Regedit won't work in run or from C:\WINDOWS

[kraving]

The problem is that when I type in regedit in the run window, all that happens is that the mouse icon turns into the loading icon for a sec then nothing happens. Same thing when i run regedit.exe. No windows open.

Other things I have noticed is that when i reboot, there are rundll errors at startup that are zabufaki.dll and hmuziwoluwa.dat saying that they are missing or corrupted(I'm not sure).

Also regedit32.exe is missing.

Thanks.

 

[Spyder_1386]

hi kraving

Looks like your computer is pretty heavily infected. Please follow the 8-step guide here (do not skip any steps) ... https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/ ... and attach the required logs to your next post so that one of the experts can have a look at them for you.

Spyder_1386

 

[kraving]

My problems went away using the 8 steps.

Thanks for your help.

 

[Spyder_1386]

Hi kraving

Your symptoms might have gone away but that doesn't mean your system is completely clean as yet. I would advise you to attach the required logs to your next post to have them reviewed.

Spyder_1386

 

[Bobbye]

Spyder is absolutely correct! Some infections require additional cleaning program to be run. Some entries in a HijackThis log need to be removed followed by additional specific action. That's what we do when we review the logs.

Although it's in the 8 Steps:
Did you update your Java? Your is very old and vulnerable, (Java\jre1.5.0_06)
In addition to running the 3 programs and checking the logs, Combofix and CFScript would have been suggested-only with out help- to remove bad entries such as jahomayo.dll, zabufaki.dll and other system 32 files.

And if you'd stuck around for our help, it would begin like this:
You are using two antivirius programs> AVG and BullGuard. The later is in excess:
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O4 - HKLM\..\Run: [BullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe" -boot
O4 - HKCU\..\Run: [BullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe"
and 18 entries for:
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O23 - Service: BullGuard LiveUpdate (BgLiveSvc) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: BGRaSvc - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\support\bgrasvc.exe

BullGuard Limited, is an Internet security company, that creates antivirus and antispyware applications for PCs and mobile phones.
The latest version is 8.5.0.17 and incorporates Antivirus, Firewall, Antispyware, Spamfilter, Backup and Support software.

I'd also tell you than this is NOT a legitimate LSP, but a Vundo entry:
O20 - AppInit_DLLs: C:\WINDOWS\system32\rasohive.dll,C:\WINDOWS\system32\podiyemo.dll
podiyemo.dll.tmp (Trojan.Vundo)
RASOHIVE.DLL Cloaked Malware

That needs to be removed and files deleted.

But it's beautiful and sunny in Florida, for the first time in 12 days (not a complaint!) so I'm going to the picnic that's on again after being rained out!