Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

j.gusgus

11 Posts

3489

November 23rd, 2007 01:00

Winfixer & Vundo detectd by McAfee; what do I do?

McAfee detected Winfixer and Vundo but my pc is still messed up. I'm getting bogus security balloon pop-ups like these:
 "Fatal Error! Unhandled Esception: Invalid operation. The instruction at "0x66f7d450" referenced memory at "0x00000d0". ..... Would you like to download latest version of antivirus software?"
"Security Alert: Worm-i.Virus....."
"Malware threats ... back door trojan"
"System performance monitor: Warning...click this balloon to download"
"PSW trojan steals privat  information"  notice the missing "e" in private
and other messages with the word "Balloon" spelled "baloon", "ballon"
 
Now my machine wants to shut down, I'm going to send this before it does.  please help, I'll check back later.

Bugbatter

3 Apprentice

 • 

20.5K Posts

November 23rd, 2007 03:00

It probably would be good if we could see what is running around in there, so I'm going to send you for a diagnostic tool. After you run it and post on the HijackThis Board we will know more.
** There is a list of trained analysts at the top of that board in the Announcements. If someone else replies, it will be your decision whether or not you want to take advice from them.

Please download HJT Installer from Here to your desktop.
If not available use this alternate link: Here

Click the Download button.
When the Trend Micro HJT install box appears, double click on the HJTInstall.exe.
Click on Install.

It will be installed by default here: C:\Program Files\Trend Micro\HijackThis
A shortcut to the application will also be placed on your Desktop.
The program will open automatically after installation.
You can double-click the icon that was placed on the Desktop to run subsequent HijackThis scans or you can use the icon inside the folder.
The folder HijackThis is where you will find the HJT logs that you save. When you use the application to remove anything, you will also find the backup copies made by HJT inside this folder.

Close all open windows except HijackThis.
Click on " Do a system scan and save logfile" When the log pops up in Notepad copy and paste that file as a NEW MESSAGE on the HijackThis Board.

Before closing HJT, please click on the Analyze This button. "Analyze This" is for Trendmicro use, and does not mean "Analyze My Log". You must post on the forum in order to receive an analysis of your log.

Close the web page that appears and then close the program HJT.

Posting Your Log:

1. Just click the New Message button in the HijackThis forum here: http://www.dellcommunity.com/supportforums/board?board.id=si_hijack
to start your own thread requesting assistance.
2. In the Message Body window that opens, simply Right-Click and select Paste.
3. Please add text to describe your symptoms.
4. Include in the message subject line a description of your problem. For example, "Popups warning of infection".
5. Make certain you post the entire log by clicking the Preview Post link at the bottom of the window and comparing it to the log from your scan before you click Submit Post

** Note: "The box next to Automatically convert carriage returns to HTML line breaks" should be checked if that appears at the bottom of your Message Body when composing your post.


* DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or required.

Was this post helpful?

View All

No Events found!

Top