Free Malware Removal Forum

[Ando]

I have recently been having a problem with malware/virus's. I have AVG installed on my PC and I have had various pop ups saying my computer is infected with Trojans. I stumbled across this website, installed Malwarebytes and removed over 25 trojans. Is there any way you guys could help...

Here is my log

Malwarebytes' Anti-Malware 1.36
Database version: 2117
Windows 5.1.2600 Service Pack 3

12/05/2009 19:50:16
mbam-log-2009-05-12 (19-50-16).txt

Scan type: Quick Scan
Objects scanned: 91051
Time elapsed: 10 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 4
Registry Keys Infected: 6
Registry Values Infected: 4
Registry Data Items Infected: 4
Folders Infected: 0
Files Infected: 11

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\ratijipe.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\kusudewi.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\bekoduya.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\vinabino.dll (Trojan.Vundo.H) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{789b46d4-55d3-4a13-b3ce-298e8408b357} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{789b46d4-55d3-4a13-b3ce-298e8408b357} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{789b46d4-55d3-4a13-b3ce-298e8408b357} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\harahuwelu (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpmb73fa4d8 (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> Delete on reboot.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\kusudewi.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\vinabino.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\vinabino.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\hikepohe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ehopekih.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bekoduya.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\kusudewi.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\ratijipe.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\vinabino.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\bihonede.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\moyofilu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wohupuda.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\genetoda.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nizefipu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

[NonSuch]

In order for us to help you it is necessary that you stop attempting self-fixes and provide us with a HijackThis log. A HijackThis log, as well as other logs that may be requested, provide us with a guideline for removing whatever malware is infecting your system. We cannot proceed without such logs for guidance. You may include your Malwarebytes Anti-Malware log in the same post as your HijackThis log.

This topic is now closed. Please start a new topic by following the HijackThis Guideline posted here: >Guideline for posting your HijackThis log<