Infestation by wudepuve.

**docusk** · 03-24-2009, 06:36 PM

I found this last night. Must have come from a DVD from a friend who lent me Front Page to try. Not an official M$ CD but I don't really want to buy any more s./ware just now. (some of you will know why).
Idiot that I am!
Up comes this pop up telling me that everything I go to use is a 'Bad Image', Close it and another pop down arrives, sometimes as many as 8 times but eventually the application starts and runs perfectly.
I have looked in the registry and there are about 5 entries labelled as "notification packages"
I'm comfortable with editing the registry but is this all I need to do to get rid of this whatever-it-is-beastie? I can't help thinking there's more to it.
Vipre and Sunbelt Personal Firewall are running all the time. I've since done a deep scan to no avail. Anyone have experience of the virus/malware?
docusk

***Midknyte*** · 03-24-2009, 07:22 PM

If it's not an official MS disc, we can't help you with the application. Forum rules.

wudepuve is a variant of the Vundo trojan. Vipre should have caught it. What do the logs say?

You can try running the Avira Boot CD. Check AV/Antispy for the download link.

**docusk** · 03-25-2009, 05:14 AM

OK MK, got that.
I still have the Avira AV boot disk from the last time we corresponded. Also F secure and Virtumonde plus both versions of UBCD - win and plain.
The Avira is from early in Jan so should I get a fresh copy? It's on a CD-RW disk which I can erase presumably?

I don't normally use things other people have, probably P 2 P sites but this time, I let my guard down. There's no fool like an old fool!
You didn't say if it would do any harm to remove the lines from the registry?

docusk

**Sterling_Aug** · 03-25-2009, 10:21 AM

I would run a full scan with Avira and Malwarebytes before you start messing with the registry. Do you have any registry cleaner/defraggers available such as JV16 or Registry Booster? I like them both (depending on the OS version running).

***Midknyte*** · 03-25-2009, 02:05 PM

Avira should be able to update if you have an internet connection. No harm in downloading a newer copy, since they just released version 9. Not sure if the boot disc was updated, though.

You can erase the CD-RW, but CD-R media is so cheap I don't even bother.

**BipolarBill** · 03-25-2009, 06:03 PM

The Avira Rescue CD is updated multiple times each day. It's always new.

Malwarebytes should kill that easily.

www.malwarebytes.org

**docusk** · 03-26-2009, 08:37 AM

OK chaps, all gone now!!!
Just for interest, I tried MBAM with no results, Found Norman_malware_cleaner.exe via Major geeks and ran that overnight, it took almost 9 hours to complete. I followed that with a restart with Avira boot disk and that took about another 5 hours but I went out whilst it was running and at restart all seemed well. One thing, I can't start the Windows Security Centre and the nag screen comes up whenever I reboot.
That would be a bonus if you could solve that one for me. It's probably connected.
So. Once more - for the umpteenth time - very many thanks to all of you for helping me and more.... being so patient.
My watchword to all under 70, "Don't get old."
docusk

**Sterling_Aug** · 03-26-2009, 10:16 AM

You may want to try a free scan using Trend Micro Housecall.

http://housecall.trendmicro.com/

***Midknyte*** · 03-26-2009, 03:19 PM

What does the event viewer say about security center? Did you try manually starting the service from services.msc?

**BipolarBill** · 03-26-2009, 03:32 PM

Yes - in Control Panel > Administrative Tools > Services, you should be able to set Security Center to "Automatic" and start it manually.

**docusk** · 03-26-2009, 07:55 PM

OK Thanks. I've just done that and it seems as if it's running OK. All elements of the scurity seem OK, Firewall, Defender, Updates all shown as ON.
I'll shut down now and see what happens tomorrow but so far everything seems normal. I'm gradually learning Vista but it's a slow process. Perhaps it's just me?
docusk

**Sterling_Aug** · 03-27-2009, 11:11 AM

Originally Posted by docusk

I'm gradually learning Vista but it's a slow process. Perhaps it's just me?
docusk

No it is not just you. I dropped Vista from my system and went back to XP.

**docusk** · 03-27-2009, 06:55 PM

Is it really that bad? I have a second PC next door to this one running XP pro as I can't use my nice Colour Laserjet or my Scanner in Vista. That seems to be common knowledge (to everyone but me!)
If I decide to follow your lead, can I just overload with XP or must I remove everything in Vista?
I have so many applications for my special interests they have already taken me an age to get set up up on this PC.
I do have a spare 250 Gb SATA H/disk I can put in here and maybe that will make it easier to transfer stuff. I understand there is a special routine from M$ to do that. No?
docusk

**Train** · 03-27-2009, 10:06 PM

You will need to wipe Vista completely before installing XP

**Sterling_Aug** · 03-27-2009, 11:35 PM

You lose EVERYTHING!!!

Thread: Infestation by wudepuve.

Thread Tools

Search Thread

Display

Infestation by wudepuve.

Posting Permissions