Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PC Problems - BSOD on Safe Mode, Internet browsers won't stay open, I believe they are related


  • Please log in to reply
1 reply to this topic

#1 iliketowel

iliketowel

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:50 PM

Posted 17 January 2010 - 09:06 AM

Hello all and thank you for taking the time to look at this forum post. I apologize as this may be long winded and complicated (at least for me as a relative novice)

About a month aware, I started getting pop-up ads for a program (I don't remember the exact file name, but attached is the reports from malwarebytes)

log 1: Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3

11/29/2009 9:07:00 PM
mbam-log-2009-11-29 (21-07-00).txt

Scan type: Quick Scan
Objects scanned: 116982
Time elapsed: 9 minute(s), 43 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 1
Registry Values Infected: 3
Registry Data Items Infected: 5
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\pefodibi.dll (Trojan.Vundo.H) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{6360a0e7-42f0-4405-ae2f-6b7ad531aa0b} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sofimomij (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{6360a0e7-42f0-4405-ae2f-6b7ad531aa0b} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\viwidelej (Trojan.Vundo.H) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\pefodibi.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\pefodibi.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\system32\pefodibi.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\fumoragi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

For the last 6 weeks my computer has been working fine.

HOWEVER, I recently tried to run a defragmentation on my drive and my computer browsers stopped working

1. Chrome gave me an "Aw, Snap" message every time I tried to open a website
2. Firefox would load up the startpage (netvibes.com) before shutting down after I opened something new up in the program
3. Internet Explorer simply wouldn't allow me on to the internet

During this time, I can still receive e-mail via outlook for GMail.

I tried restarting my computer in safe mode and got BSOD and this message


A problem has been detected and Windows has been shut down to prevent damage to your computer.

If this is the first time you've seen this Stop error screen, restart your computer. If this screen appears again,

follow this steps:

Check to be sure you have adequate disk space. If a driver is identified in the Stop message, disable the driver or check with the manufacturer for driver updates. Try changing video adapters.

Check with your hardware vendor for any BIOS updates. Disable BIOS memory options such as caching or shadowing. If you need to use Safe Mode to remove or disable components, restart your computer, press F8 to select Advanced

Startup Options, and then select Safe Mode.

Technical information:

***STOP: 0x0000007E (0xc0000005, 0x80537009, 0xF78A6508, 0xF78A6204)

I can load into Safe Mode in VGA settings, but the internet still doesn't work

I have a Dell Vostro 1500
MS Windows XP Professional
Version 2002, Service Pack 3

Inter Core2 Duo PC
T7300 @ 2.00GHz
2.00 GB of RAM


I have also loaded a hijack this file, but will not upload it here, until someone deems it necessary

Thank you for your time and any insight you can provide.

BC AdBot (Login to Remove)

 


#2 OldGrumpyBastard

OldGrumpyBastard

  • Members
  • 781 posts
  • OFFLINE
  •  
  • Location:"Way South of 'da Bridge"
  • Local time:03:50 PM

Posted 17 January 2010 - 09:33 AM

http://support.microsoft.com/kb/330182/
Does this look like an OldGrumpyBastard or what?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users