BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Internet Explorer Popup Adware virus driving me crazy, how do i get rid of it
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > Internet Explorer Popup Adware virus driving me crazy, how do i get rid of it  
Forum Quick Jump
 
New Topic Post reply to : Internet Explorer Popup Adware virus driving me crazy, how do i get rid of it Printable version of : Internet Explorer Popup Adware virus driving me crazy, how do i get rid of it
[ << Previous Thread | Next Thread >> ]

tarunc92
New Member


Date Joined Jun 2007
Total Posts : 3
 
   Posted 6/29/2007 1:43 AM (GMT +3)    Quote: Internet Explorer Popup Adware virus driving me crazy, how do i get rid of itAlert an admin about: Internet Explorer Popup Adware virus driving me crazy, how do i get rid of it
Hi I have been having tourble with a Internet Explorer Popup virus. I use firefox but i want to keep internet explorer installed.
When ever I open firefox, internet explorer windows pop up. I have a pop up blocker running and my main internet browser is
firefox. However I have noticed that in the internet explorer windows, i get antivirus ads. I keep getting a series of ever propogating pop-ups saying that my computer is messed up and I need WinFixer to get rid of the problems. When I close one I get another, then it just says it is going to load the program by itself. The program is not downloaded or installed as of right now. It looks like a have a adware virus installed in my computer. I think it might be hggdcax.dll and jkkji.dll in the WINDOWS/System32 folder. Please take a look at this hijack this report.

Please help me and tell me what to do with these files. Please explain how to get rid of these viruses.


This is my HiJack this log:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 3:16:49 PM, on 6/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Tarun Chaudhry\Desktop\HiJackThis_v2.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1005E33B-74DB-4FF6-912E-EEDA3DAE89B9} - C:\WINDOWS\System32\jkkji.dll
O2 - BHO: (no name) - {5ADF3862-9E2E-4ad3-86F7-4510E6550CD0} - C:\WINDOWS\system32\mfnkttri.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: as dAS - {8A61098D-612B-4EF2-943D-64E920684061} - C:\WINDOWS\system32\hggdcax.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\system32\lapyisgu.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [GPLv3] rundll32.exe "C:\WINDOWS\system32\cetfqnac.dll",realset
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [svchost.exe] C:\WINDOWS\svchost.exe
O4 - HKCU\..\Policies\Explorer\Run: [{54F6D71E-0AE9-1033-0409-040405050001}] "C:\Program Files\Common Files\{54F6D71E-0AE9-1033-0409-040405050001}\Update.exe" mc-110-12-0001032
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} (MSN Money Charting) - http://moneycentral.msn.com/cabs/pmupd806.exe
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {712D42CD-3513-473E-96E8-019C9AD78F1A} - http://moneycentral.msn.com/cabs/pmupdate2.exe
O16 - DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41} - http://moneycentral.msn.com/cabs/pmupdate.exe
O16 - DPF: {B7CF60D7-74FA-4A89-90DC-C56C9239360D} - http://files.blocks.com/SnapSheetInstall/SnapSheetsInstall.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: hggdcax - C:\WINDOWS\SYSTEM32\hggdcax.dll
O20 - Winlogon Notify: jkkji - C:\WINDOWS\System32\jkkji.dll
O20 - Winlogon Notify: winrzf32 - C:\WINDOWS\SYSTEM32\winrzf32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM+ Messages - Unknown owner - C:\WINDOWS\System32\svchosts.exe (file missing)
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\oyudtqjv.exe (file missing)
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\Sony\Giga Pocket\shwserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINDOWS\system32\IcdSptSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Giga Pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Giga Pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 6/29/2007 8:03 AM (GMT +3)    Quote: Internet Explorer Popup Adware virus driving me crazy, how do i get rid of itAlert an admin about: Internet Explorer Popup Adware virus driving me crazy, how do i get rid of it
Hi tarunc92 smile
 
 
Please download Vundofix  http://www.atribune.org/ccount/click.php?id=4 to your desktop.
Double-click VundoFix.exe to run it.
Click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will reboot your computer, click OK.

Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot
.
 
 
Download and install DrWebCureit:
 
Doubleclick the "drweb-cureit.exe" and click "ok" in the prompt window that will open , asking "start the express scan now".
It will first make a quick scan of your system, let it clean what it find, and when it says "done"
Click on the green screwdriver-
Actions Tab- Adware-Dialers-Riskware-Hacktools, use dropdown menu and select -Delete
Click on the drive(s) you want to scan . A red dot will mark the selected drive(s) . Then hit the green  arrow in lower right corner It will now scan your  drive(s), say yes to all
 
After the scan, in the Dr.Web CureIt menu on top, click file and choose save report list
Save the report to your desktop. The report will be called DrWeb.csv
Close Dr.Web Cureit.
 
Reboot your computer!! Because it could be possible that files in use will be moved/deleted during reboot.
 
After reboot, post the contents of the log from Dr.Web, along with C:\vundofix.txt, new hijackthis log in your next reply and tell how things are running.
 


Do NOT post your problem in someone elses thread.
Start a new topic so that it may receive proper attention. 
 

Back to Top
 

tarunc92
New Member


Date Joined Jun 2007
Total Posts : 3
 
   Posted 7/7/2007 1:36 AM (GMT +3)    Quote: Internet Explorer Popup Adware virus driving me crazy, how do i get rid of itAlert an admin about: Internet Explorer Popup Adware virus driving me crazy, how do i get rid of it
hi,
When I did the Dr. Web CureiT thing you told me to, my internet stopped working. I uninstalled Windows XP Service pack 2. My internet works now. I noticed the popup dont happen anymore. thank you. However now when I reinstall service pack 2 on my pc, internet does not work. I think i might have deleted something important. I also notice some wrong entries in my hi-jack this log. However, I am not sure if there are viruses or just legimate files.

Take a look at the logs you requested.

Hijack This log

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 3:31:49 PM, on 7/6/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\WgaTray.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Tarun Chaudhry\Desktop\HiJackThis_v2.exe
C:\Program Files\Messenger\msmsgs.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [svchost.exe] C:\WINDOWS\svchost.exe
O4 - HKCU\..\Policies\Explorer\Run: [{54F6D71E-0AE9-1033-0409-040405050001}] "C:\Program Files\Common Files\{54F6D71E-0AE9-1033-0409-040405050001}\Update.exe" mc-110-12-0001032
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} (MSN Money Charting) - http://moneycentral.msn.com/cabs/pmupd806.exe
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {712D42CD-3513-473E-96E8-019C9AD78F1A} - http://moneycentral.msn.com/cabs/pmupdate2.exe
O16 - DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41} - http://moneycentral.msn.com/cabs/pmupdate.exe
O16 - DPF: {B7CF60D7-74FA-4A89-90DC-C56C9239360D} - http://files.blocks.com/SnapSheetInstall/SnapSheetsInstall.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\Sony\Giga Pocket\shwserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINDOWS\system32\IcdSptSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Giga Pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Giga Pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe

----------------------------------------------------------------------------------------------------------------------------------------------------------------------





Vundo Fix log:


VundoFix V6.5.1

Checking Java version...

Java version is 1.4.2.1
Old versions of java are exploitable and should be removed.

Java version is 1.4.2.5
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.7
Old versions of java are exploitable and should be removed.

Scan started at 4:29:22 PM 6/28/2007

Listing files found while scanning....

C:\windows\system32\ajvviupf.dll
C:\windows\system32\algklnxa.dll
C:\windows\system32\avclqvww.dll
C:\windows\system32\bdeeg.ini
C:\windows\system32\bgwpicfc.ini
C:\windows\system32\blflxluu.dll
C:\windows\system32\bmkcatop.exe
C:\windows\system32\buyrjiwy.ini
C:\windows\system32\byxxvsp.dll
C:\windows\system32\canqftec.ini
C:\windows\system32\cetfqnac.dll
C:\windows\system32\cfcipwgb.dll
C:\windows\system32\ckftrdps.dll
C:\windows\system32\cpuyrarg.dll
C:\windows\system32\eaxarrkn.ini
C:\windows\system32\eeuikgdh.exe
C:\windows\system32\egjfktcg.ini
C:\windows\system32\erqwkctp.dll
C:\windows\system32\fhcclknb.dll
C:\windows\system32\fkiynsgy.dll
C:\windows\system32\gctkfjge.dll
C:\windows\system32\geedb.dll
C:\windows\system32\gqwkxtvg.dll
C:\windows\system32\graryupc.ini
C:\windows\system32\gvtxkwqg.ini
C:\windows\system32\hggdbya.dll
C:\WINDOWS\system32\hggdcax.dll
C:\windows\system32\hibexvbs.dll
C:\windows\system32\idjdwhnv.dll
C:\windows\system32\iiseorfp.ini
C:\windows\system32\ijkkj.bak1
C:\windows\system32\ijkkj.bak2
C:\windows\system32\ijkkj.ini
C:\windows\system32\ijkkj.ini2
C:\windows\system32\ijkkj.tmp
C:\windows\system32\jjaqvjxy.ini
C:\WINDOWS\System32\jkkji.dll
C:\windows\system32\jktmgodx.dll
C:\windows\system32\knleqxsk.dll
C:\WINDOWS\system32\lapyisgu.dll
C:\WINDOWS\system32\mfnkttri.dll
C:\windows\system32\nkrraxae.dll
C:\windows\system32\oaqahmav.ini
C:\windows\system32\oautgcvr.ini
C:\windows\system32\okbthipk.dll
C:\windows\system32\ossooxib.dll
C:\WINDOWS\system32\paitvbpy.dll
C:\windows\system32\pcdxmcck.dll
C:\windows\system32\pfroesii.dll
C:\windows\system32\pnnkmsna.dll
C:\windows\system32\pnsodqlm.dll
C:\windows\system32\ptckwqre.ini
C:\windows\system32\qatsqedy.dll
C:\windows\system32\qommllk.dll
C:\windows\system32\qrutv.ini
C:\windows\system32\rvcgtuao.dll
C:\windows\system32\spdrtfkc.ini
C:\windows\system32\tvxpjuhx.dll
C:\windows\system32\vamhaqao.dll
C:\windows\system32\vcvvxqgy.dll
C:\windows\system32\vnhwdjdi.ini
C:\windows\system32\vturq.dll
C:\windows\system32\wwvqlcva.ini
C:\windows\system32\ydeqstaq.ini
C:\windows\system32\ygqxvvcv.ini
C:\windows\system32\ygsnyikf.ini
C:\windows\system32\ypbvtiap.ini
C:\windows\system32\ywijryub.dll
C:\windows\system32\yxjvqajj.dll

Beginning removal...

Attempting to delete C:\windows\system32\ajvviupf.dll
C:\windows\system32\ajvviupf.dll Has been deleted!

Attempting to delete C:\windows\system32\algklnxa.dll
C:\windows\system32\algklnxa.dll Has been deleted!

Attempting to delete C:\windows\system32\avclqvww.dll
C:\windows\system32\avclqvww.dll Has been deleted!

Attempting to delete C:\windows\system32\bdeeg.ini
C:\windows\system32\bdeeg.ini Has been deleted!

Attempting to delete C:\windows\system32\bgwpicfc.ini
C:\windows\system32\bgwpicfc.ini Has been deleted!

Attempting to delete C:\windows\system32\blflxluu.dll
C:\windows\system32\blflxluu.dll Has been deleted!

Attempting to delete C:\windows\system32\bmkcatop.exe
C:\windows\system32\bmkcatop.exe Has been deleted!

Attempting to delete C:\windows\system32\buyrjiwy.ini
C:\windows\system32\buyrjiwy.ini Has been deleted!

Attempting to delete C:\windows\system32\byxxvsp.dll
C:\windows\system32\byxxvsp.dll Has been deleted!

Attempting to delete C:\windows\system32\canqftec.ini
C:\windows\system32\canqftec.ini Has been deleted!

Attempting to delete C:\windows\system32\cetfqnac.dll
C:\windows\system32\cetfqnac.dll Has been deleted!

Attempting to delete C:\windows\system32\cfcipwgb.dll
C:\windows\system32\cfcipwgb.dll Has been deleted!

Attempting to delete C:\windows\system32\ckftrdps.dll
C:\windows\system32\ckftrdps.dll Has been deleted!

Attempting to delete C:\windows\system32\cpuyrarg.dll
C:\windows\system32\cpuyrarg.dll Could not be deleted.

Attempting to delete C:\windows\system32\eaxarrkn.ini
C:\windows\system32\eaxarrkn.ini Has been deleted!

Attempting to delete C:\windows\system32\eeuikgdh.exe
C:\windows\system32\eeuikgdh.exe Has been deleted!

Attempting to delete C:\windows\system32\egjfktcg.ini
C:\windows\system32\egjfktcg.ini Has been deleted!

Attempting to delete C:\windows\system32\erqwkctp.dll
C:\windows\system32\erqwkctp.dll Has been deleted!

Attempting to delete C:\windows\system32\fhcclknb.dll
C:\windows\system32\fhcclknb.dll Has been deleted!

Attempting to delete C:\windows\system32\fkiynsgy.dll
C:\windows\system32\fkiynsgy.dll Has been deleted!

Attempting to delete C:\windows\system32\gctkfjge.dll
C:\windows\system32\gctkfjge.dll Has been deleted!

Attempting to delete C:\windows\system32\geedb.dll
C:\windows\system32\geedb.dll Has been deleted!

Attempting to delete C:\windows\system32\gqwkxtvg.dll
C:\windows\system32\gqwkxtvg.dll Has been deleted!

Attempting to delete C:\windows\system32\graryupc.ini
C:\windows\system32\graryupc.ini Has been deleted!

Attempting to delete C:\windows\system32\gvtxkwqg.ini
C:\windows\system32\gvtxkwqg.ini Has been deleted!

Attempting to delete C:\windows\system32\hggdbya.dll
C:\windows\system32\hggdbya.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\hggdcax.dll
C:\WINDOWS\system32\hggdcax.dll Has been deleted!

Attempting to delete C:\windows\system32\hibexvbs.dll
C:\windows\system32\hibexvbs.dll Has been deleted!

Attempting to delete C:\windows\system32\idjdwhnv.dll
C:\windows\system32\idjdwhnv.dll Has been deleted!

Attempting to delete C:\windows\system32\iiseorfp.ini
C:\windows\system32\iiseorfp.ini Has been deleted!

Attempting to delete C:\windows\system32\ijkkj.bak1
C:\windows\system32\ijkkj.bak1 Has been deleted!

Attempting to delete C:\windows\system32\ijkkj.bak2
C:\windows\system32\ijkkj.bak2 Has been deleted!

Attempting to delete C:\windows\system32\ijkkj.ini
C:\windows\system32\ijkkj.ini Has been deleted!

Attempting to delete C:\windows\system32\ijkkj.ini2
C:\windows\system32\ijkkj.ini2 Has been deleted!

Attempting to delete C:\windows\system32\ijkkj.tmp
C:\windows\system32\ijkkj.tmp Has been deleted!

Attempting to delete C:\windows\system32\jjaqvjxy.ini
C:\windows\system32\jjaqvjxy.ini Has been deleted!

Attempting to delete C:\WINDOWS\System32\jkkji.dll
C:\WINDOWS\System32\jkkji.dll Has been deleted!

Attempting to delete C:\windows\system32\jktmgodx.dll
C:\windows\system32\jktmgodx.dll Has been deleted!

Attempting to delete C:\windows\system32\knleqxsk.dll
C:\windows\system32\knleqxsk.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\lapyisgu.dll
C:\WINDOWS\system32\lapyisgu.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\mfnkttri.dll
C:\WINDOWS\system32\mfnkttri.dll Has been deleted!

Attempting to delete C:\windows\system32\nkrraxae.dll
C:\windows\system32\nkrraxae.dll Has been deleted!

Attempting to delete C:\windows\system32\oaqahmav.ini
C:\windows\system32\oaqahmav.ini Has been deleted!

Attempting to delete C:\windows\system32\oautgcvr.ini
C:\windows\system32\oautgcvr.ini Has been deleted!

Attempting to delete C:\windows\system32\okbthipk.dll
C:\windows\system32\okbthipk.dll Has been deleted!

Attempting to delete C:\windows\system32\ossooxib.dll
C:\windows\system32\ossooxib.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\paitvbpy.dll
C:\WINDOWS\system32\paitvbpy.dll Has been deleted!

Attempting to delete C:\windows\system32\pcdxmcck.dll
C:\windows\system32\pcdxmcck.dll Has been deleted!

Attempting to delete C:\windows\system32\pfroesii.dll
C:\windows\system32\pfroesii.dll Has been deleted!

Attempting to delete C:\windows\system32\pnnkmsna.dll
C:\windows\system32\pnnkmsna.dll Has been deleted!

Attempting to delete C:\windows\system32\pnsodqlm.dll
C:\windows\system32\pnsodqlm.dll Has been deleted!

Attempting to delete C:\windows\system32\ptckwqre.ini
C:\windows\system32\ptckwqre.ini Has been deleted!

Attempting to delete C:\windows\system32\qatsqedy.dll
C:\windows\system32\qatsqedy.dll Has been deleted!

Attempting to delete C:\windows\system32\qommllk.dll
C:\windows\system32\qommllk.dll Has been deleted!

Attempting to delete C:\windows\system32\qrutv.ini
C:\windows\system32\qrutv.ini Has been deleted!

Attempting to delete C:\windows\system32\rvcgtuao.dll
C:\windows\system32\rvcgtuao.dll Has been deleted!

Attempting to delete C:\windows\system32\spdrtfkc.ini
C:\windows\system32\spdrtfkc.ini Has been deleted!

Attempting to delete C:\windows\system32\tvxpjuhx.dll
C:\windows\system32\tvxpjuhx.dll Has been deleted!

Attempting to delete C:\windows\system32\vamhaqao.dll
C:\windows\system32\vamhaqao.dll Has been deleted!

Attempting to delete C:\windows\system32\vcvvxqgy.dll
C:\windows\system32\vcvvxqgy.dll Has been deleted!

Attempting to delete C:\windows\system32\vnhwdjdi.ini
C:\windows\system32\vnhwdjdi.ini Has been deleted!

Attempting to delete C:\windows\system32\vturq.dll
C:\windows\system32\vturq.dll Has been deleted!

Attempting to delete C:\windows\system32\wwvqlcva.ini
C:\windows\system32\wwvqlcva.ini Has been deleted!

Attempting to delete C:\windows\system32\ydeqstaq.ini
C:\windows\system32\ydeqstaq.ini Has been deleted!

Attempting to delete C:\windows\system32\ygqxvvcv.ini
C:\windows\system32\ygqxvvcv.ini Has been deleted!

Attempting to delete C:\windows\system32\ygsnyikf.ini
C:\windows\system32\ygsnyikf.ini Has been deleted!

Attempting to delete C:\windows\system32\ypbvtiap.ini
C:\windows\system32\ypbvtiap.ini Has been deleted!

Attempting to delete C:\windows\system32\ywijryub.dll
C:\windows\system32\ywijryub.dll Has been deleted!

Attempting to delete C:\windows\system32\yxjvqajj.dll
C:\windows\system32\yxjvqajj.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.5.1

Checking Java version...

Java version is 1.4.2.1
Old versions of java are exploitable and should be removed.

Java version is 1.4.2.5
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.7
Old versions of java are exploitable and should be removed.

Scan started at 4:45:50 PM 6/28/2007

Listing files found while scanning....

No infected files were found.


VundoFix V6.5.4

Checking Java version...

Java version is 1.4.2.1
Old versions of java are exploitable and should be removed.

Java version is 1.4.2.5
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.7
Old versions of java are exploitable and should be removed.

Scan started at 10:06:56 PM 7/4/2007

Listing files found while scanning....

C:\windows\system32\bojrdtdo.exe
C:\windows\system32\ifjhstot.exe
C:\windows\system32\iifcbaw.dll
C:\windows\system32\iwbglntn.exe
C:\windows\system32\jfiehbmh.exe
C:\windows\system32\jnldefiy.exe
C:\windows\system32\kfybqwqa.exe
C:\windows\system32\mvscyjsf.exe
C:\windows\system32\qnfhydvo.exe
C:\windows\system32\ugxhxuqh.exe
C:\windows\system32\yvolifhd.exe

Beginning removal...

Attempting to delete C:\windows\system32\bojrdtdo.exe
C:\windows\system32\bojrdtdo.exe Has been deleted!

Attempting to delete C:\windows\system32\ifjhstot.exe
C:\windows\system32\ifjhstot.exe Has been deleted!

Attempting to delete C:\windows\system32\iifcbaw.dll
C:\windows\system32\iifcbaw.dll Has been deleted!

Attempting to delete C:\windows\system32\iwbglntn.exe
C:\windows\system32\iwbglntn.exe Has been deleted!

Attempting to delete C:\windows\system32\jfiehbmh.exe
C:\windows\system32\jfiehbmh.exe Has been deleted!

Attempting to delete C:\windows\system32\jnldefiy.exe
C:\windows\system32\jnldefiy.exe Has been deleted!

Attempting to delete C:\windows\system32\kfybqwqa.exe
C:\windows\system32\kfybqwqa.exe Has been deleted!

Attempting to delete C:\windows\system32\mvscyjsf.exe
C:\windows\system32\mvscyjsf.exe Has been deleted!

Attempting to delete C:\windows\system32\qnfhydvo.exe
C:\windows\system32\qnfhydvo.exe Has been deleted!

Attempting to delete C:\windows\system32\ugxhxuqh.exe
C:\windows\system32\ugxhxuqh.exe Has been deleted!

Attempting to delete C:\windows\system32\yvolifhd.exe
C:\windows\system32\yvolifhd.exe Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.5.4

Checking Java version...

Java version is 1.4.2.1
Old versions of java are exploitable and should be removed.

Java version is 1.4.2.5
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.7
Old versions of java are exploitable and should be removed.

Scan started at 10:20:15 PM 7/4/2007

Listing files found while scanning....


VundoFix V6.5.4

Checking Java version...

Java version is 1.4.2.1
Old versions of java are exploitable and should be removed.

Java version is 1.4.2.5
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.7
Old versions of java are exploitable and should be removed.

Scan started at 2:44:31 PM 7/5/2007

Listing files found while scanning....

No infected files were found.


VundoFix V6.5.4

Checking Java version...

Java version is 1.4.2.1
Old versions of java are exploitable and should be removed.

Java version is 1.4.2.5
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.7
Old versions of java are exploitable and should be removed.

Scan started at 7:01:19 PM 7/5/2007

Listing files found while scanning....

No infected files were found.


VundoFix V6.5.4

Checking Java version...

Java version is 1.4.2.1
Old versions of java are exploitable and should be removed.

Java version is 1.4.2.5
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.7
Old versions of java are exploitable and should be removed.

Scan started at 10:47:24 PM 7/5/2007

Listing files found while scanning....


VundoFix V6.5.4

Checking Java version...

Java version is 1.4.2.1
Old versions of java are exploitable and should be removed.

Java version is 1.4.2.5
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.7
Old versions of java are exploitable and should be removed.

Scan started at 2:33:41 PM 7/6/2007

Listing files found while scanning....

No infected files were found.


----------------------------------------------------------------------------------------------------------------------------------------------------------------------

Dr Web log:


svchost.exe;C:\Program Files\Common Files;Adware.Akella;Deleted.;
Yazzle1162OinAdmin.exe~;C:\Program Files\Common Files;Adware.ClickSpring;Deleted.;
SUPER.exe;C:\Program Files\eRightSoft\SUPER;Probably DLOADER.Trojan;Will be deleted after reboot.;
services.dll;C:\RECYCLER\S-1-5-18\Dc1;Trojan.DownLoader.14123;Deleted.;
Update.exe;C:\RECYCLER\S-1-5-18\Dc1;Trojan.DownLoader.14336;Deleted.;
system.dll;C:\RECYCLER\S-1-5-18\Dc2;Adware.Macfa;Deleted.;
Update.exe;C:\RECYCLER\S-1-5-18\Dc2;Adware.Macfa;Deleted.;
system.dll;C:\RECYCLER\S-1-5-18\Dc3;Adware.Macfa;Deleted.;
system.dll;C:\RECYCLER\S-1-5-18\Dc4;Adware.Macfa;Deleted.;
Update.exe;C:\RECYCLER\S-1-5-18\Dc4;Adware.Macfa;Deleted.;
system.dll;C:\RECYCLER\S-1-5-18\Dc5;Adware.Macfa;Deleted.;
A0126208.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP705;Trojan.Virtumod;Deleted.;
A0126616.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP705;Adware.Akella;Deleted.;
A0126749.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP706;Adware.Akella;Deleted.;
A0126754.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP706;Adware.Akella;Deleted.;
A0126756.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP706;Trojan.Virtumod;Deleted.;
A0126757.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP706;Trojan.Virtumod;Deleted.;
A0126782.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP706;Adware.Akella;Deleted.;
A0126833.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP707;Trojan.Virtumod;Deleted.;
A0126834.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP707;Trojan.Virtumod;Deleted.;
A0126853.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP707;Adware.Akella;Deleted.;
A0126857.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP707;Trojan.Virtumod;Deleted.;
A0126858.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP707;Trojan.Virtumod;Deleted.;
A0126862.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP707;Adware.Akella;Deleted.;
A0126870.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP708;Trojan.Virtumod;Deleted.;
A0126876.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP708;Adware.Akella;Deleted.;
A0126879.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP709;Trojan.Virtumod;Deleted.;
A0126880.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP710;Adware.Crew;Deleted.;
A0126881.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP710;Trojan.Virtumod;Deleted.;
A0126882.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP710;Trojan.Virtumod;Deleted.;
A0126883.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP710;Trojan.Virtumod;Deleted.;
A0126884.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP710;Adware.Akella;Deleted.;
A0126889.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP710;Trojan.Virtumod;Deleted.;
A0126901.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP710;Trojan.Virtumod;Deleted.;
A0127918.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP711;Trojan.Virtumod;Deleted.;
A0127919.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP711;Program.HomeKeylog;Deleted.;
A0127920.Dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP711;Program.FamKeylog;Deleted.;
A0127964.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP712;Trojan.Virtumod;Deleted.;
A0128983.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP712;Trojan.Virtumod;Deleted.;
A0129007.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP712;Trojan.Virtumod;Deleted.;
A0129012.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP712;Trojan.Virtumod;Deleted.;
A0129013.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP712;Trojan.Virtumod;Deleted.;
A0129236.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP712;Trojan.Virtumod;Deleted.;
A0129245.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP713;Trojan.Virtumod;Deleted.;
A0129246.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP713;Trojan.Virtumod;Deleted.;
A0130259.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP713;Trojan.Virtumod;Deleted.;
A0131259.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP713;Trojan.Virtumod;Deleted.;
A0131260.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP713;Trojan.Virtumod;Deleted.;
A0131340.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP714;Trojan.Virtumod;Deleted.;
A0131341.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP714;Trojan.Virtumod;Deleted.;
A0131408.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP714;Trojan.Virtumod;Deleted.;
A0131409.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP714;Trojan.Virtumod;Deleted.;
A0131410.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP714;Trojan.Virtumod;Deleted.;
A0131425.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP714;Trojan.Virtumod;Deleted.;
A0131470.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP714;Trojan.Virtumod;Deleted.;
A0131496.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP714;Trojan.Virtumod;Deleted.;
A0131516.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP714;Trojan.Virtumod;Deleted.;
A0131522.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP714;Trojan.Virtumod;Deleted.;
A0131533.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP715;Trojan.Virtumod;Deleted.;
A0131539.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP715;Trojan.Virtumod;Deleted.;
A0131555.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131569.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131590.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Probably DLOADER.Trojan;;
A0131595.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131596.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131597.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131600.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131601.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.LowZones.233;Deleted.;
A0131603.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131604.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131605.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131606.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131608.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.LowZones.233;Deleted.;
A0131610.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131611.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131612.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131613.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131614.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131615.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131617.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131618.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131619.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131620.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131624.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131625.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131626.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131627.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131628.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131629.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131632.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131633.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131634.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131635.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131636.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131637.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131639.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131640.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131642.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131644.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131645.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131646.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131648.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131653.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131654.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131655.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Trojan.Virtumod;Deleted.;
A0131660.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP716;Tool.Prockill;Deleted.;
A0131698.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP717;Tool.Prockill;Deleted.;
A0132160.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP722;Trojan.EzulaAd;Deleted.;
A0132161.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP722;Trojan.EzulaAd;Deleted.;
A0132162.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP722;Trojan.EzulaAd;Deleted.;
A0132163.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP722;Trojan.EzulaAd;Deleted.;
A0132164.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP722;Trojan.EzulaAd;Deleted.;
A0132165.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP722;Trojan.EzulaAd;Deleted.;
A0132166.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP722;Trojan.EzulaAd;Deleted.;
A0132167.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP722;Trojan.EzulaAd;Deleted.;
A0132168.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP722;Trojan.EzulaAd;Deleted.;
A0132169.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP722;Trojan.EzulaAd;Deleted.;
A0133173.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP722;Trojan.DownLoader.25873;Deleted.;
A0133178.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP722;Trojan.DownLoader.25873;Deleted.;
A0133197.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP722;Trojan.DownLoader.25873;Deleted.;
A0133199.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP722;Tool.Dreampack;Deleted.;
A0133200.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP722;Probably BACKDOOR.Trojan;;
A0133209.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP722;BackDoor.ColdFushion.19;Deleted.;
A0133285.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP722;Adware.Akella;Deleted.;
A0133306.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP723;Probably DLOADER.Trojan;Deleted.;
A0133343.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP723;Trojan.DownLoader.14123;Deleted.;
A0133344.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP723;Trojan.DownLoader.14336;Deleted.;
A0133345.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP723;Adware.Macfa;Deleted.;
A0133346.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP723;Adware.Macfa;Deleted.;
A0133347.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP723;Adware.Macfa;Deleted.;
A0133348.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP723;Adware.Macfa;Deleted.;
A0133349.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP723;Adware.Macfa;Deleted.;
A0133350.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP723;Adware.Macfa;Deleted.;
A0133351.dll;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP723;Adware.Macfa;Deleted.;
A0133352.exe;C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP723;Adware.Macfa;Deleted.;
ajvviupf.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
algklnxa.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
avclqvww.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
blflxluu.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
bmkcatop.exe.bad;C:\VundoFix Backups;Trojan.LowZones.233;Deleted.;
bojrdtdo.exe.bad;C:\VundoFix Backups;Trojan.EzulaAd;Deleted.;
byxxvsp.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
cetfqnac.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
cfcipwgb.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
ckftrdps.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
cpuyrarg.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
eeuikgdh.exe.bad;C:\VundoFix Backups;Trojan.LowZones.233;Deleted.;
erqwkctp.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
fhcclknb.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
fkiynsgy.dll.bad;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
mgrs.exe;C:\WINDOWS;Trojan.DownLoader.25873;Deleted.;
drvjem.dll;C:\WINDOWS\system32;Trojan.Fakealert.249;Deleted.;
hmcrcgqe.dll;C:\WINDOWS\system32;Adware.Crew;Deleted.;
rgilpqoh.exe;C:\WINDOWS\system32;Trojan.Click.2799;Deleted.;
sysmon32.exe;C:\WINDOWS\system32;Trojan.DownLoader.23031;Deleted.;
unqctdpw.exe;C:\WINDOWS\system32;Trojan.Click.2799;Deleted.;
unsvchosts.exe;C:\WINDOWS\system32;Trojan.Spambot;Deleted.;
winsys64.exe;C:\WINDOWS\system32;Trojan.DownLoader.23031;Deleted.;
win3B8.tmp.exe;C:\WINDOWS\Temp;Trojan.DownLoader.20139;Deleted.;
win67D.tmp.exe;C:\WINDOWS\Temp;Trojan.DownLoader.24028;Deleted.;
winC4.tmp.exe;C:\WINDOWS\Temp;Trojan.Mezzia;Deleted.;
winC8.tmp.exe;C:\WINDOWS\Temp;Adware.Akella;Deleted.;
winCA.tmp.exe;C:\WINDOWS\Temp;Trojan.DownLoader.22968;Deleted.;
winF48.tmp.exe;C:\WINDOWS\Temp;Trojan.DownLoader.25873;Deleted.;
winF4E.tmp.exe;C:\WINDOWS\Temp;Trojan.Mezzia;Deleted.;

----------------------------------------------------------------------------------------------------------------------------------------------------------------------

I still think my computer is infected but i am not sure.
Back to Top
 
New Topic Post reply to : Internet Explorer Popup Adware virus driving me crazy, how do i get rid of it Printable version of : Internet Explorer Popup Adware virus driving me crazy, how do i get rid of it
 
Forum Information
Currently it is Tuesday, September 23, 2014 9:16 AM (GMT +3)
There are a total of 60,616 posts in 13,321 threads.
In the last 3 days there were 3 new threads and 6 reply posts. View Active Threads
Who's Online
This forum has 36384 registered members. Please welcome our newest member, Russell Tyson.
4 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
I definitely have Malware, I've tried everything I know how to do (2)9/23/2014 4:11:08 AM (AllPhillyFan)
Unable to access the internet after updating Trusteer (0)9/22/2014 6:49:37 PM (Robert Mateescu)
SPAM and The Bat (1)9/22/2014 4:02:39 PM (Robert Mateescu)
Crackling Audio With Bullguard (9)9/21/2014 7:57:44 PM (Chris.B)
Two Questions - Changelog & License (2)9/21/2014 1:01:38 AM (Hamlet)