Hi, could someone help me as i am having a problem with a virus called win32/heur, Trojan Vundo H, Win32 cryptor.... I am using AVG 8.5 Free together with PC tools and Malwarebytes' Anti-Malware 1.36 and it cant help me....
Malwarebytes' Anti-Malware 1.36
Database version: 1974
Windows 5.1.2600 Service Pack 3
4/13/2009 3:26:57 PM
mbam-log-2009-04-13 (15-26-57).txt
Scan type: Quick Scan
Objects scanned: 68108
Time elapsed: 12 minute(s), 37 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6297c1a9-a7d7-42f5-b5c6-bf50588ef770} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vinuqmhd (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6297c1a9-a7d7-42f5-b5c6-bf50588ef770} (Trojan.Vundo.H) -> Delete on reboot.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\WINDOWS\system32\lhzoqou.dll (Trojan.Vundo.H) -> Delete on reboot
Malwarebytes' Anti-Malware 1.36
Database version: 1974
Windows 5.1.2600 Service Pack 3
4/13/2009 3:26:57 PM
mbam-log-2009-04-13 (15-26-57).txt
Scan type: Quick Scan
Objects scanned: 68108
Time elapsed: 12 minute(s), 37 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6297c1a9-a7d7-42f5-b5c6-bf50588ef770} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vinuqmhd (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6297c1a9-a7d7-42f5-b5c6-bf50588ef770} (Trojan.Vundo.H) -> Delete on reboot.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\WINDOWS\system32\lhzoqou.dll (Trojan.Vundo.H) -> Delete on reboot