|
Anyone ever hear of "vaxqbulo.exe" - keeps popping up on clients 'puter at shutdown.
|
|
|
fitzm
Newbie
|
13. September 2008 @ 08:33 |
Link to this message
|
|
Anyone ever hear of "vaxqbulo.exe" - keeps popping up on clients 'puter at shutdown.
I can't find ANY reference to it at all.
|
|
Advertisement
|
|
|
|
Junior Member
|
13. September 2008 @ 16:22 |
Link to this message
|
|
It sounds like a file messing up your PC... Some kind of virus no doubt... My advice is to find the root of the file somwhere in program files and delete it...
If that file is protected/ under use you will need to shut it down first using task manager and ending the right process.
Life is a game, every game has a story, every story is written.
|
|
fitzm
Newbie
|
18. September 2008 @ 00:04 |
Link to this message
|
Used process explorer and deleted folder but keeps coming back. The biggest thing is that NO ONE has ever posted this ANYWHERE on the internet. I seriously doubt this is the only computer affected ever:).
|
Junior Member
|
18. September 2008 @ 00:21 |
Link to this message
|
|
The only info i found through an ie web search is on this forums
I'd be looking into removing it if i were you :)
|
Senior Member
|
18. September 2008 @ 05:25 |
Link to this message
|
|
|
Junior Member
|
18. September 2008 @ 05:34 |
Link to this message
|
|
|
Senior Member
|
18. September 2008 @ 05:54 |
Link to this message
|
Post where i told you and the guys there will get you to do a hijack this log. It's not a good idea to just go deleting files if you don't know what they are.
|
Moderator
1 product review
|
18. September 2008 @ 12:01 |
Link to this message
|
|
Moved to sick PC forum.
|
Senior Member
|
19. September 2008 @ 08:39 |
Link to this message
|
Hi fitzm
Welcome to the world of infected computers. Signs that your file is a malware: It has eight letters, and is a random file name.
Before we begin the cleanup process, it is important to do a little analysis first. We will analyze your computer with a tool called HijackThis.
Please download the HijackThis zip file. Save it onto a convenient place in your computer, and then unzip the file.
Rename HijackThis(.exe) to scanner(.exe).
Next, run scanner(.exe). A window will pop up.
? Click on the button which says Main Menu, then Do a system scan and save a logfile.
? Please wait for the scan to be completed.
? After the scan has completed, a text window will pop up. Please post the contents of this window here.
This will also be located at hijackthis(.txt) in the same folder that HijackThis was originally saved.
NOTE:: Do not fix anything using HijackThis, as this may also damage legitimate components of your computer.
Best Regards :D
Life is but a dream; you dont feel any pain unless you want to or you fall off the bed.
Success is relative; the more success the more relatives.
A computer once beat me at chess, but it was no match for me at kickboxing.
To be or not to be; thats a dumb question.
|
|
fitzm
Newbie
|
21. September 2008 @ 10:24 |
Link to this message
|
Thanks for replies all. I apologize I guess I should have clarified: I am an IT guy by trade so I have used Hijack, Comodo, several anti-spyware tools, etc. for years on several clients.
I am curious as to why McAfee, Norton, Comodo (firewall and BoClean), Ewido, AdAware, SpyBot,and Hijack didn't even see it - let alone catch it. The only thing that "saw" it was Process Explorer, obviously, because it was currently running in the background at the time. That's a pretty stealthy bug. I also don't get why this hasn't been reported ANYWHERE. I understand that new bugs are created daily/hourly all over the globe but I've not seen one that at least didn't get a few hits when searching. Even a variation with the characteristics in behavior or even spelling usually gets something.
|
|
Advertisement
|
|
|
Senior Member
|
22. September 2008 @ 06:44 |
Link to this message
|
Originally posted by fitzm:
I understand that new bugs are created daily/hourly all over the globe but I've not seen one that at least didn't get a few hits when searching.
This is not true. Vundo, and other such malware, employ random file names to escape generic detection, so googling random names should not produce any result.
As for detecting this file, this is most probably a zero-day malware, which is why you should tell people about it. Upload it here: http://www.uploadmalware.com/
Best Regards :D
Life is but a dream; you dont feel any pain unless you want to or you fall off the bed.
Success is relative; the more success the more relatives.
A computer once beat me at chess, but it was no match for me at kickboxing.
To be or not to be; thats a dumb question.
|
