Jump to content

TDSS TROJAN


Recommended Posts

Hello, I was having a major issue with some spyware called TDSS.Trojan in my registry. In the beginning I was unable to access any of my anitvirus programs, but I restarted and safe mode and renamed all of my exes so that I could run them. I have the latest version of Malwarebytes and eventually Malwarebytes Anitspyware found and removed it, but if/when I restart my computer it just comes back and I have to re run the program to have it removed. It's already appeared twice in my quarantines, each time I've deleted the trojan however it still comes back in the next scan.

Is there a way that I can remove it permanently? Here is my log from my latest scan. Thank you for your time.

Malwarebytes' Anti-Malware 1.30

Database version: 1306

Windows 5.1.2600 Service Pack 3

12/4/2008 12:43:59 AM

mbam-log-2008-12-04 (00-43-59).txt

Scan type: Full Scan (C:\|)

Objects scanned: 140321

Time elapsed: 1 hour(s), 26 minute(s), 47 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 5

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 1

Files Infected: 5

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06abffb8-e3f3-4b83-b1c0-440a4e62f2f9} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{06abffb8-e3f3-4b83-b1c0-440a4e62f2f9} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

C:\WINNT\system32\netrax01 (Trojan.Agent) -> Quarantined and deleted successfully.

Files Infected:

C:\WINNT\system32\jxpekmhi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINNT\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINNT\BMbf6cdbe1.xml (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINNT\BMbf6cdbe1.txt (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\RECYCLER\ADAPT_Installer.exe (Heuristics.Malware) -> Quarantined and deleted successfully.

Link to post
Share on other sites

Greetings and welcome to the forum.

To get you fixed up please read the instructions here:

http://www.malwarebytes.org/forums/index.php?showtopic=2936

and post your logs in a new topic here:

http://www.malwarebytes.org/forums/index.php?showforum=7

Please be sure not to install any software or use any removal/scanning tools exept those that you are

instructed to by the expert who will be assisting you as doing so can make their job much more difficult.

I hope I was helpful. Good luck and safe surfing.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.