Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vundo, and other infections


  • Please log in to reply
1 reply to this topic

#1 eternaljester

eternaljester

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:19 AM

Posted 06 July 2009 - 04:30 AM

Hey guys. First time posting here.

My computer is suffocating in the iron grasp of a variety of nasty infections, most notably Vundo. Prominent symptoms include:

-A variety of programs crashing periodically without warning or reason, including Firefox, IE, AIM, and Yahoo Messenger. Firefox can only be run in safe-mode, and will crash almost every time I log into myspace, though generally not when I log into anything else.

-Anti-virus programs refusing to run, including Hijackthis and Spybot Search & Destroy. Malwarebytes' Antimalware runs fine until I attempt to quarantine any infections discovered in a sweep, in which case the program always crashes midway through the quarantining process.

-A blue screen of death on two or three occasions

-General slowdown, and occasional freezing up.

-A process which appears in my task manager as UAservice7.exe, which takes up all my CPU and causes a pile of processes all called "Realplayer.exe" to appear and slow my computer to a grinding crawl. Ending process on UAservice7 promptly causes all the realplayer.exe's to disappear, and my computer runs much smoother. I have no idea if this is related, but it seemed notable.

As MBAM keeps crashing, I am seemingly never able to eliminate the infections entirely, no matter how many times I scan and quarantine. I was able to complete a full scan using MBAM and procure a log. It is at the bottom of my post. Any help with removing this nasty infection would be greatly appreciated.

Log:

Malwarebytes' Anti-Malware 1.38
Database version: 2335
Windows 5.1.2600 Service Pack 2

7/5/2009 3:50:18 AM
mbam-log-2009-07-05 (03-49-33).txt

Scan type: Full Scan (C:\|)
Objects scanned: 281112
Time elapsed: 2 hour(s), 48 minute(s), 5 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 32
Registry Values Infected: 11
Registry Data Items Infected: 2
Folders Infected: 13
Files Infected: 157

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{3229dfcd-3eaf-4712-ed45-4876fedc170c} (Trojan.Zlob.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{06f20c1a-4811-4c73-a114-792ed70f2cad} (Password.Stealer) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{06f2

BC AdBot (Login to Remove)

 


#2 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:19 PM

Posted 06 July 2009 - 04:56 AM

Hi and welcome to Bleeping Computers :thumbsup:

There seems to be a lot missing from this log, could you possibly post everything that is in it from the last line of what is posted above?

I suspect it was too long to fit in your previous post and was chopped off after you sent it, but it would be helpful to see what files and such it found to be infected and with what.

If you can get it to run a new quick scan that log would be helpful as well. Please allow it to fix all problems it finds if it does not crash on you.

Edited by Stang777, 06 July 2009 - 05:00 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users