Microsoft Windows Vista Community Forums - Vistaheads
Recommended Download



Welcome to the Microsoft Windows Vista Community Forums - Vistaheads, YOUR Largest Resource for Windows Vista related information.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so , join our community today!

If you have any problems with the registration process or your account login, please contact us.

Driver Scanner

Win32 Rootkit.Podnuha.Trojan

microsoft.public.internetexplorer.general






Speedup My PC
Reply
  #1 (permalink)  
Old 01-05-2009
alxrays
 

Posts: n/a
Win32 Rootkit.Podnuha.Trojan
Hi,
I am running Windows XP Home Edition Service Pack 1
Could anyone tell me how I could remove this problem.
I have ran Multiple Spyware Programs such as AdAware,SpyBot,Malwarebytes,
Stopzilla,npRemoveIT, Glary Utilities, Sophos,MCAfee, kaspersky,ETC...
Along with PCTOOLS and ESET Anti Virus Programs.In Normal and Safe Mode
I ran HIJack This and found the following:
BHO: (no name) (05Eb7E2A-55E5-4C1A-9808-C832FC3E3278)
C:/Windows/Systen32/cfgbkendk.dll
I check it to fix the Problem and it returns as soon as I re-scan HiJack This.
This comes up as a TROJAN when running all these other scans but none of
them can remove it.
I've tried going into Regedit to delete it but I get access denied.
Is it time to re-format my computer or does anyone know how I could finally
get rid of this problem.????

thank you
Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 01-05-2009
Kayman
 

Posts: n/a
Re: Win32 Rootkit.Podnuha.Trojan
On Sun, 4 Jan 2009 22:13:01 -0800, alxrays wrote:

> Hi,
> I am running Windows XP Home Edition Service Pack 1


You'll need to upgrade to SP3 or in the not-so-distant future you won't be
able receiving security updates/patches for your WinXP operating system.

Steps to take before you install Windows XP Service Pack 3
http://support.microsoft.com/kb/950717

Windows XP Service Pack 3 Overview
http://www.microsoft.com/downloads/d...displaylang=en

Information about Windows XP Service Pack 3
http://support.microsoft.com/kb/936929

> Could anyone tell me how I could remove this problem.
> I have ran Multiple Spyware Programs such as AdAware,SpyBot,Malwarebytes,
> Stopzilla,npRemoveIT, Glary Utilities, Sophos,MCAfee, kaspersky,ETC...
> Along with PCTOOLS and ESET Anti Virus Programs.In Normal and Safe Mode


Talking about an overkill

Try this:
GMER - is an application that detects and removes rootkits.
http://www.gmer.net/index.php
http://antirootkit.com/forums/index....81ffe4361c3a17

> I ran HIJack This and found the following:
> BHO: (no name) (05Eb7E2A-55E5-4C1A-9808-C832FC3E3278)
> C:/Windows/Systen32/cfgbkendk.dll
> I check it to fix the Problem and it returns as soon as I re-scan HiJack This.


Only experienced/trained individuals should examine and 'fix' HJT logs.

> This comes up as a TROJAN when running all these other scans but none of
> them can remove it.
> I've tried going into Regedit to delete it but I get access denied.


Stop it right now!

> Is it time to re-format my computer


Not yet

> or does anyone know how I could finally get rid of this problem.????


Please, do not post HJT logs to this newsgroup.

Fora where you can get expert advice for HiJack This! (HJT) logs.

http://www.thespykiller.co.uk/index.php?board=3.0
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.tomcoyote.org/index.php?showforum=27
http://www.bleepingcomputer.com/forums/forum22.html
http://www.malwarebytes.org/forums/i...hp?showforum=7
http://www.5starsupport.com/ipboard/...p?showforum=18
http://www.theeldergeek.com/forum/in...showf orum=29

NOTE:
Registration is required in any of the above mentioned fora before posting
a HJT log and read the 'stickies' (instructions/guidelines) for the
respective HJT forum.

Good luck
Reply With Quote
  #3 (permalink)  
Old 01-05-2009
PA Bear [MS MVP]
 

Posts: n/a
Re: Win32 Rootkit.Podnuha.Trojan
1. See if you can download/run the MSRT manually:
http://www.microsoft.com/security/ma...e/default.mspx

2. Run this online scan (in safe mode w/networking, if need be):
http://onecare.live.com/site/en-us/center/howsafe.htm

3. Run additional checks for hijackware, including posting your hijackthis
log to an appropriate forum (which I'm sure will be required).

Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine2.blogspot.com/
http://www.elephantboycomputers.com/...moving_Malware

When all else fails, HijackThis v2.0.2
(http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use (in
conjuction with some other utilities). HijackThis will NOT fix anything on
its own, but it will help you to both identify and remove any
hijackware/spyware with assistance from an expert. **Post your log to
http://spywarehammer.com/simplemachi...php?board=10.0,
http://forums.spybot.info/forumdisplay.php?f=22,
http://aumha.net/viewforum.php?f=30, or another appropriate forum for review
by an expert in such matters, not here.**

If the procedures look too complex - and there is no shame in admitting this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/

alxrays wrote:
> Hi,
> I am running Windows XP Home Edition Service Pack 1
> Could anyone tell me how I could remove this problem.
> I have ran Multiple Spyware Programs such as AdAware,SpyBot,Malwarebytes,
> Stopzilla,npRemoveIT, Glary Utilities, Sophos,MCAfee, kaspersky,ETC...
> Along with PCTOOLS and ESET Anti Virus Programs.In Normal and Safe Mode
> I ran HIJack This and found the following:
> BHO: (no name) (05Eb7E2A-55E5-4C1A-9808-C832FC3E3278)
> C:/Windows/Systen32/cfgbkendk.dll
> I check it to fix the Problem and it returns as soon as I re-scan HiJack
> This. This comes up as a TROJAN when running all these other scans but
> none
> of
> them can remove it.
> I've tried going into Regedit to delete it but I get access denied.
> Is it time to re-format my computer or does anyone know how I could
> finally
> get rid of this problem.????
>
> thank you


Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
variant of Win32/injector.BQ trojan >> HELP! Willy microsoft.public.windows.vista.general 11 07-21-2008 02:58
Trojan Win32/vundo.AIK mlh78 microsoft.public.windowsupdate 1 07-07-2008 21:05
mchInjDrv.sys infectado con Win32:Trojan-gen Claudio Mansilla Oate microsoft.public.es.windowsvista 2 09-30-2007 09:13
removal of win32:trojan-gen. virus Martin microsoft.public.windows.vista.security 1 09-26-2007 17:42




All times are GMT +1. The time now is 00:50.




Driver Scanner - Free Scan Now

Vistaheads.com is part of the Heads Network. See also XPHeads.com , Win7Heads.com and Win8Heads.com.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.7
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0 RC 2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120