Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Multiple infections

  • Please log in to reply
2 replies to this topic

#1 DCobble


  • Members
  • 1 posts
  • Local time:10:19 AM

Posted 06 January 2010 - 09:31 AM

One of the computers on our network is infected with: Trojan.Vundo.H; Backdoor.Bot; Hijack.ControlPanelStyle; Malware.Trace; Spyware.Zbot;Disabled.SecurityCenter; Stolen.data; and Trojan.Agent. These were all found by Malwarebytes, and were supposed to delete on reboot, but it didn't happen. I tried specific fixes, but nothing has worked so far. Can anyone give me any advice on what to try next?

BC AdBot (Login to Remove)


#2 techextreme


    Bleepin Tech

  • Members
  • 2,125 posts
  • Gender:Male
  • Location:Pittsburgh, PA
  • Local time:12:19 PM

Posted 06 January 2010 - 10:11 AM

Your best bet may be to reboot in Safe Mode and once again run Malwarebytes.

Scan for Spyware/Adware

Malwarebytes' Anti-Malware a.k.a. MBAM - Download Free Version - Homepage
Why? Malwarebytes' Anti-Malware is very good at removing the zlob trojan, virtumonde, and most other current infections. This single tool has replaced multiple tools that have been required in the past.
  • 1. Double-click mbam-setup.exe and follow the prompts to install the program. At the end, confirm a check mark is placed next to the following:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • 2. At the end, confirm a check mark is placed next to the following:
  • 3. Then click Finish.
  • 4. If an update is found, it will download and install the latest version.
  • 5. Once the program has loaded, select Perform quick scan, then click Scan.
  • 6. When the scan is complete, click OK, then Show Results to view the results.
  • 7. Be sure that everything is checked, and click Remove Selected.
  • 8. When completed, a log will open in Notepad. The rogue application should now be gone.
Note: Some infections will prevent MBAM from running. If MBAM won't run, try renaming the file mbam-setup.exe to a random name, and then try again.

If malwarebytes does not successfully complete the removal process, you may want to post in the HijackThis Logs and Virus/Trojan/Spyware/Malware Removal forum

To Help the HJT Team please read the following instructions and post your results in the HijackThis Logs and Virus/Trojan/Spyware/Malware Removal forum. When you post the log, also put a link to this post so the HJT Team knows what all has been done to your computer before posting to the HijackThis Logs and Virus/Trojan/Spyware/Malware Removal forum.

Please be patient as the HJT team is quite busy sometimes and it may take a day or even a few for someone to pickup your log but someone will get back to you.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results. Post both logs (no need to zip attach.txt).
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

Edited by techextreme, 06 January 2010 - 10:15 AM.


"Admire those who attempt great things, even though they fail."

-- Seneca

#3 boopme


    To Insanity and Beyond

  • Global Moderator
  • 73,562 posts
  • Gender:Male
  • Location:NJ USA
  • Local time:11:19 AM

Posted 06 January 2010 - 11:46 AM

If one is to run or post logs from DDS or HJT,they are required to run the Preparation Guide For Use Before Using Hijackthis. Then go here HijackThis Logs and Virus/Trojan/Spyware/Malware Removal ,click New Topic,give it a relevant Title and post that complete log.

Please see the pinned topic at the top of this Forum.. How do I get help? Who is helping me?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users