Anyone ever hear of "vaxqbulo.exe" - keeps popping up on clients 'puter at shutdown.

Anyone ever hear of "vaxqbulo.exe" - keeps popping up on clients 'puter at shutdown.

I can't find ANY reference to it at all.

 

It sounds like a file messing up your PC... Some kind of virus no doubt... My advice is to find the root of the file somwhere in program files and delete it...
If that file is protected/ under use you will need to shut it down first using task manager and ending the right process.

 

Used process explorer and deleted folder but keeps coming back. The biggest thing is that NO ONE has ever posted this ANYWHERE on the internet. I seriously doubt this is the only computer affected ever.

 

The only info i found through an ie web search is on this forums
I'd be looking into removing it if i were you

 

If i was you i'd post down in the 'virus and spyware problems' section, some of the members will give you advice there.

http://forums.afterdawn.com/forum_view.cfm/166

 

Do an online virus scan, here's one :
http://www.kaspersky.co.uk/virusscanner

Also, if you don't have it allready it's worth having
Spybot seach and destroy
Any good firewall would detect thisI don't use norton for personal reasons but avast is free and has protected me longer than norton and it's free,
I use Comodo firewall
Haven't had a viruse in a long time

 

Post where i told you and the guys there will get you to do a hijack this log. It's not a good idea to just go deleting files if you don't know what they are.

 

Hi fitzm

Welcome to the world of infected computers. Signs that your file is a malware: It has eight letters, and is a random file name.

Before we begin the cleanup process, it is important to do a little analysis first. We will analyze your computer with a tool called HijackThis.

Please download the HijackThis zip file. Save it onto a convenient place in your computer, and then unzip the file.

Rename HijackThis(.exe) to scanner(.exe).

Next, run scanner(.exe). A window will pop up.

• Click on the button which says Main Menu, then Do a system scan and save a logfile.
• Please wait for the scan to be completed.
• After the scan has completed, a text window will pop up. Please post the contents of this window here.

This will also be located at hijackthis(.txt) in the same folder that HijackThis was originally saved.

NOTE:: Do not fix anything using HijackThis, as this may also damage legitimate components of your computer.

Best Regards

 

Thanks for replies all. I apologize I guess I should have clarified: I am an IT guy by trade so I have used Hijack, Comodo, several anti-spyware tools, etc. for years on several clients.

I am curious as to why McAfee, Norton, Comodo (firewall and BoClean), Ewido, AdAware, SpyBot,and Hijack didn't even see it - let alone catch it. The only thing that "saw" it was Process Explorer, obviously, because it was currently running in the background at the time. That's a pretty stealthy bug. I also don't get why this hasn't been reported ANYWHERE. I understand that new bugs are created daily/hourly all over the globe but I've not seen one that at least didn't get a few hits when searching. Even a variation with the characteristics in behavior or even spelling usually gets something.

 

This is not true. Vundo, and other such malware, employ random file names to escape generic detection, so googling random names should not produce any result.

As for detecting this file, this is most probably a zero-day malware, which is why you should tell people about it. Upload it here: http://www.uploadmalware.com/

Best Regards