Vundo and winworm32

Status
Not open for further replies.
M

Mechakingkong

Posts: 39   +0
does anybody know what this is?couldn't find info online..
{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}

recovered from vundo, ads and winworm32 sometime ago, still eliminating stuff.please help

path: Mipc\hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}
 
i thought it was either the unremovable opentalk or arcsoft video downloader things. i can't remove them with add remove programs, highjackthis, nor from regedit they keep coming back. is there a hidden file for these?
 
I suggest updating MBAM & re-run.

Your last post did not give me a clear picture. Are you describing observations or vague feelings? [see edit below]

User must verify this.
O17 - HKLM\System\CCS\Services\Tcpip\..\{7F4001F9-1A4C-413A-8C56-FC5A8D906569}: NameServer = 200.63.155.47 200.63.155.175
200.63.155.47 & 200.63.155.175 = blacklist reports from robtex

Unknows - look for icon in the notify portion of the task bar
O20 - Winlogon Notify: geBtTLby - C:\WINDOWS\ -- no info
O24 - Desktop Component 0: Privacy Protection - (no file)

To go deeper on this problem will require different strategy / different tools
1. Run MBAM in safe mode
2. Use ComboFix Link to instructions from Blind Dragon

[edit] Your last post seems to describe an incomplete uninstall.
RunScanner for ArcSoft
This describes a connection service. This may explain O17 findings.

Google - uninstall ArcSoft

No info available in databases
O4 - HKCU\..\Run: [OpenTalk] C:\Archivos de programa\OpenTalk\OpenTalk.exe

However, this is another possible program related to O17 findings.
ZDnet OpenTalk product description
 
virus winworm 32

unfortunatly, my system 32 files got damaged before i read last post :dead:
i found out that reformating is much easer for unexperienced people like me.:haha:
 
Status
Not open for further replies.

Similar threads

E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
478
eriksnyman1
E
midian182
Microsoft celebrates 40 Years of Word with a look back and ahead
Replies
4
Views
298
MaestroIT
M
midian182
Former Microsoft dev says Windows Start menu's performance is "comically bad," even with monster PC
2 3
Replies
52
Views
655
user478318
user478318

Latest posts

Back