Trojan.bugat

View previous topic View next topic Go down

Trojan.bugat

Post by fordtech4576 on 4th February 2010, 6:10 am

I keep getting a virus found on real time protection scan with my computer running symantec, i followed all the procedures on there web site to remove it, but it says it cannot remove it or quarantine it, i disabled the restore and downloaded the latest virus def. i even scanned it in safe mode but i just cannot seam to get ride of it. symantec does give a complete registry fix but is that a good idea to manually fix the registry? here is what they say it should be :


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\Parameters.A\"version" = "78 1C 1C C8 59 A2 CA 01"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\Parameters.A\"A1" = "D2 08 00 00 BC 17 63 4B 02 0F 00 00 00 2A 63 6F 6D 65 72 69 63 61 2E 63 6F 6D 2A 00 02 19 00 00 00 2A 63 61 73 68 6D 67 74 2E 66 69 72 73 74 74 65 6E 6E 65 73 73 65 65 2A 00 02 11 00 00 00 2A 65 78 70 72 65 73 73 2E 35 33 2E 63 6F 6D 2A 00 02 18 00 00 00 2A 69 74 72 65 61 73 75 72 79 2E 72 65 67 69 6F 6E 73 2E 63 6F 6D 2A 00 02 1D 00 00 00 2A 77 65 6C 6C 73 6F 66 66 69 63 65 2E 77 65 6C 6C 73 66 61 72 67 6F 2E 63 6F 6D 2A 00 02 17 00 00 00 2A 63 68 73 65 63 2E 77 65 6C 6C 73 66 61 72 67 6F 2E 63 6F 6D 2A 00 02 17 00 00 00 2A 63 65 6F 77 74 2E 77 65 6C 6C 73 66 61 72 67 6F 2E 63 6F 6D 2A 00 02 0D 00 00 00 2A 77 65 62 65 78 70 72 65 73 73 2A 00 02 0B 00 00 00 2A 2F 73 62 75 73 65 72 2F 2A 00 02 0A 00 00 00 2A 77 65 62 63 61 73 68 2A 00 02 1A 00 00 00 2A 77 77 77 32 2E 66 69 72 73 74 62 61 6E 6B 73 2E 63 6F 6D 2F 6F 6C 62 2A 00 02 0A 00 00 00 2A 62 78 73 2E 63 6F 6D 2A 00 02 1A 00 00 00 2A 50 61 73 73 4D 61 72 6B 52 65 63 6F 67 6E 69 7A 65 64 2E 61 73 70 78 2A 00 02 10 00 00 00 2A 62 75 73 69 6E 65 73 73 6C 6F 67 69 6E 2A 00 02 0D 00 00 00 2A 68 62 63 61 73 68 2E 65 78 65 2A 00 02 13 00 00 00 2A 6F 74 6D 2E 73 75 6E 74 72 75 73 74 2E 63 6F 6D 2A 00 02 07 00 00 00 2A 77 69 72 65 2A 00 02 06 00 00 00 2A 41 43 48 2A 00 02 0A 00 00 00 2A 2F 69 6E 65 74 73 2F 2A 00 02 0A 00 00 00 2A 63 6F 72 70 41 43 48 2A 00 02 0F 00 00 00 2A 77 63 6D 66 64 2F 77 63 6D 70 77 2F 2A 00 02 09 00 00 00 2A 2F 49 42 57 53 2F 2A 00 02 08 00 00 00 2A 2F 69 62 73 2E 2A 00 02 0D 00 00 00 2A 2F 6C 69 76 65 77 69 72 65 2F 2A 00 02 09 00 00 00 2A 2F 6F 6C 62 62 2F 2A 00 02 19 00 00 00 2A 73 69 6E 67 6C 65 70 6F 69 6E 74 2E 75 73 62 61 6E 6B 2E 63 6F 6D 2A 00 02 2A 00 00 00 2A 66 6E 66 67 62 75 73 69 6E 65 73 73 6F 6E 6C 69 6E 65 2E 65 6E 74 65 72 70 72 69 73 65 62 61 6E 6B 65 72 2E 63 6F 6D 2A 00 02 1F 00 00 00 2A 6C 61 6B 65 63 69 74 79 62 61 6E 6B 2E 77 65 62 63 61 73 68 6D 67 6D 74 2E 63 6F 6D 2A 00 02 0A 00 00 00 2A 2F 69 6E 65 74 73 2F 2A 00 02 18 00 00 00 2A 62 6F 62 2E 73 6F 76 65 72 65 69 67 6E 62 61 6E 6B 2E 63 6F 6D 2A 00 02 0B 00 00 00 2A 63 6D 73 65 72 76 65 72 2A 00 02 09 00 00 00 2A 43 4C 4B 43 43 4D 2A 00 02 15 00 00 00 2A 64 69 72 65 63 74 6C 69 6E 65 34 62 69 7A 2E 63 6F 6D 2A 00 02 11 00 00 00 2A 65 2D 6D 6F 6E 65 79 67 65 72 2E 63 6F 6D 2A 00 02 0A 00 00 00 2A 63 61 73 68 6D 61 6E 2A 00 02 1F 00 00 00 2A 73 65 63 75 72 65 6E 74 72 79 63 6F 72 70 2E 61 6D 65 67 79 62 61 6E 6B 2E 63 6F 6D 2A 00 02 0C 00 00 00 2A 6E 65 74 74 65 6C 6C 65 72 2A 00 02 10 00 00 00 2A 6F 6E 6C 69 6E 65 73 65 72 76 2F 43 4D 2A 00 02 07 00 00 00 2A 6E 75 62 69 2A 00 02 11 00 00 00 2A 73 65 63 75 72 65 2D 62 61 6E 6B 69 6E 67 2A 00 02 08 00 00 00 2A 62 6C 69 6C 6B 2A 00 02 11 00 00 00 2A 73 76 62 63 6F 6E 6E 65 63 74 2E 63 6F 6D 2A 00 02 0D 00 00 00 2A 70 61 79 70 61 6C 2E 63 6F 6D 2A 00 02 37 00 00 00 2A 67 6F 6F 67 6C 65 2E 63 6F 6D 2F 61 63 63 6F 75 6E 74 73 2F 53 65 72 76 69 63 65 4C 6F 67 69 6E 41 75 74 68 3F 73 65 72 76 69 63 65 3D 61 64 77 6F 72 64 73 2A 00 02 1A 00 00 00 2A 50 61 73 73 4D 61 72 6B 52 65 63 6F 67 6E 69 7A 65 64 2E 61 73 70 78 2A 00 02 1C 00 00 00 2A 62 75 73 69 6E 65 73 73 6F 6E 6C 69 6E 65 2E 68 75 6E 74 69 6E 67 74 6F 6E 2A 00 02 24 00 00 00 2A 62 75 73 69 6E 65 73 73 2D 65 62 2E 69 62 61 6E 6B 69 6E 67 2D 73 65 72 76 69 63 65 73 2E 63 6F 6D 2A 00 02 0B 00 00 00 2A 67 6F 6C 64 6C 65 61 66 2A 00 02 0A 00 00 00 2A 2F 77 65 62 63 6D 2F 2A 00 02 15 00 00 00 2A 77 77 77 2E 61 6D 65 67 79 62 61 6E 6B 2E 63 6F 6D 2F 2A 00 02 0A 00 00 00 2A 2F 77 69 72 65 73 2F 2A 00 02 0C 00 00 00 2A 62 61 6E 6B 62 79 77 65 62 2A 00 02 18 00 00 00 2A 69 6E 74 65 72 6E 65 74 2D 65 62 61 6E 6B 69 6E 67 2E 63 6F 6D 2A 00 02 17 00 00 00 2A 74 72 65 61 73 75 72 79 2E 70 6E 63 62 61 6E 6B 2E 63 6F 6D 2A 00 02 0B 00 00 00 2A 73 73 6F 2E 75 62 6F 63 2A 00 02 0B 00 00 00 2A 63 61 73 68 70 6C 75 73 2A 00 02 1C 00 00 00 2A 2F 64 69 72 65 63 74 2E 62 61 6E 6B 6F 66 61 6D 65 72 69 63 61 2E 63 6F 6D 2A 00 02 1E 00 00 00 2A 74 6F 77 65 72 6E 65 74 2E 63 61 70 69 74 61 6C 6F 6E 65 62 61 6E 6B 2E 63 6F 6D 2A 00 02 1D 00 00 00 2A 6E 61 74 69 6F 6E 61 6C 63 69 74 79 2E 63 6F 6D 2F 63 6F 6E 73 75 6C 74 6E 63 2A 00 02 24 00 00 00 2A 61 75 74 68 6D 61 73 74 65 72 2E 6E 61 74 69 6F 6E 61 6C 63 69 74 79 2E 63 6F 6D 2F 74 6D 67 6D 74 2A 00 02 1C 00 00 00 2A 62 75 73 69 6E 65 73 73 6F 6E 6C 69 6E 65 2E 74 64 62 61 6E 6B 2E 63 6F 6D 2A 00 02 1C 00 00 00 2A 74 72 65 61 73 75 72 79 64 69 72 65 63 74 2E 74 64 62 61 6E 6B 2E 63 6F 6D 2A 00 02 26 00 00 00 2A 65 78 70 72 65 73 73 2E 35 33 2E 63 6F 6D 2F 65 78 70 72 65 73 73 2F 6C 6F 67 6F 6E 2E 61 63 74 69 6F 6E 2A 00 02 14 00 00 00 2A 61 63 63 65 73 73 2E 75 73 62 61 6E 6B 2E 63 6F 6D 2A 00 02 14 00 00 00 2A 74 72 65 61 73 75 72 79 2E 77 61 6D 75 2E 63 6F 6D 2A 00 02 1D 00 00 00 2A 73 69 67 6E 61 74 75 72 65 6E 79 2E 77 65 62 2D 61 63 63 65 73 73 2E 63 6F 6D 2A 00 02 1A 00 00 00 2A 63 6F 6D 6D 65 72 63 69 61 6C 2E 77 61 63 68 6F 76 69 61 2E 63 6F 6D 2A 00 02 28 00 00 00 2A 62 75 73 69 6E 65 73 73 61 63 63 65 73 73 2E 63 69 74 69 62 61 6E 6B 2E 63 69 74 69 67 72 6F 75 70 2E 63 6F 6D 2A 00 02 27 00 00 00 2A 63 68 73 65 63 2E 77 65 6C 6C 73 66 61 72 67 6F 2E 63 6F 6D 2F 6C 6F 67 69 6E 2F 6C 6F 67 69 6E 2E 66 63 63 2A 00 02 24 00 00 00 2A 62 75 73 69 6E 65 73 73 2D 65 62 2E 69 62 61 6E 6B 69 6E 67 2D 73 65 72 76 69 63 65 73 2E 63 6F 6D 2A 00 02 1E 00 00 00 2A 61 75 74 68 6D 61 73 74 65 72 2E 6E 61 74 69 6F 6E 61 6C 63 69 74 79 2E 63 6F 6D 2A 00 02 0F 00 00 00 2A 62 61 6E 6B 73 74 65 72 6C 69 6E 67 2A 00 02 26 00 00 00 2A 62 75 73 69 6E 65 73 73 63 6C 61 73 73 6F 6E 6C 69 6E 65 2E 63 6F 6D 70 61 73 73 62 61 6E 6B 2E 63 6F 6D 2A 00 02 1B 00 00 00 2A 65 6E 74 65 72 70 72 69 73 65 32 2E 6F 70 65 6E 62 61 6E 6B 2E 63 6F 6D 2A 00 02 1B 00 00 00 2A 65 6E 74 65 72 70 72 69 73 65 31 2E 6F 70 65 6E 62 61 6E 6B 2E 63 6F 6D 2A 00 02 26 00 00 00 2A 62 75 73 69 6E 65 73 73 63 6C 61 73 73 6F 6E 6C 69 6E 65 2E 63 6F 6D 70 61 73 73 62 61 6E 6B 2E 63 6F 6D 2A 00 02 0B 00 00 00 2A 62 62 2F 6C 6F 67 6F 6E 2A 00 07 0E 00 00 00 2A 6D 6D 73 65 72 76 65 72 2E 72 75 2A 00 07 0F 00 00 00 2A 66 61 63 65 62 6F 6F 6B 2E 63 6F 6D 2A 00 07 10 00 00 00 2A 6D 69 63 72 6F 73 6F 66 74 2E 63 6F 6D 2A 00 07 11 00 00 00 2A 73 68 75 74 74 65 72 66 6C 79 2E 63 6F 6D 2A 00 04 06 00 00 00 6D C4 8F 12 00 50 05 27 00 00 00 68 74 74 70 73 3A 2F 2F 62 75 67 61 74 74 69 32 30 31 32 2E 72 75 2F 66 6F 72 75 6D 2F 51 37 34 42 32 2E 70 68 70 00 06 19 00 00 00 2A 73 69 6E 67 6C 65 70 6F 69 6E 74 2E 75 73 62 61 6E 6B 2E 63 6F 6D 2A 00 06 2F 00 00 00 2A 77 65 6C 6C 73 6F 66 66 69 63 65 2E 77 65 6C 6C 73 66 61 72 67 6F 2E 63 6F 6D 2F 63 65 6F 70 6F 72 74 61 6C 2F 73 69 67 6E 6F 6E 2F 2A 00 06 18 00 00 00 2A 69 74 72 65 61 73 75 72 79 2E 72 65 67 69 6F 6E 73 2E 63 6F 6D 2A 00 06 11 00 00 00 2A 65 78 70 72 65 73 73 2E 35 33 2E 63 6F 6D 2A 00"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\Parameters.B\"B1" = ""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\"LoadAppInit_DLLs" = "0x00000001"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\"RequireSignedAppInit_DLLs" = "0x00000000"


Restore the following registry entries to their previous values, if required:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\"AppInit_DLLs" = "C:\DOCUME~1\ALLUSE~1\APPLIC~1\MICROS~1\Windows\mspdb30.dll"

fordtech4576
Beginner
Beginner

Posts Posts : 1
Joined Joined : 2010-02-04
OS OS : windows vista
Points Points : 25003
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan.bugat

Post by Belahzur on 4th February 2010, 10:05 pm

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum