# Windows Defender Warning Help!!!



## Baldie559 (Nov 30, 2006)

Ever since yesterday I've been getting a windows defender warning for "Trojan:Win32/Vundo.gen!M". I've tried to remove it or quarantine it but I'm still constantly getting this message. Also automatic windows udpate is constantly disabling, and seems to have started after I started getting this error. I ran the windows defender scan and also Avast Antivirus scan and nothing. ANY HELP??


----------



## ZLRAC (Jul 10, 2006)

1. Open Registry Editor. Click Start>Run, type REGEDIT, then press Enter.
2. In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>
Windows>CurrentVersion>Explorer>ShellExecuteHooks
3. In the right panel, locate and delete the entry:
{FB936D4B-E1F5-4345-A9B3-D05971F30C4E} = ""
4. Again in the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft>Windows>
CurrentVersion>Explorer>Browser Helper Objects
5. Still in the left panel, locate and delete the key:
{FB936D4B-E1F5-4345-A9B3-D05971F30C4E}
6. Again in the left panel, double-click the following:
HKEY_CLASSES_ROOT>CLSID
7. Still in the left panel, locate and delete the key:
{FB936D4B-E1F5-4345-A9B3-D05971F30C4E}


----------



## Baldie559 (Nov 30, 2006)

I did not see any of those values in the registry.


----------



## ZLRAC (Jul 10, 2006)

What antivirus program do you use?


----------



## Baldie559 (Nov 30, 2006)

I have Avast Antivirus, Ad-Aware 2007, and Ad-watch 2007. I have these programs running all the time.


----------



## Glaswegian (Sep 16, 2005)

Baldie559 - Please start here and follow the instructions.

http://www.techsupportforum.com/sec...pdated-important-read-before-posting-log.html

If you cannot complete any of the Steps, *simply move on to the next one* - remember to let the Analyst know about this when you post your logs.

*Do not post your logs back in this thread - follow the guidance in the above link!*

Please note that the Security Forum is always busy, so I would ask for your patience while waiting for a reply.


ZLRAC - we appreciate you are trying to help but please note that only authorised Security Staff may post specific security advise to users.
http://www.techsupportforum.com/f112/please-read-who-is-helping-you-191670.html


----------



## Baldie559 (Nov 30, 2006)

I posted a HJT log a few hours and am just waiting for a response. Just noticed also that my firefox browser is starting to freeze while IE works fine.


----------



## Ried (Jan 11, 2005)

I noticed you also bumped your thread already. :4-thatsba (that 'bump' post has been deleted)

Nor did you follow the link provided by Glaswegian or heed his advice about patience.

Real-time assistance is not implied anywhere in our 5-step process.

Please refer to the Posting Rules found in Step 5 of our sticky topic *(Updated!) IMPORTANT - Read This Before Posting A Log*




> *Posting Rules*
> 
> 2. Please be considerate of the fact that the people helping you are not being paid for this, and in fact usually have a job, and have a limited amount of time to help, and can only do so much. If no one has replied to your thread within *72hrs *after you posted it, please reply in your thread with the word *BUMP*. to move it forward.
> 
> *DO NOT *Bump the thread unless 72 hours has passed. We work from oldest to newest posts... so *your wait will be longer if you bump it forward before the 72 hours is up*.


As you can see, we are quite busy in the HijackThis Help forum. There are only so many of us doing the best we can. 

One of the Analysts will get to your log as soon as possible.


----------



## Baldie559 (Nov 30, 2006)

I apologize. I will wait for a response.


----------



## Ried (Jan 11, 2005)

While you're waiting, why don't you go ahead and follow those 5-Steps and post the requested logs. :wink:


----------



## Baldie559 (Nov 30, 2006)

I'm trying to disable avast antivirus prior to the panda active scan however the icon is not in the bottom right corner any longer. Panda gets an error while installing.


----------



## Ried (Jan 11, 2005)

Then skip the Panda scan and continue with the remaining steps.


----------

