Vundo, BHO malaware as mine PC - I don't like them. PLEASE HELP OUT. I dropped...
I have Windows XP Home SP2 Dell XPS GEN3 (excluding guarantees and support, but still kicking).
Yesterday I was unfortunate enough to get Antivirus 2008 - very frustrating experience. Read here and use MBAM to remove it. However, during the second test, I was careful to the left on the junk and it was Vundo, BHO (did not specify) and a few other things malaware. I tried to run MBAM - nothing, MBAM tent (or at least it say) to remove on reboot, but they keep coming back. I went to the safe MODE, disabled the system restore and MBAM used again - same result.
I googled the problem - found FixVundo.exe here from Symantec. Run in mode safe mode with CATERING to the wide and no result once again (this time FixVundo said that there is no such malaware found on my PC).
I dropped.
Here's the latest MBAM log file:
Malwarebytes' Anti-Malware 1.24
Database version: 1036
Windows 5.1.2600 Service Pack 2
20:53:35 09/08/2008
MBAM-log-8-9-2008 (20-53-35) .txt
Scan type: Quick Scan
Objects scanned: 41401
Time elapsed: 4 minute (s), 21 second (s)
Memory processes infected: 0
Memory infected: 3
Registry keys infected: 6
Registry values infected: 2
The infected registry data: 4
Folders infected: 0
Files infected: 5
Process memory infected:
(No malicious items detected)
Memory infected:
C:\WINDOWS\system32\vtUoLbAQ.dll (Trojan.Vundo)-> delete on reboot.
C:\WINDOWS\system32\zurufalo.dll (Trojan.Vundo)-> delete on reboot.
C:\WINDOWS\system32\ddcCUkIB.dll (Trojan.Vundo)-> delete on reboot.
Infected registry keys:
HKEY_LOCAL_MACHINE Helper Objects\ {d6c213a3-da8e-41d2-850b-fba893e492ec} (Trojan.Vundo)-> delete on reboot.
HKEY_CLASSES_ROOT\CLSID\ {d6c213a3-da8e-41d2-850b-fba893e492ec} (Trojan.Vundo)-> delete on reboot.
HKEY_LOCAL_MACHINE Helper Objects\ {8c57cb69-ec1f-4ff3-916f-52151aabc187} (Trojan.BHO)-> delete on reboot.
HKEY_CLASSES_ROOT\CLSID\ {8c57cb69-ec1f-4ff3-916f-52151aabc187} (Trojan.BHO)-> delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ddccukib (Trojan.Vundo)-> delete on reboot.
HKEY_LOCAL_MACHINE Software Microsoft RemoveRP (Trojan.Vundo)-> quarantined and deleted successfully.
The registry is infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\luwuhuwamo (Trojan.Agent)-> quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\ {8c57cb69-ec1f-4ff3-916f-52151aabc187} (Trojan.Vundo)-> delete on reboot.
Infected registry data items:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Security packages (Trojan.Vundo)-> Data: c:\windows\system32\vtuolbaq-> quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo)-> Data: c:\windows\system32\zurufalo.dll-> quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo)-> Data: c:\windows\system32\zurufalo.dll-> quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication packages (Trojan.Vundo)-> Data: c:\windows\system32\vtuolbaq-> quarantined and deleted successfully.
Infected files:
(No malicious items detected)
Infected files:
C:\WINDOWS\system32\vtUoLbAQ.dll (Trojan.Vundo)-> delete on reboot.
C:\WINDOWS\system32\QAbLoUtv.ini (Trojan.Vundo)-> quarantined and deleted successfully.
C:\WINDOWS\system32\QAbLoUtv.ini2 (Trojan.Vundo)-> quarantined and deleted successfully.
C:\WINDOWS\system32\zurufalo.dll (Trojan.Vundo)-> delete on reboot.
C:\WINDOWS\system32\ddcCUkIB.dll (Trojan.BHO)-> delete on reboot.
Whatever it says remove on reboot - nothing was happened.
I tried to manually delete these files and to REPAIR Windows to reinstall CD.
Now, I gave up. I need new ideas.
Thanks in advance for any help.
Tags: Dell Software
Similar Questions
-
Firewall Windows settings keep changing ~ I don't change them! HELP Please
Recently, I noticed that to change my Windows Firewall settings, AND I'm not modify them.
I set the Windows Firewall as follows:
1. on the "Général" tab
I ticked the boxes: 'On' (recommended) and "don't allow exceptions".
2. in the tab 'Exceptions ':
NO boxes are checked
I ticked 'display a notification when Windows Firewall blocks a program '.
3. on the "Advanced" tab
ONLY "Connection to the Local network" is checked
and under the 'Settings' button ICMP NO boxes are checked.Periodically, I notice that my "Network Icon" (two screens) is very active when I'm not navigate on the internet or by e-mail. When I click with the right button on the icon and select "Change Windows Firewall settings", I note that the following changes have been made to my original settings, BUT NOT BY me!
1. on the "Général" tab
The box: 'On' (recommended) is checked
BUT "don't allow exceptions" is now disabled
2. in the tab 'Exceptions ':
File sharing and printer is enabled
AND "Display a notification when Windows Firewall blocks a program" is now disabled
3. on the "Advanced" tab
If I click on the box 'Connect to the Local network' that is always checked
under ICMP, and go to the "Settings" button
NOW, the first "Allow an incoming echo request" is checked.Earlier this week, I hadn't double checked if the parameters have changed and started printing a Word document, I had been editing. Before the start of my print file, my printer started to print pages and pages of garbled text (just the letters and not readable ~ grabage). After the cancellation of all the print jobs, I checked the Windows Firewall settings again, and they had been changed from the original settings that I had chosen, once again!
The only way I can restore my original settings is to click on the default button on the tab "Advanced" and then double-checking the options I want.
This happens at least 8 times a day and makes me crazy, because I am constantly having to check if the Windows Firewall settings are as I put them in the first place. If they are not, I have to go through this process over and over again. By making print a nightmare, but it's also annoying to have to keep control of the settings.
Ask everything you big strong guys out there to give this 'small' a helping hand technique with this one, please.
Thank you very much
~ Alison XxHello
1. is there any firewall other than Windows Firewall running?
2. using any antivirus?
3. Since when did you start to deal with the issue?
Method 1: It could be virus issue. First we will analyze the system for infections using the Microsoft Security Scanner which can be downloaded from the link below:
http://www.Microsoft.com/security/scanner/en-us/default.aspx
-
Please help me with my laptop HP MINI, which is showing a message whenever I try to start the machine below.
"Enter the current password.
The password check failed.
Fatal error... Halter system.
CNU9383H0J ".
I don't know what password to enter. Plase help.
Hello
Enter e9lofufz1w (3rd character is a lowercase L)
Kind regards
DP - K
-
HP mini 110 computer: Please HELP! Fatal error... system halted
I put my laptop Hp mini for a while before JC, I got a new laptop and I took it out the other day to let my children to serve, and I don't know if I forgot the password or if there is something wrong with it? I typed the password that I remember 3 times and it gives me a message
Password check failed
Fatal error... system halted
CNU90245QJ
Please help me to recover my mini laptop for my children!
TIA!
Enter: e9lo17vq5w (3rd character is a lowercase L)
Kind regards
DP - K
-
Fatal system error HP Mini arrested... Please help!
If anyone can please help it would be greatly appreciated! I don't know how to find the BIOS password. I have a Hp mini 110 repeat me password verification failed fatal error... system halted CNU9486NQC
Hello
Use the code below
e9lovug95e
Use the posted above unlock code to access the BIOS
Disable all passwords that are enabled
If current password request - type the unlock code
New password, simply press the ENTER key
Repeat the same thing to check the password column.Then exit the BIOS saving & exit option to save the changes.
-
purchase fail to cause I used to pay purchase iTunes gift card, so I chose any of the theme of credit card. Credit card is danger, I don't like to pay with this method. Can iTunes gift card can't pay inn - app?
You should be able to make in-app purchases with gift cards. What happens when you try to do?
-
After updating my iPhone 6 (9.3.4) the WiFi signal becomes very low! I did everything, but the problem does not stop! I don't a not update my other devices & their very good WiFi signals. Please help me solve this terrible problem...
Here's a tip for the user on the problems of Wi - Fi. Suggest from the top and bottom. Maybe one of them will help you.
(1) restart you device.
(2) resetting the network settings: settings > general > reset > reset network settings. Join the network again.
(3) reboot router/Modem: unplug power for 2 minutes and reconnect. Update the Firmware on the router (support Web site of the manufacturer for a new FW check). Also try different bands (2.4 GHz and 5 GHz) and different bandwidths (recommended for 2.4 to 20 MHz bandwidth). Channels 1, 6 or 11 are recommended for 2.4 band.
(4) change of Google DNS: settings > Wi - Fi > click the network, delete all the numbers under DNS and enter 8.8.8.8 or otherwise 8.8.4.4
(5) disable the prioritization of device on the router if this feature is available. Also turn off all apps to VPN and retest the Wi - Fi.
(6) determine if other wireless network devices work well (other iOS devices, Mac, PC).
(7) try the device on another network, i.e., neighbors, the public coffee house, etc.
(8) backup and restore the device using iTunes. Try to restore as New first and test it. If ok try to restore the backup (the backup may be corrupted).
https://support.Apple.com/en-us/HT201252
(9) go to the Apple store for the evaluation of the material. The Wi - Fi chip or the antenna could be faulty.
-
Please help me, I don't know his password iclaod
Please help me, I don't know his password iclaod
You iPhone or that you bought second hand device?
You must contact the seller and ask him to remove this iPhone in the devices list. Otherwise, your iPhone will be a useless brick.
Find my iPhone Activation Lock: a mechanism of extraction of the previous owner - Apple Support
-
When I click on the + to open a new window I don't like the images that arise. I tried several times to change that through words: config; Browser.newtab.URL. I put in the site I want and it won't change. I tried to put in: blank and it don't work. I'm obviously something wrong - can you help please?
Thank you
If Firefox is ignorant preference browser.newtab.url, the usual culprit is an extension.
You can open the page in Firefox Add-ons using either:
- CTRL + SHIFT + a
- "3-bar" menu button (or tools) > Add-ons
- in the Windows "Run" dialog box, type or paste
firefox.exe "about:addons"
In the left column, click Extensions. Then, in case of doubt, disable (or delete, if possible) not recognized and unwanted extensions. Do not forget that all extensions are optional, none come with Firefox, and you can learn more about them by checking their reviews on the site of the Add - ons.
Often, a link will appear above at least an extension disabled to restart Firefox. You can complete your work on the tab and click one of the links in the last step.
Any improvement?
-
How can I return to the old preferences window? I don't like the new tab.
I used to be able to click: Firefox-> Preferences and get the window preferably. Firefox Preferences now opens as a tab. I don't know how or why it changed. But I don't like. How can I go back to the old way to open the preference window?
Hi, I'm not familiar with Mac, but I think it should work - it does in Windows: Type Subject: config in the address bar, press ENTER, accept the warning, scroll to browser.preferences.inContent and double-click on it to change the "value" from true to False, taking care to not to change what anyone else. You will then need to restart Firefox.
If your question is resolved by this or another answer, please take a minute to let us know. Thank you.
-
My customization option went after that I did a few customization that I don't like. Help please
I tried to do some customization of my toolbar and what it looks like. I don't like what he did then I wanted to change it back but the icon customize is no longer visible nor y at - it of my toolbar icons. All I have is the Star bookmark, download box, reception, and magnifying glass. All my bookmarks are invisible.
How can I get this reset back to where it was? I can't do anything if I don't see my toolbar.
Where the icon customize?
Ok. I could get my toolbar to return but I don't always have the icon customize.
I did the window when the URL is greater. Next to which is Google Search, then the Star, bookmarks, download, home and search.
With regard to the right click. I don't know how to do it. There is a way to hit or option or command control. I got Google whenever I have to do.
I tried to attach a screenshot, but it tells me its too big.
I found it! I used the help!
-
How to restore the functionality of the favorite shortcut. I DO NOT LIKE internet explorer, it is heavy and slow. How can I change the shortcut to bookmarks to act as a menu again? I don't like the bookmarks and history pop-out... Firefox has been above the bar, now I have 2 copies of internet explore on my computer, one with an icon that looks like a E and the other that resembles my old firefox browser... This is the result of the 23.0.1 update this morning, it was perfect when I went to bed last night... Maybe I should use Chrome?
delete the localstore.rdf if you experience problems with the toolbar buttons.
To find this file go to FIrefox = button > help = > Troubleshooting Information = > open profile and localstore.rdf file remove the closure of firefox
-
I don't like the new layout, how can I go back the old traced page?
I don't like the new layout, how to get back the old layout of the page?
Looks as if you just use the option to hide the navigation toolbar.
It will be probably temporarily reappear if you press Alt on the keyboard. You can set to display help (I think that - not in Windows Me)
- Firefox-> toolbars-> toolbar Navigation
-
How can you get rid of the "new tab" page that flashes what you did recently? I don't like this option. If I wanted to Flash all the pages I've visited, I would. It is not YOUR place to do it for me. I'll change the browser if it is not changed.
Hello, please refer to customize the page new tab to turn off the function.
-
iPhone 6 9.0.2 locked with Apple ID and I don't know it can help you to do this?
iPhone 6 9.0.2 locked with Apple ID and I don't know it can help you to do this?
Help to reset a locked Apple ID > Apple - My Apple ID
Maybe you are looking for
-
move the data by lines into a 2D array
HI, I have a question about moving the data in a 2D online table, that I was not able to do so if anyone has an answer please let me know a picture of what im doing is attached as I said I want '1 and run' online no column, if I change the index of t
-
USB 6008: problem with using the 5V output
I am a new user of products OR. I have a USB 6008 and I want to connect the output constant 5v (PIN 31) leg of VCC to a pressure sensor. My device is connected to the computer, but I get no signal output. Do I have to do something to activate the out
-
having xp on HPpavilion dv9000 should help to use the screenshot and painting program
What is the sequence to make a screenshot of a web page and paste nit in ms paint?
-
I keep to redirect to "about white '... When I try to log into facebook
When I try to connect to facebook, I'm redirected to 'about white' any suggestions? I was not able to sign Facebook for weeks.
-
WINDOWS MOVIE MAKER MUSIC PROBLEM
USING WINDOWS MOVIE MAKER, WHEN I TRY TO IMPORT THE MUSIC, I GET THE MESSAGE THAT IT COULD NOT BE IMPORTED. HOW CAN I SOLVE THIS PROBLEM?