I've completed the TFC, rkill, Malwarebytes scan and removal process 3 times now. The past 2 times there is one entry in the results that persists, and requires rebooting to remove. However, when I select the option to reboot, it takes a very long time to do it. Then after rebooting, the same entry is there after scanning again. Here is the one thing I can't seem to get rid of:
Trojan.Agent Registry Value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rundll32.exe
Please tell me the next step I need to take to get rid of this. Rebooting when asked to do so by the Malwarebytes program doesn't seem to be working.
I realized that I had changed permissions on the folder in the registry in a previous effort to manually remove the infection. There was a file that kept coming back every time I deleted it and restarted regedit or rebooted. However, since changing the folder permissions again and setting my username and system with full control, and running Malwarebytes scan and removal and rebooting, it appears that the system is now clear of infections (according to last Malwarebytes scan). However, I'm still a bit concerned that there might be some trace of infection or a vulnerability present that is hidden in a way that the scanners can't find it. So if there is some way I can post logs as mentioned in a previous reply to my topic and have someone look over them to see if everything is truly in the clear, I would appreciate it. Please just let me know what I need to do. Thanks!
Edited by techtragedy, 18 November 2009 - 02:40 PM.