Lots of people have inflected The Vundo family of Trojans which will bring popups that usually advertise rogue antispyware programs.Users are normally targeted by false positives, and warning of infection an example of this could be popups alerting users they are infected with a blackworm virus.
Nowadays,the vundo Variant,NewJuan/VM,Virtumonde and winfixer are the same scam above.
Symptons from a Hijackthis log:
Below is an example of a Vundo infection, though there are many different random filenames.
O2 - BHO: (no name) - {AB6BFAD6-3AAC-46E9-98E6-BD56DE7ED97c} - C:\WINDOWS\system32\wluaivlv.dll
O2 - BHO: (no name) - {CA2CFBDE-0F94-491B-9286-00C60C553954} - C:\WINDOWS\system32\ssqpmkk.dll
O2 - BHO: (no name) - {EF9A7BD4-4B5D-4481-9A58-06B5030B4B56} - C:\WINDOWS\system32\vtsqp.dll
O20 - Winlogon Notify: ssqpmkk - C:\WINDOWS\SYSTEM32\ssqpmkk.dll
O20 - Winlogon Notify: vtsqp - C:\WINDOWS\system32\vtsqp.dll
O20 - Winlogon Notify: vturr - C:\WINDOWS\system32\vturr.dll
more random dll files that caused by vundo variant or Virtumonde:
jkkjj.dll
vtsqp.dll
ssqpq.dll
Virtumonde.dll
AWVVU.DLL
DDCCC.DLL
How To Remove Those Vundo variant,Virtumonde,NewJuan??
An easy way is using specialised tools,just like Vundo Fix,or VirtumundoBegone
Simply Download it ,and Scan for Vundo,then get rid of Vundo variant.
If the infection is still present and you can’t remove Vundo variant ,it may be that you have a new variant that the tools cannot yet remove, or you have a stubborn infection.
Now let me help you to remove the Vundo variant Manually !
1.download SREng:
http://www.kztechs.com/sreng/sreng2.zip
2.Extract it to the Desktop
Double click SREng.exe to run it
3. Select: Smart Scan
Then, click the [Scan] buttonWhen finished, click on the [Save Reports] button
4. Save the log to the Desktop,and send me a email with the log as Attachment.mailto:egomoo#gmail.com
I would be glad to help you to removal it.
