Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vundo wont go!


  • Please log in to reply
No replies to this topic

#1 shopken1

shopken1

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:48 AM

Posted 10 March 2010 - 09:22 PM

Hi all

I have taken on this old computers issues as a challange to my limited diagnostic abilities and have been beaten so far.

XP professional service pk 2.

Here are the detections below;

Avira detections;
1) wtth\mwpe.dll or TR/Dldr.Agent.dfhk
2) wtth\dssenhl.dll.bak or TR/Crypt.FKM.Gen
3) system32\layqdlbl.dll. or 'TR/Crypt.XPACK.Gen

Malwarebytes scan; 12 files
1) Vundo H
2) BHO Trojan
3) Trojan agent

I notice a registry entry using ccleaner that cannot be removed. It has a new checked box that is ghost written "special permission"

I have run advira scans in safe mode and have shut off system restore for the reboot virus removal.. but to no avail.

Malwarebytes and Hijack this cannot remove it as I am using it anyway

I read archive posts for help here and in Aviras archives and have followed all the fix proceedures with no results

Downloaded two files for vundo removal from a forum link here on bleeping computer.. but they contained spyware as per avira. (Vundobegone and Vundo fix) I will not run them unless advised.

Any sage advise?

I can post Log files if requested.

Thanks!

Edited by Orange Blossom, 11 March 2010 - 12:48 AM.
Move to AII. ~ OB


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users