Sign In
Create Account
0
- If this no the correct forum please advise and I will repost - thanks
The Problem:
- I updated Malwarebytes on my XP Pro Toshiba laptop last night and ran it.
- This morning it reports Trojan Vundo in...
C:\Windows\System32\psqlpdw.dll
HKey_LocalMachine\software\microsoft\windows\CurrentVersion\SharedDLL\Windows\System32\psqlpwd.dll Value c:\windows\system32\psqlpwd.dll
HKey_LocalMachine\software\microsoft\windows NT\Current Version\Winlogon\Notify\psfus
Apparently this has to do with the fingerpring device on my Toshiba Tecra laptop (Fingerprint Potector Suite Check) and Googling it I find at least one place that tells me not to remove it.
The Question:
- How do I get rid of this Malware without having to reinstall the system.
I really appriceate any help.
Thanks.
Back to top
#2
Posted 05 February 2009 - 01:36 PM
-
- Members
-
- 1 posts
New Member
I am getting the same Trojan Vundo output on my ThinkPad laptop, which also has a built-in fingerprint reader. I suspect this is a false-positive, and placed the items identified by MBAM in the IGNORE location.
#3
Posted 05 February 2009 - 08:42 PM
-
- Members
-
- 26 posts
New Member
Anybody know if this is a false positive? It was never there before... so I conclude that my XP-Pro laptop was just infected with it.
And... if it is NOT a false-positive... then I still do not know if it is safe to let Malware bytes "remove" it and the two registry entries.
Thanks for any help on what I should do next.
And... if it is NOT a false-positive... then I still do not know if it is safe to let Malware bytes "remove" it and the two registry entries.
Thanks for any help on what I should do next.
#4
Posted 05 February 2009 - 10:37 PM
-
- Honorary Members
-
- 498 posts
True Member
- Gender:Female
Check the False Positive part of the forum. I posted a thread there and it's been resolved. I also have a Thinkpad laptop. 
I always google stuff now before I let any security software get rid of anything, after having permanently lost a file I didn't want to lose to security software a few months back. This .dll had such an oddball name that it really startled me to see it come up last night, but I took a deep breath and did some more checking. The Malwarebytes people were very quick to respond to this. Great job! I'm really impressed.
I always google stuff now before I let any security software get rid of anything, after having permanently lost a file I didn't want to lose to security software a few months back. This .dll had such an oddball name that it really startled me to see it come up last night, but I took a deep breath and did some more checking. The Malwarebytes people were very quick to respond to this. Great job! I'm really impressed.
#5
Posted 05 February 2009 - 10:39 PM
-
- Honorary Members
-
- 498 posts
True Member
- Gender:Female
That security software I lost the file to was not Malwarebytes, by the way.
#6
Posted 06 February 2009 - 12:32 AM
-
- Administrators
-
- 22,575 posts
Forum Deity
- Gender:Male
- Location:US
Quote
Type: Winlogon Notify
Name: psfus
Filename: psqlpwd.dll
Description: Protector_Suite
This entry is classified as legitimate.
It is either part of a legitimate program or the operating system itself. Removal is not needed.
Name: psfus
Filename: psqlpwd.dll
Description: Protector_Suite
This entry is classified as legitimate.
It is either part of a legitimate program or the operating system itself. Removal is not needed.
I would post in the FP forum and try to upload the file just in case some Malware has injected it.
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
