Home > Help > Help! - Trojan.win32.monder.gen

Help! - Trojan.win32.monder.gen

Click here to Register a free account now! am i clean now?? TROJ_MONDER.WX Alias:Trojan.Win32.Monder.bzea (Kaspersky), TR/Crypt.XPACK.Gen (Avira), Troj/Virtum-Gen (Sophos), Trojan:Win32/Vundo.gen!AJ... HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken. his comment is here

HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> No action taken. C:\WINDOWS\system32\vrhtxiql.exe (Trojan.LowZones) -> No action taken. Oldsod. If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)Under "Configuration and Preferences", http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Trojan%3AWin32%2FVundo.gen!H

or read our Welcome Guide to learn how to use this site. Contact Support F-Secure customers can request support online via the Request support or the Chat forms on our Home - Global site. Edited by Orange Blossom, 05 June 2008 - 05:00 PM.

Vundo is often distributed as a DLL file and installed on an affected machine as a Browser Helper Object (BHO) without a user's consent. What's New? I completed step 1 and 2 and i was wondering if somebody could give me advice what to do next. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7e466f3a-8ff0-4d38-872f-051854324248} (Trojan.Vundo) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken. New - Anti-Phishing Protection for Chrome Browser. Oldsod. have a peek at this web-site A text file will open in your default text editor.Please copy and paste the Scan Log results in your next reply.Click Close to exit the program.

Select the Tools menu and click Folder Options. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\fccabXpq.dll (Trojan.Vundo) -> No action taken. This option must be used before attempting to view the files since a reboot is needed for the change to take effect....

At the moment there are 2:c:\DOCUME-1\Neil\LOCALS-1\Temp\lhowggpj.dllC:\Documents and Settings\Neil\Local Settings\Temporary Internet Files\Content.IE5\D2VWMGP5\kb654117[1]3 more have been put in "back-up" by Kasperskyc:\documents and settings\neil\local settings\temp\odunmeku.dllc:\documents and settings\neil\local settings\temp\lhowggpj.dllC:\Documents and Settings\Neil\Local Settings\Temporary Internet Files\Content.IE5\IJ4EPV2O\kb654117[1]And 1 navigate here HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\nnnlmlec (Trojan.Vundo) -> No action taken. Removal Automatic action Depending on the settings of your F-Secure security product, it will either automatically delete, quarantine or rename the suspect file, or ask you for a desired action. Guess that makes us very good friends now.

Prevention Take these steps to help prevent infection on your computer. In the registry, open the Edit and click the Find. After I removed all that was possible this is the result of the virusses I couldn't delete: KASPERSKY ONLINE SCANNER REPORT Thursday, June 05, 2008 3:58:07 PM Operating System: Microsoft Windows Using the site is easy and fun.

Another option: download HijackThis from www.trendmicro.com and then post your HJT log to www.castlecops.com or www.bleepingcomputer.com and let their malware experts work with you to clean up the malware on your Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? To enable the viewing of Hidden files follow these steps: Open the Control Panel. Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\txtbbdwj.dll (Trojan.Vundo) -> No action taken.

Check the Full Control box under the Allow column and then Apply and OK. Currently Beta Testing: N/A Trying to get into graduate schoolCurrent job:pm me for info blackraven View Member Profile 28.06.2008 14:31 Post #3 Newbie Group: Members Posts: 6 Joined: 25.06.2008 hi, C:\WINDOWS\system32\txtbbdwj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

That may cause it to stall or freeze.Please post the log from ComboFix (can also be found as C:\ComboFix.txt) in your next reply.

Thanks Operating System: Windows XP Home Edition Software Version: 7.0 Product Name: ZoneAlarm Internet Security Suite

Start the PC in Safe Mode. Next to this, everytime I used Internet Explorer I would get quite a lot of random pop-ups. To do so here are the results from Malware: Malwarebytes' Anti-Malware 1.14 Database version: 826 16:28:03 5-6-2008 mbam-log-6-5-2008 (16-27-56).txt Scan type: Quick Scan Objects scanned: 44298 Time elapsed: 6 minute(s), 55 So then I started searching and used Kaspersky to scan my computer, and then I did found virusses, 25 infected files.

Regards,Findley Reply With Quote May 12th, 2008 #4 findley Guest Re: Trojan.Win32.Monder.gen virus on my system that Zonealarm cannot clean up -- Help Sorry Oldsod, I guess we were typing at Best regards. Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Jump Double-click that icon to launch the program.If asked to update the program definitions, click "Yes".

Select Folder Options. For more information on Microsoft security products, see http://www.microsoft.com/protect/products/computer/default.mspx. Windows 7 64-bit, 500gb HD, 4gb ram, Nvidia GeForce GT 425M, i5-480M (in use)FF: current; KIS/KAV and PURE Tester since Kaspersky 6 with real computer (always). Windows 10, Windows 8.1, Windows 7 SP1, and Vista SP2 English, French, Italian, German and Spanish.

I enjoy the contrast of divergent opinions - there is always more than one way to solve a problem and looking at someone else's approach can be educational. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> No action taken. Click here to Register a free account now! SUBMIT A SAMPLE Suspect a file or URL was wrongly detected?

Here are the instructions how to enable JavaScript in your web browser. Now your computer is configured to show all hidden files. Several functions may not work. Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy


I've also tried some other removal tools. Trojan.Win32.Monder.gen fix Started by tuomi42 , Jan 01 2009 11:47 PM Please log in to reply 1 reply to this topic #1 tuomi42 tuomi42 Members 1 posts OFFLINE Local time:01:41 All rights reserved. Repeat for the mljjj.dll Note: if the registry says you do not have permission to delete or to that effect, then right click the Main key in the left panel and

Please be patient while it scans your computer.After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected.