I am getting messages from McAfee OAS that it has detected and attempted to remove instances of Vundo!grb Trojan malware (It finds the files C:\windows\system32\oyirukaf.ini and C:\windows\system32\uyabesub.ini as the problematic files).
My symptoms are very similar to another user (SoraNagagino21) who reported it a couple of dayas back, e.g. pop up ads in Internet Explorer, and pop ups stating that i need updates and fixes from random companies, new browser windows popping up to result in "cannot find server" page.
I also ran StopZilla scan and it found 8 instances of agent.HRO infection in the registry keys and removed it. But the infections were found again after I rebooted the machine after the removal.
I am currently following the steps in "8-step Viruses/Spyware/Malware Preliminary Removal Instructions" and will attach the 3 logs to this post when the scanning is completed. I would appreciate if the experts can take a look at the logs and help me out in getting rid of this stubborn malware.
Thanks,
Neil
My symptoms are very similar to another user (SoraNagagino21) who reported it a couple of dayas back, e.g. pop up ads in Internet Explorer, and pop ups stating that i need updates and fixes from random companies, new browser windows popping up to result in "cannot find server" page.
I also ran StopZilla scan and it found 8 instances of agent.HRO infection in the registry keys and removed it. But the infections were found again after I rebooted the machine after the removal.
I am currently following the steps in "8-step Viruses/Spyware/Malware Preliminary Removal Instructions" and will attach the 3 logs to this post when the scanning is completed. I would appreciate if the experts can take a look at the logs and help me out in getting rid of this stubborn malware.
Thanks,
Neil
