How do I get rid of IEXPLORE.EXE

Posted 1/10/2009 10:34 AM
#70977
User avatar

justmeobts Member

Date Joined Nov 2016
Total Posts: 1
I'm not very computer savvy, so if there is anyone out there that can help me fix this problem in very easy simple lanuguage PLEASE PLEASE help me.... A computer guy told me it'd cost $125 to get it fixed and I really just don't have that kinda money (recent single mom, no child support-go figure) PLEASE PLEASE PLEASE... I think this IEXPLORE thing is the source of ALL the evil my computer has been throwing at me. For instance i'll get so many pop up screen that it will literaly lock up my computer and the "control alt delete" to close a program won't even close em' out!
Posted 1/10/2009 10:42 AM
#70978
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Hello <br/> <br/> <br/>One topic will do ;-) <br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-family: Arial">Download: CCleaner <br/><SPAN class=Hyperlink3><SPAN style="COLOR: black">[color=#0000ff>http://www.majorgeeks.com/download4191.html</FONT>[/url]]<SPAN class=Hyperlink3><SPAN style="COLOR: black">http://www.ccleaner.com/[/color]<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-family: Arial">Once installed, run CCleaner click the Windows tab <br/> <br/>Select the following: <br/>Internet Explorer: <br/>Temp Internet <br/>History <br/>Recently Typed URLs <br/>Delete Index.dat files <br/> <br/>System: <br/>Empty Recycle Bin <br/>Temporary Files <br/>Memory Dumps <br/>Chkdsk File Fragments <br/>Old Prefetch Data <br/> <br/> <br/>Next: click Options click the Settings tab <br/>Uncheck: "Only delete files older than 48 hrs.", click Ok <br/> <br/><SPAN style="mso-spacerun: yes"> <br/>Then click Run Cleaner (bottom right) then Exit<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-family: Arial">Reboot <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-family: Arial"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Please download Malwarebytes' Anti-Malware:<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">[color=#0000ff>http://www.spywarefri.dk/downloads1/mbam-setup.exe[/url]<o:p></o:p> <br/> <br/> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Or here:<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"><FONT color=#0000ff>http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?tag=mncol;pop&cdlPid=10878968[/color]<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: #555454; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"><SPAN style="mso-spacerun: yes"> <SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">to your desktop<SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: #555454; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">. <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: #555454; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Double-click <B style="mso-bidi-font-weight: normal">mbam-setup.exe</B> and follow the prompts to install the program. <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"><SPAN style="mso-tab-count: 1"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch <br/><BR style="mso-special-character: line-break"><BR style="mso-special-character: line-break"><o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Malwarebytes' Anti-Malware, then click Finish. <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"><SPAN style="mso-tab-count: 1"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">If an update is found, it will download and install the latest version. <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-US style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-US; mso-bidi-font-family: Arial; mso-bidi-font-size: 10.0pt">Please connect all your external hard drive/flash drive before running Malwarebyte<SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"><o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"><SPAN style="mso-tab-count: 1"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Once the program has loaded, select Perform full scan, then click Scan. <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"><SPAN style="mso-tab-count: 1"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">When the scan is complete, click OK, then Show Results to view the results. <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Be sure that everything is checked, and click Remove Selected. <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">When completed, a log will open in Notepad. Please save it to a convenient location. <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><B style="mso-bidi-font-weight: normal"><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: red; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB">NB</B><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: red; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB">:<SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB"> If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.<o:p></o:p> <br/> <br/> <br/> <br/>Please post malwarebyte log

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 1/26/2009 10:58 PM
#71698
User avatar

junkyarddog1300 Member

Date Joined Nov 2016
Total Posts: 4
I have the same problem as justmeobts, and I followed your instructions. Here is my log. Any help would be greatly appreciated. <br/>Malwarebytes' Anti-Malware 1.33 <br/>Database version: 1695 <br/>Windows 5.1.2600 Service Pack 3 <br/> <br/>1/26/2009 5:52:21 PM <br/>mbam-log-2009-01-26 (17-51-58).txt <br/> <br/>Scan type: Full Scan (C:\|) <br/>Objects scanned: 108249 <br/>Time elapsed: 1 hour(s), 8 minute(s), 33 second(s) <br/> <br/>Memory Processes Infected: 2 <br/>Memory Modules Infected: 11 <br/>Registry Keys Infected: 48 <br/>Registry Values Infected: 4 <br/>Registry Data Items Infected: 5 <br/>Folders Infected: 3 <br/>Files Infected: 98 <br/> <br/>Memory Processes Infected: <br/>C:\Documents and Settings\Zach\Application Data\gadcom\gadcom.exe (Trojan.Downloader) -> No action taken. <br/>C:\Documents and Settings\Zach\Application Data\Twain\Twain.exe (Trojan.Agent) -> No action taken. <br/> <br/>Memory Modules Infected: <br/>C:\WINDOWS\system32\jqxcdakn.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\mlJAsPgG.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\ligasuta.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\dusazewa.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\nsokqx.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\imfjqs.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\gnjfnp.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\spibhm.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\wtzdzn.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\hgGxVNee.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\gmbevjik.dll (Trojan.Vundo.H) -> No action taken. <br/> <br/>Registry Keys Infected: <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cd314030-1a37-4e94-9299-f1aa989a62b6} (Trojan.Vundo.H) -> No action taken. <br/>HKEY_CLASSES_ROOT\CLSID\{cd314030-1a37-4e94-9299-f1aa989a62b6} (Trojan.Vundo.H) -> No action taken. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77ab5974-55a3-4737-9fd5-b93c64307f78} (Trojan.Vundo.H) -> No action taken. <br/>HKEY_CLASSES_ROOT\CLSID\{77ab5974-55a3-4737-9fd5-b93c64307f78} (Trojan.Vundo.H) -> No action taken. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b4c37147-5920-4675-aed4-0f120f3ec09b} (Trojan.Vundo.H) -> No action taken. <br/>HKEY_CLASSES_ROOT\CLSID\{b4c37147-5920-4675-aed4-0f120f3ec09b} (Trojan.Vundo.H) -> No action taken. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b4c37147-5920-4675-aed4-0f120f3ec09b} (Trojan.Vundo.H) -> No action taken. <br/>HKEY_CLASSES_ROOT\CLSID\{3f160ead-cdc4-49e5-92bd-d73427b5b6f8} (Trojan.Vundo) -> No action taken. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3f160ead-cdc4-49e5-92bd-d73427b5b6f8} (Trojan.Vundo) -> No action taken. <br/>HKEY_CLASSES_ROOT\CLSID\{67da3091-a1dd-4e16-bcdd-1c869b6b9794} (Trojan.Vundo) -> No action taken. <br/>HKEY_CLASSES_ROOT\CLSID\{dc6c0500-6058-4624-87af-db5e1d6ab0c4} (Trojan.Vundo) -> No action taken. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{dc6c0500-6058-4624-87af-db5e1d6ab0c4} (Trojan.Vundo) -> No action taken. <br/>HKEY_CLASSES_ROOT\CLSID\{c3237286-5052-4694-91b3-927685fcd8b7} (Trojan.Vundo) -> No action taken. <br/>HKEY_CLASSES_ROOT\CLSID\{f07d93ec-7e37-4193-96f5-d240336c823e} (Trojan.Vundo) -> No action taken. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f07d93ec-7e37-4193-96f5-d240336c823e} (Trojan.Vundo) -> No action taken. <br/>HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> No action taken. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> No action taken. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> No action taken. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\hggxvnee (Trojan.Vundo) -> No action taken. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cd314030-1a37-4e94-9299-f1aa989a62b6} (Trojan.Vundo) -> No action taken. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{77ab5974-55a3-4737-9fd5-b93c64307f78} (Trojan.Vundo.H) -> No action taken. <br/>HKEY_CLASSES_ROOT\bho_myjavacore.mjcore (Trojan.BHO) -> No action taken. <br/>HKEY_CLASSES_ROOT\bho_myjavacore.mjcore.1 (Trojan.BHO) -> No action taken. <br/>HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> No action taken. <br/>HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> No action taken. <br/>HKEY_CLASSES_ROOT\Interface\{17e44256-51e0-4d46-a0c8-44e80ab4ba5b} (Trojan.BHO) -> No action taken. <br/>HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> No action taken. <br/>HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> No action taken. <br/>HKEY_CLASSES_ROOT\Typelib\{e0f01490-dcf3-4357-95aa-169a8c2b2190} (Trojan.BHO) -> No action taken. <br/>HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> No action taken. <br/>HKEY_CLASSES_ROOT\AppID\{80ef304a-b1c4-425c-8535-95ab6f1eefb8} (Trojan.BHO) -> No action taken. <br/>HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> No action taken. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d88e1558-7c2d-407a-953a-c044f5607cea} (Trojan.BHO) -> No action taken. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> No action taken. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> No action taken. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c68ae9c0-0909-4ddc-b661-c1afb9f59898} (Adware.BookedSpace) -> No action taken. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp (Malware.Trace) -> No action taken. <br/>HKEY_CURRENT_USER\SOFTWARE\videosoft (Trojan.DNSChanger) -> No action taken. <br/>HKEY_CLASSES_ROOT\AppID\BHO_MyJavaCore.DLL (Trojan.BHO) -> No action taken. <br/>HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> No action taken. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> No action taken. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> No action taken. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken. <br/>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE (Trojan.Downloader) -> No action taken. <br/> <br/>Registry Values Infected: <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\zuzaremeju (Trojan.Vundo.H) -> No action taken. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> No action taken. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gadcom (Trojan.Downloader) -> No action taken. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\twain (Trojan.Agent) -> No action taken. <br/> <br/>Registry Data Items Infected: <br/>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\mljaspgg -> No action taken. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\ligasuta.dll -> No action taken. <br/>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\ligasuta.dll -> No action taken. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\ligasuta.dll -> No action taken. <br/>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\mljaspgg -> No action taken. <br/> <br/>Folders Infected: <br/>C:\Program Files\Webtools (Trojan.Agent) -> No action taken. <br/>C:\Program Files\Mjcore (Trojan.BHO) -> No action taken. <br/>C:\Documents and Settings\Zach\Application Data\gadcom (Trojan.Agent) -> No action taken. <br/> <br/>Files Infected: <br/>C:\WINDOWS\system32\mlJAsPgG.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\GgPsAJlm.ini (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\GgPsAJlm.ini2 (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\cbhieigg.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\ggieihbc.ini (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\emxksfvj.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\jvfskxme.ini (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\gimujuri.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\irujumig.ini (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\jeharaya.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\ayarahej.ini (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\jqxcdakn.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\nkadcxqj.ini (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\latibiho.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\ohibital.ini (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\lyhwigyk.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\kygiwhyl.ini (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\mwfmlpex.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\xeplmfwm.ini (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\niyihifi.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\ifihiyin.ini (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\njhyuuqu.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\uquuyhjn.ini (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\osicfbfv.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\vfbfciso.ini (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\pfishlln.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\nllhsifp.ini (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\pmelptgg.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\ggtplemp.ini (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\qiruxeud.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\duexuriq.ini (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\qsywvoyo.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\oyovwysq.ini (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\tagetega.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\agetegat.ini (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\vgfmwlyq.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\qylwmfgv.ini (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\wejuwava.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\avawujew.ini (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\fufakili.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\gmbevjik.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\dusazewa.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\ligasuta.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\nsokqx.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\imfjqs.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\gnjfnp.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\spibhm.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\wtzdzn.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\hgGxVNee.dll (Trojan.Vundo) -> No action taken. <br/>C:\Documents and Settings\Zach\Application Data\gadcom\gadcom.exe (Trojan.Downloader) -> No action taken. <br/>C:\Program Files\Mjcore\Mjcore.dll (Trojan.BHO) -> No action taken. <br/>C:\Program Files\Webtools\webtools.dll (Trojan.BHO) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1100\A0180088.exe (Adware.Webhancer) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1107\A0183203.exe (Trojan.Downloader) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1108\A0184430.dll (Trojan.Vundo) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1108\A0184431.dll (Trojan.Vundo) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1109\A0184533.dll (Trojan.Vundo) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1109\A0184534.dll (Trojan.Vundo) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1109\A0184535.dll (Trojan.Vundo) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1110\A0184614.dll (Trojan.Vundo) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1110\A0184649.dll (Trojan.Vundo) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1110\A0184668.dll (Trojan.Vundo) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1112\A0184739.exe (Trojan.Downloader) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1112\A0184740.exe (Trojan.Downloader) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1113\A0184771.EXE (Trojan.Downloader) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1113\A0184834.exe (Trojan.Vundo) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1113\A0184835.EXE (Adware.Agent) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1113\A0184838.dll (Adware.SurfAccuracy) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1113\A0184839.exe (Trojan.Downloader) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1113\A0184840.exe (Trojan.Downloader) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1117\A0186098.dll (Trojan.Vundo) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1117\A0186099.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1119\A0187199.EXE (Adware.ISM) -> No action taken. <br/>C:\WINDOWS\system32\prunnet.exe (Trojan.Downloader) -> No action taken. <br/>C:\WINDOWS\system32\bjdofpng.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\etggmini.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\fkvsvjfr.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\flzptj.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\likebowa.dll (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\jngcvf.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\vklhdety.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\dyebwnvr.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\kryuis.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\byXRjijH.dll (Trojan.Agent) -> No action taken. <br/>C:\WINDOWS\system32\wjayxhwt.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\tsuninst.exe (Spyware.TargetSaver) -> No action taken. <br/>C:\WINDOWS\system32\garetuso.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\mouwpmrn.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\xybdbz.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\~.exe (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\spoopdqk.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\naprtagi.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\endoqoxx.dll (Trojan.Vundo) -> No action taken. <br/>C:\Documents and Settings\Zach\Local Settings\Temporary Internet Files\Content.IE5\W9UJWLMV\upd105320[1] (Trojan.Vundo.H) -> No action taken. <br/>C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> No action taken. <br/>C:\WINDOWS\system32\sinodisi.dll (Trojan.Vundo) -> No action taken. <br/>C:\WINDOWS\system32\jeteroje.dll (Trojan.Vundo) -> No action taken. <br/>C:\Documents and Settings\Zach\Application Data\Twain\Twain.exe (Trojan.Agent) -> No action taken.
Posted 1/26/2009 11:07 PM
#71699
User avatar

junkyarddog1300 Member

Date Joined Nov 2016
Total Posts: 4
Sorry, forgot to post the log after the delete. <br/>Malwarebytes' Anti-Malware 1.33 <br/>Database version: 1695 <br/>Windows 5.1.2600 Service Pack 3 <br/> <br/>1/26/2009 6:05:14 PM <br/>mbam-log-2009-01-26 (18-05-14).txt <br/> <br/>Scan type: Full Scan (C:\|) <br/>Objects scanned: 108249 <br/>Time elapsed: 1 hour(s), 8 minute(s), 33 second(s) <br/> <br/>Memory Processes Infected: 2 <br/>Memory Modules Infected: 11 <br/>Registry Keys Infected: 48 <br/>Registry Values Infected: 4 <br/>Registry Data Items Infected: 5 <br/>Folders Infected: 3 <br/>Files Infected: 98 <br/> <br/>Memory Processes Infected: <br/>C:\Documents and Settings\Zach\Application Data\gadcom\gadcom.exe (Trojan.Downloader) -> Unloaded process successfully. <br/>C:\Documents and Settings\Zach\Application Data\Twain\Twain.exe (Trojan.Agent) -> Unloaded process successfully. <br/> <br/>Memory Modules Infected: <br/>C:\WINDOWS\system32\jqxcdakn.dll (Trojan.Vundo.H) -> Delete on reboot. <br/>C:\WINDOWS\system32\mlJAsPgG.dll (Trojan.Vundo.H) -> Delete on reboot. <br/>C:\WINDOWS\system32\ligasuta.dll (Trojan.Vundo.H) -> Delete on reboot. <br/>C:\WINDOWS\system32\dusazewa.dll (Trojan.Vundo.H) -> Delete on reboot. <br/>C:\WINDOWS\system32\nsokqx.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\imfjqs.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\gnjfnp.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\spibhm.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\wtzdzn.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\hgGxVNee.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\gmbevjik.dll (Trojan.Vundo.H) -> Delete on reboot. <br/> <br/>Registry Keys Infected: <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cd314030-1a37-4e94-9299-f1aa989a62b6} (Trojan.Vundo.H) -> Delete on reboot. <br/>HKEY_CLASSES_ROOT\CLSID\{cd314030-1a37-4e94-9299-f1aa989a62b6} (Trojan.Vundo.H) -> Delete on reboot. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77ab5974-55a3-4737-9fd5-b93c64307f78} (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\CLSID\{77ab5974-55a3-4737-9fd5-b93c64307f78} (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b4c37147-5920-4675-aed4-0f120f3ec09b} (Trojan.Vundo.H) -> Delete on reboot. <br/>HKEY_CLASSES_ROOT\CLSID\{b4c37147-5920-4675-aed4-0f120f3ec09b} (Trojan.Vundo.H) -> Delete on reboot. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b4c37147-5920-4675-aed4-0f120f3ec09b} (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\CLSID\{3f160ead-cdc4-49e5-92bd-d73427b5b6f8} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3f160ead-cdc4-49e5-92bd-d73427b5b6f8} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\CLSID\{67da3091-a1dd-4e16-bcdd-1c869b6b9794} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\CLSID\{dc6c0500-6058-4624-87af-db5e1d6ab0c4} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{dc6c0500-6058-4624-87af-db5e1d6ab0c4} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\CLSID\{c3237286-5052-4694-91b3-927685fcd8b7} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\CLSID\{f07d93ec-7e37-4193-96f5-d240336c823e} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f07d93ec-7e37-4193-96f5-d240336c823e} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\hggxvnee (Trojan.Vundo) -> Delete on reboot. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cd314030-1a37-4e94-9299-f1aa989a62b6} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{77ab5974-55a3-4737-9fd5-b93c64307f78} (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\bho_myjavacore.mjcore (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\bho_myjavacore.mjcore.1 (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\Interface\{17e44256-51e0-4d46-a0c8-44e80ab4ba5b} (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\Typelib\{e0f01490-dcf3-4357-95aa-169a8c2b2190} (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\AppID\{80ef304a-b1c4-425c-8535-95ab6f1eefb8} (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d88e1558-7c2d-407a-953a-c044f5607cea} (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c68ae9c0-0909-4ddc-b661-c1afb9f59898} (Adware.BookedSpace) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp (Malware.Trace) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\videosoft (Trojan.DNSChanger) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\AppID\BHO_MyJavaCore.DLL (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Delete on reboot. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE (Trojan.Downloader) -> Quarantined and deleted successfully. <br/> <br/>Registry Values Infected: <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\zuzaremeju (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gadcom (Trojan.Downloader) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\twain (Trojan.Agent) -> Quarantined and deleted successfully. <br/> <br/>Registry Data Items Infected: <br/>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\mljaspgg -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\ligasuta.dll -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\ligasuta.dll -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\ligasuta.dll -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\mljaspgg -> Delete on reboot. <br/> <br/>Folders Infected: <br/>C:\Program Files\Webtools (Trojan.Agent) -> Quarantined and deleted successfully. <br/>C:\Program Files\Mjcore (Trojan.BHO) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Zach\Application Data\gadcom (Trojan.Agent) -> Quarantined and deleted successfully. <br/> <br/>Files Infected: <br/>C:\WINDOWS\system32\mlJAsPgG.dll (Trojan.Vundo.H) -> Delete on reboot. <br/>C:\WINDOWS\system32\GgPsAJlm.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\GgPsAJlm.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\cbhieigg.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\ggieihbc.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\emxksfvj.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\jvfskxme.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\gimujuri.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\irujumig.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\jeharaya.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\ayarahej.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\jqxcdakn.dll (Trojan.Vundo.H) -> Delete on reboot. <br/>C:\WINDOWS\system32\nkadcxqj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\latibiho.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\ohibital.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\lyhwigyk.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\kygiwhyl.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\mwfmlpex.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\xeplmfwm.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\niyihifi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\ifihiyin.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\njhyuuqu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\uquuyhjn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\osicfbfv.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\vfbfciso.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\pfishlln.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\nllhsifp.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\pmelptgg.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\ggtplemp.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\qiruxeud.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\duexuriq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\qsywvoyo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\oyovwysq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\tagetega.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\agetegat.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\vgfmwlyq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\qylwmfgv.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\wejuwava.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\avawujew.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\fufakili.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\gmbevjik.dll (Trojan.Vundo.H) -> Delete on reboot. <br/>C:\WINDOWS\system32\dusazewa.dll (Trojan.Vundo.H) -> Delete on reboot. <br/>C:\WINDOWS\system32\ligasuta.dll (Trojan.Vundo.H) -> Delete on reboot. <br/>C:\WINDOWS\system32\nsokqx.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\imfjqs.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\gnjfnp.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\spibhm.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\wtzdzn.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\hgGxVNee.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\Documents and Settings\Zach\Application Data\gadcom\gadcom.exe (Trojan.Downloader) -> Quarantined and deleted successfully. <br/>C:\Program Files\Mjcore\Mjcore.dll (Trojan.BHO) -> Quarantined and deleted successfully. <br/>C:\Program Files\Webtools\webtools.dll (Trojan.BHO) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1100\A0180088.exe (Adware.Webhancer) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1107\A0183203.exe (Trojan.Downloader) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1108\A0184430.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1108\A0184431.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1109\A0184533.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1109\A0184534.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1109\A0184535.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1110\A0184614.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1110\A0184649.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1110\A0184668.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1112\A0184739.exe (Trojan.Downloader) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1112\A0184740.exe (Trojan.Downloader) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1113\A0184771.EXE (Trojan.Downloader) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1113\A0184834.exe (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1113\A0184835.EXE (Adware.Agent) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1113\A0184838.dll (Adware.SurfAccuracy) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1113\A0184839.exe (Trojan.Downloader) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1113\A0184840.exe (Trojan.Downloader) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1117\A0186098.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1117\A0186099.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1119\A0187199.EXE (Adware.ISM) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\prunnet.exe (Trojan.Downloader) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\bjdofpng.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\etggmini.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\fkvsvjfr.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\flzptj.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\likebowa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\jngcvf.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\vklhdety.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\dyebwnvr.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\kryuis.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\byXRjijH.dll (Trojan.Agent) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\wjayxhwt.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\tsuninst.exe (Spyware.TargetSaver) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\garetuso.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\mouwpmrn.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\xybdbz.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\~.exe (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\spoopdqk.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\naprtagi.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\endoqoxx.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Zach\Local Settings\Temporary Internet Files\Content.IE5\W9UJWLMV\upd105320[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\sinodisi.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\jeteroje.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Zach\Application Data\Twain\Twain.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Posted 1/26/2009 11:08 PM
#71700
User avatar

junkyarddog1300 Member

Date Joined Nov 2016
Total Posts: 4
Sorry, forgot to post the log after the delete. <br/>Malwarebytes' Anti-Malware 1.33 <br/>Database version: 1695 <br/>Windows 5.1.2600 Service Pack 3 <br/> <br/>1/26/2009 6:05:14 PM <br/>mbam-log-2009-01-26 (18-05-14).txt <br/> <br/>Scan type: Full Scan (C:\|) <br/>Objects scanned: 108249 <br/>Time elapsed: 1 hour(s), 8 minute(s), 33 second(s) <br/> <br/>Memory Processes Infected: 2 <br/>Memory Modules Infected: 11 <br/>Registry Keys Infected: 48 <br/>Registry Values Infected: 4 <br/>Registry Data Items Infected: 5 <br/>Folders Infected: 3 <br/>Files Infected: 98 <br/> <br/>Memory Processes Infected: <br/>C:\Documents and Settings\Zach\Application Data\gadcom\gadcom.exe (Trojan.Downloader) -> Unloaded process successfully. <br/>C:\Documents and Settings\Zach\Application Data\Twain\Twain.exe (Trojan.Agent) -> Unloaded process successfully. <br/> <br/>Memory Modules Infected: <br/>C:\WINDOWS\system32\jqxcdakn.dll (Trojan.Vundo.H) -> Delete on reboot. <br/>C:\WINDOWS\system32\mlJAsPgG.dll (Trojan.Vundo.H) -> Delete on reboot. <br/>C:\WINDOWS\system32\ligasuta.dll (Trojan.Vundo.H) -> Delete on reboot. <br/>C:\WINDOWS\system32\dusazewa.dll (Trojan.Vundo.H) -> Delete on reboot. <br/>C:\WINDOWS\system32\nsokqx.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\imfjqs.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\gnjfnp.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\spibhm.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\wtzdzn.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\hgGxVNee.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\gmbevjik.dll (Trojan.Vundo.H) -> Delete on reboot. <br/> <br/>Registry Keys Infected: <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cd314030-1a37-4e94-9299-f1aa989a62b6} (Trojan.Vundo.H) -> Delete on reboot. <br/>HKEY_CLASSES_ROOT\CLSID\{cd314030-1a37-4e94-9299-f1aa989a62b6} (Trojan.Vundo.H) -> Delete on reboot. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77ab5974-55a3-4737-9fd5-b93c64307f78} (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\CLSID\{77ab5974-55a3-4737-9fd5-b93c64307f78} (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b4c37147-5920-4675-aed4-0f120f3ec09b} (Trojan.Vundo.H) -> Delete on reboot. <br/>HKEY_CLASSES_ROOT\CLSID\{b4c37147-5920-4675-aed4-0f120f3ec09b} (Trojan.Vundo.H) -> Delete on reboot. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b4c37147-5920-4675-aed4-0f120f3ec09b} (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\CLSID\{3f160ead-cdc4-49e5-92bd-d73427b5b6f8} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3f160ead-cdc4-49e5-92bd-d73427b5b6f8} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\CLSID\{67da3091-a1dd-4e16-bcdd-1c869b6b9794} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\CLSID\{dc6c0500-6058-4624-87af-db5e1d6ab0c4} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{dc6c0500-6058-4624-87af-db5e1d6ab0c4} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\CLSID\{c3237286-5052-4694-91b3-927685fcd8b7} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\CLSID\{f07d93ec-7e37-4193-96f5-d240336c823e} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f07d93ec-7e37-4193-96f5-d240336c823e} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\hggxvnee (Trojan.Vundo) -> Delete on reboot. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cd314030-1a37-4e94-9299-f1aa989a62b6} (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{77ab5974-55a3-4737-9fd5-b93c64307f78} (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\bho_myjavacore.mjcore (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\bho_myjavacore.mjcore.1 (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\Interface\{17e44256-51e0-4d46-a0c8-44e80ab4ba5b} (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\Typelib\{e0f01490-dcf3-4357-95aa-169a8c2b2190} (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\AppID\{80ef304a-b1c4-425c-8535-95ab6f1eefb8} (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d88e1558-7c2d-407a-953a-c044f5607cea} (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c68ae9c0-0909-4ddc-b661-c1afb9f59898} (Adware.BookedSpace) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp (Malware.Trace) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\videosoft (Trojan.DNSChanger) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\AppID\BHO_MyJavaCore.DLL (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Delete on reboot. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE (Trojan.Downloader) -> Quarantined and deleted successfully. <br/> <br/>Registry Values Infected: <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\zuzaremeju (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gadcom (Trojan.Downloader) -> Quarantined and deleted successfully. <br/>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\twain (Trojan.Agent) -> Quarantined and deleted successfully. <br/> <br/>Registry Data Items Infected: <br/>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\mljaspgg -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\ligasuta.dll -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\ligasuta.dll -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\ligasuta.dll -> Quarantined and deleted successfully. <br/>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\mljaspgg -> Delete on reboot. <br/> <br/>Folders Infected: <br/>C:\Program Files\Webtools (Trojan.Agent) -> Quarantined and deleted successfully. <br/>C:\Program Files\Mjcore (Trojan.BHO) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Zach\Application Data\gadcom (Trojan.Agent) -> Quarantined and deleted successfully. <br/> <br/>Files Infected: <br/>C:\WINDOWS\system32\mlJAsPgG.dll (Trojan.Vundo.H) -> Delete on reboot. <br/>C:\WINDOWS\system32\GgPsAJlm.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\GgPsAJlm.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\cbhieigg.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\ggieihbc.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\emxksfvj.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\jvfskxme.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\gimujuri.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\irujumig.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\jeharaya.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\ayarahej.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\jqxcdakn.dll (Trojan.Vundo.H) -> Delete on reboot. <br/>C:\WINDOWS\system32\nkadcxqj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\latibiho.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\ohibital.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\lyhwigyk.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\kygiwhyl.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\mwfmlpex.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\xeplmfwm.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\niyihifi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\ifihiyin.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\njhyuuqu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\uquuyhjn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\osicfbfv.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\vfbfciso.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\pfishlln.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\nllhsifp.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\pmelptgg.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\ggtplemp.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\qiruxeud.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\duexuriq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\qsywvoyo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\oyovwysq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\tagetega.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\agetegat.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\vgfmwlyq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\qylwmfgv.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\wejuwava.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\avawujew.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\fufakili.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\gmbevjik.dll (Trojan.Vundo.H) -> Delete on reboot. <br/>C:\WINDOWS\system32\dusazewa.dll (Trojan.Vundo.H) -> Delete on reboot. <br/>C:\WINDOWS\system32\ligasuta.dll (Trojan.Vundo.H) -> Delete on reboot. <br/>C:\WINDOWS\system32\nsokqx.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\imfjqs.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\gnjfnp.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\spibhm.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\wtzdzn.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\WINDOWS\system32\hgGxVNee.dll (Trojan.Vundo) -> Delete on reboot. <br/>C:\Documents and Settings\Zach\Application Data\gadcom\gadcom.exe (Trojan.Downloader) -> Quarantined and deleted successfully. <br/>C:\Program Files\Mjcore\Mjcore.dll (Trojan.BHO) -> Quarantined and deleted successfully. <br/>C:\Program Files\Webtools\webtools.dll (Trojan.BHO) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1100\A0180088.exe (Adware.Webhancer) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1107\A0183203.exe (Trojan.Downloader) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1108\A0184430.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1108\A0184431.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1109\A0184533.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1109\A0184534.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1109\A0184535.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1110\A0184614.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1110\A0184649.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1110\A0184668.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1112\A0184739.exe (Trojan.Downloader) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1112\A0184740.exe (Trojan.Downloader) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1113\A0184771.EXE (Trojan.Downloader) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1113\A0184834.exe (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1113\A0184835.EXE (Adware.Agent) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1113\A0184838.dll (Adware.SurfAccuracy) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1113\A0184839.exe (Trojan.Downloader) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1113\A0184840.exe (Trojan.Downloader) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1117\A0186098.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1117\A0186099.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{6ABB8BB3-066D-450C-9235-42330B90445C}\RP1119\A0187199.EXE (Adware.ISM) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\prunnet.exe (Trojan.Downloader) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\bjdofpng.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\etggmini.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\fkvsvjfr.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\flzptj.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\likebowa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\jngcvf.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\vklhdety.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\dyebwnvr.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\kryuis.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\byXRjijH.dll (Trojan.Agent) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\wjayxhwt.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\tsuninst.exe (Spyware.TargetSaver) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\garetuso.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\mouwpmrn.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\xybdbz.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\~.exe (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\spoopdqk.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\naprtagi.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\endoqoxx.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Zach\Local Settings\Temporary Internet Files\Content.IE5\W9UJWLMV\upd105320[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\sinodisi.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\jeteroje.dll (Trojan.Vundo) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Zach\Application Data\Twain\Twain.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Posted 2/10/2009 2:39 AM
#72270
User avatar

junkyarddog1300 Member

Date Joined Nov 2016
Total Posts: 4
Sorry i forgot to reply, but the issue is resolved. Thank you.
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Tuesday, December 6, 2016, 9:25 AM (GMT +1)
There are a total of 61,160 posts in 13,449 threads.
In the last 3 days there were 2 new threads and 3 reply posts.

Who's online

This forum has 37,965 registered members. Please welcome our newest member, Old shape.
There are currently no users on-line.