BSOD caused by Trojan?

M

macca747

New member
I've been getting some advice about causes of random BSOD we narrowed it down to HDD then I did a Virus Scan & a Trojan was picked up user Writhziden suggested I ask for help on this forum.
 

Attachments

My Computer

Computer Manufacturer/Model Number
hp workstation xw8200
OS
Win7 Ulitimate x64
CPU
2 INTEL XEON 32/64-BIT 3GHZ 2MB L2 CACHE 800MHZ FSB
Motherboard
DUAL 32/64 BIT XEON PROCESSOR MOTHERBOARD
Memory
4GB PC2-3200 DDR2 ECC FULLY BUFFERED MEMORY
Graphics Card(s)
NVIDIA QUADRO NVS 285 PCI WITH DUAL DVI SPLITTER CABLE
Sound Card
ONBOARD SOUNDCARD
Monitor(s) Displays
medion 22" & Digimate 17" vga
Hard Drives
2 x ide
Hi, macca747.
Malwarebytes Anti-Malware 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Database version: v2012.05.05.03

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
john :: JOHN-PC [administrator]

05/05/2012 11:53:16
mbam-log-2012-05-05 (12-00-13).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 199087
Time elapsed: 6 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
Click to expand...
That is a rather old Vundo CLSID. Any reason why you didn't elect to remove it? Most frequently Vundo is a result of old/vulnerable versions of Java installed on the computer. Uninstall all Java versions except the most recent -- which should be Java SE Runtime Environment 7u4.

Scan with MBAM again:

  • Launch Malwarebytes' Anti-Malware then click the Update tab and "Check for Updates
  • Once the update has been installed and the program has loaded, select Quick scan
    [*]When the scan is complete, click OK, then Show Results to view the results.
    [*]Be sure that everything is checked, EXCEPT items in System Restore as shown in this sample:
    MBAM_SR.png

    [*] Click Remove Selected.
    [*]When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See the Note below)
    [*]The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    [*]Please post contents of that file in your next reply.



** Note **

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
 

My Computer

OS
Windows 7 & Windows Vista Ultimate
You must log in or register to reply here.
Back
Top