12723000-1383933404_thumb.

post-147980-0-78344900-1383933406_thumb.

Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Next,

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.