Home > General > Vundolized?

Vundolized?

Finally, please reply using the button in the lower left hand corner of your screen. Your cache administrator is webmaster. Vundolized? Push the large "Cleanup" button.

I am fairly new and have tried to provide requested reports. The system returned: (22) Invalid argument The remote host or network may be down. The system returned: (22) Invalid argument The remote host or network may be down. The system returned: (22) Invalid argument The remote host or network may be down. http://www.techsupportforum.com/forums/f100/vundolized-355457.html

Please try the request again. Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. This includes Firewalls, Anti-Virus, Spyware Scanners, etc.

  • This is yet another mirror.
  • Please try the request again.
  • Press OK and accept the UAC prompt.

Had to uninstal Flash to update it, it was in four different places. Mar 8th I started getting a few ad pop-ups and unfamiliar virus alerts. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2007-12-5 213640] R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2004-12-13 198256] R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2004-12-13 165488] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-10-6 206096] R2 c:\windows\system32\ati2evxx.exe c:\program files\Intel\Wireless\Bin\EvtEng.exe c:\program files\Intel\Wireless\Bin\S24EvMon.exe c:\program files\Intel\Wireless\Bin\WLKEEPER.exe c:\program files\Common Files\Symantec Shared\ccSetMgr.exe c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe c:\windows\system32\ati2evxx.exe c:\program files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe c:\windows\system32\CTSVCCDA.EXE c:\windows\ehome\ehrecvr.exe c:\windows\ehome\ehSched.exe c:\windows\system32\gearsec.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\Motive\McciCMService.exe c:\program

I'm not too good at diagnosing that stuff. Quarantine? -What about that exe.e that I blocked from accessing?Is it good or bad? -Are you familiar with how to delete the quarantined vundo files in McAfee? -Do you think McAfee/Spybot/Malwarebytes scanning hidden files ... http://threadposts.org/question/843753/Vundolized.html The computer is a lap top (bought early 2006) still under warranty until June with Dell and kept very clean and used almost daily.

mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2007-12-5 40552] S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\ccPwdSvc.exe [2004-12-13 79472] S3 mferkdk;McAfee Inc. Also follow the instructions to update your system. GMER Rootkit scanner made a list before I could even uncheck or click scan button which was unresposive. and winlogins?

Disable any running Anti-Virus or Anti-Malware programs. This is a discussion on Vundolized? Combofix.txt attached. Generated Wed, 18 Jan 2017 16:24:46 GMT by s_hp107 (squid/3.5.23) ERROR The requested URL could not be retrieved The following error was encountered while trying to retrieve the URL: http://0.0.0.9/ Connection

Even with no obvious problems I think I might still have some infection? You may wish to try StartupLite. doesn't sound like a malware problem going on there. When I booted up today I got a blue screen and a loud horn noise...turned off/on computer and seemed to work OK.

For the most part yes. Your cache administrator is webmaster. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2007-12-5 35272] R3 mfesmfk;McAfee Inc. DDS (Ver_09-02-01.01) - NTFSx86 Run by Edward Hensley at 1641.64 on Thu 03/12/2009 Internet Explorer: 6.0.2900.2180 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.480 [GMT -4:00] AV: McAfee VirusScan *On-access scanning enabled* (Updated) FW:

For more information on the hosts file, and what it can do for you, you can view the Tutorial on the Hosts file Install an Anti-Spyware program, and update it regularly Accept Microsoft's EULA (Press Yes). Allow your system to reboot.

mferkdk;c:\windows\system32\drivers\mferkdk.sys [2007-12-5 34216] S3 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-6-7 822424] =============== Created Last 30 ================ 2009-03-16 15:06 --d----- c:\docume~1\edward~1\applic~1\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 2009-03-16 01:49 --d----- c:\program files\common files\xing

Please try the request again. It's scan times are usually under ten minutes, and has excellent detection and removal rates. Note: You shouldn't need to check this checkbox every single time you update, only the first time. Any or all of them may interfere with the running of ComboFix.

Everything seems to be working pretty good...but I don't think I like IE7, we will see. X-ray and test reports are attached as requested. Mar 8th I started getting Thread Tools Search this Thread 03-12-2009, 03:53 PM #1 beefriend Registered Member Join Date: Mar 2009 Location: Georgia SE Posts: 5 OS: They each removed vundos H etc.

This is another mirror. Ran a McAfee scan and the only thing showing is something in combofix(quarantine ?) what is it?. Contents of the 'Scheduled Tasks' folder 2009-02-15 c:\windows\Tasks\McDefragTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2009-01-09 11:53] 2009-01-01 c:\windows\Tasks\McQcTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2009-01-09 11:53] . . ------- Supplementary Scan ------- . Ha!

When you are told that the RC is installed correctly, please press YES to continue scanning for malware. Generated Wed, 18 Jan 2017 16:24:46 GMT by s_hp107 (squid/3.5.23) ERROR The requested URL could not be retrieved The following error was encountered while trying to retrieve the URL: http://0.0.0.10/ Connection Please try the request again. Also, even if things appear to be running better, there is no guarantee that everything is finished.

Please continue to check this forum post in order to ensure we get your system completely clean. Uninstalling CF will clear it's quarentine. c:\program files\INSTALL.LOG . ((((((((((((((((((((((((( Files Created from 2009-02-14 to 2009-03-14 ))))))))))))))))))))))))))))))) . 2009-03-09 01:52 . 2009-03-09 01:52 410,984 --a------ c:\windows\system32\deploytk.dll 2009-03-09 01:52 . 2009-03-09 01:52 73,728 --a------ c:\windows\system32\javacpl.cpl 2009-03-08 14:05 . Generated Wed, 18 Jan 2017 16:24:46 GMT by s_hp107 (squid/3.5.23) ERROR The requested URL could not be retrieved The following error was encountered while trying to retrieve the URL: http://0.0.0.8/ Connection

System Still Slow? Note: Do not mouseclick combofix's window whilst it's running. Nope :) We need to re-run ComboFix with some additonal directives.Please disable any running anti-virus programs.If you are unsure how to do this, see this topic: http://www.bleepingcomputer.com/forums/topic114351.html Close any open browsers. Still no obvious problems today, but McAffee did find and quarentine (2)vundo.gen.w yesterday.

That may cause it to stall. To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select "Run as Administrator" from the context menu.) In your next It seems evrything is OK now, fresh DDS.txt attached. ComboFix will run.

User Name Remember Me? scanning hidden autostart entries ... Bitbucket - Twitter My statements do not establish the official position of Microsoft, and are my own personal opinion. (But you already knew that, right?) 03-16-2009, 06:23 PM #8 The system returned: (22) Invalid argument The remote host or network may be down.