Trojan.Vundo

No that is not the only other option! We fix dozens of these each week!

Follow the below exactly (it is very important to get HijackThis installed as requested and also RENAMED as requested or the procedures will not work as we need them to).

Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

• Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
• Make sure you check version numbers and get all updates.
• Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

• After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

Downloading, Installing, and Running HijackThis
​

• When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)
  • Bitdefender
  • Panda Scan
  • HijackThis

.

 

Please follow the directions I gave you and run ALL the steps in the READ & RUN ME. This includes step 6 and the two online scanners. They both must be run and their logs must be attached as I requested in message # 2. Even if Bitdefender finds nothing, attach that log. It is highly unlikely that Panda will find nothing at all. It always finds something even if it is only cookies.


The below question you asked does not make any sense! Please clarify:

All removal tools already scan your registry. That does not mean they will fix problems. Exactly what is it that you are trying to do or what are you looking for. If you are just looking to fix your problems, we will do that after you attach the two requested logs.


Did you configure the below settings yourself????
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.weatherstudio.com/dp/search?x=wKX1ILEOi+Vh7AfA98Gm4Me69ZMbubcD3RW7BXlKjvfRdYVWdWRDsw/NStHO/HqtPUBG7RoXF9mak2kRWid0geytZkaUFlYRDFkt4ybJEKTABwFHv75Uf/r3d+ZhLbK6XfnEqNF/qN8T7JCrliAoOxNkThxIGyRbFMQm/GqXzbON/7Hub9Zte8qVU9j1vnbmc/rh1UbOssHJs5xRvMoKJ7eOZuz1izChzAfwzyek1TMd3jVHvc67NQ==
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://as.weatherstudio.com/dp/search?x=wKX1ILEOi+UdWpSlz2q9Dzn13Emww/YwIjsqjZBnROFgbcPSEwmL6uK9hY/o6AqxbPSICdnVms9kTGQS9lLEVZRBC0HPsQ6IQsIzn5LcNpIb8dRGcd3y5ks8nXaTAu8O2592axlYV3o=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8080


Besides your current malware problems, you have a very big problem in that your Windows & IE versions are way out of date and represent a major security risk. In fact this is very likely the root cause of how you got infected. After removing your malware you must get updated or you will more than like be reinfected in a short time fram.

 

What removal tool? Attach the log so I can see what files you are referring to. Scanning the registry is one thing. Opening and scanning the files where the registry info is saved is another. No tools can scan the files! They are protected by the OS on purpose.

No you did not! Step 6 asks you to run two online scanners and attach the logs. You only ran Bitdefender and you did not attach the log. You did not run PandaActiveScan at all. Are goal is to removal ALL malware. HijackThis is not a comprehensive malware detection or cleaning tool. It is merely a aid to the experienced user to use in performing various functions. If we were to only use HijackThis logs to fix only the malware shown by it, we would be leaving malware on every user's PC who comes here for help. Many malware infections that are out these days have even been designed to specifically hide themselves from showing in a HijackThis log. You have multiple infections (Virtumonde, winlogonhook/conhook, and another unknown trojan). We need to be sure we find everything.

Because they look very strange and I wondered whether this is actually something you setup. Apparently not based on your answer.

 

I'm just stating the obvious. If PandaActive Scan was run it would leave traces in your log just like Bitdefender does. Thus if it is not in your log only two things can be true:
1) you ran it and then deleted the traces of it. But why would you do that.
2) you never ran it.

I seriously doubt you are clean based on things I saw in your other logs. So unless you worked on some other site to remove this malware, you are more than likely still infected.