Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Adware-Virtumundo


  • Please log in to reply

#1
k27

k27

    New Member

  • Member
  • Pip
  • 2 posts
Hi there...

It looks like i may have finally found someone who can help me!!!
For the past few days i've been receiving an Open File - Security Warning "Do you want to fun this file? WFXScanR.exe?" I have been clicking on Cancel but it still keeps popping up... McAfee Virus Scan has also located the PUP C:Windows/Systems32/vtutq.dll and i I tried to remove or clean the PUP but it doesnt allow me to. When i do a search on the file, i can't locate it... Does this mean my computer hasnt been infected yet because i havent accepted/run the file? If so, can i still do something to prevent this?

I'm not sure if i need to or how to send you the Hijack Log.. I have downloaded the Spyware Doctor, do i need to download the other programs too??

:tazz:

Edited by k27, 18 October 2005 - 07:00 AM.

  • 0

Advertisements


#2
k27

k27

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Here is My Scan Results (which is clear to me now that i do have infected files):
scan start: 18/10/2005 10:55:49 PM
scan stop: 18/10/2005 11:06:37 PM
scanned items: 80724
found items: 96
found and ignored: 0
tools used: General Scanner, Process Scanner, Hosts scanner, LSP Scanner, Registry Scanner, Browser Defaults, Favorites and ZoneMap Scanner, ActiveX Scanner, Browser Activity Scanner, Disk Scanner



Infection Name Location Risk
BearShare HKLM\SOFTWARE\Magnet\Handlers\Bearshare Info & PUAs
BearShare HKLM\SOFTWARE\Magnet\Handlers\Bearshare## Info & PUAs
BearShare HKLM\SOFTWARE\Magnet\Handlers\Bearshare##Description Info & PUAs
BearShare HKLM\SOFTWARE\Magnet\Handlers\Bearshare##DefaultIcon Info & PUAs
BearShare HKLM\SOFTWARE\Magnet\Handlers\Bearshare##ShellExecute Info & PUAs
BearShare HKLM\SOFTWARE\Magnet\Handlers\Bearshare##DdeApplication Info & PUAs
BearShare HKLM\SOFTWARE\Magnet\Handlers\Bearshare##DdeTopic Info & PUAs
BearShare HKLM\SOFTWARE\Magnet\Handlers\Bearshare\Type Info & PUAs
BearShare HKLM\SOFTWARE\Magnet\Handlers\Bearshare\Type## Info & PUAs
BearShare HKLM\SOFTWARE\Magnet\Handlers\Bearshare\Type##urn:sha1 Info & PUAs
BearShare HKLM\SOFTWARE\Magnet\Handlers\Bearshare\Type##urn:bitprint Info & PUAs
BearShare HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5F95E1AF-2620-4f15-BDF9-7FDCE4607E17} Info & PUAs
BearShare HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5F95E1AF-2620-4f15-BDF9-7FDCE4607E17}## Info & PUAs
BearShare HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5F95E1AF-2620-4f15-BDF9-7FDCE4607E17}##Version Info & PUAs
BearShare HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5F95E1AF-2620-4f15-BDF9-7FDCE4607E17}##ComponentID Info & PUAs
BearShare HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5F95E1AF-2620-4f15-BDF9-7FDCE4607E17}##IsInstalled Info & PUAs
BearShare HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5F95E1AF-2620-4f15-BDF9-7FDCE4607E17}##Locale Info & PUAs
BearShare HKU\.DEFAULT\AppEvents\EventLabels\BearShareChatNotifyMsg Info & PUAs
BearShare HKU\.DEFAULT\AppEvents\EventLabels\BearShareChatNotifyMsg## Info & PUAs
BearShare HKU\.DEFAULT\AppEvents\Schemes\Apps\BearShare Info & PUAs
BearShare HKU\.DEFAULT\AppEvents\Schemes\Apps\BearShare## Info & PUAs
BearShare HKU\.DEFAULT\AppEvents\Schemes\Apps\BearShare\BearShareChatNotifyMsg Info & PUAs
BearShare HKU\.DEFAULT\AppEvents\Schemes\Apps\BearShare\BearShareChatNotifyMsg## Info & PUAs
BearShare HKU\.DEFAULT\AppEvents\Schemes\Apps\BearShare\BearShareChatNotifyMsg\.Current Info & PUAs
BearShare HKU\.DEFAULT\AppEvents\Schemes\Apps\BearShare\BearShareChatNotifyMsg\.Current## Info & PUAs
WhenU.SaveNow HKLM\software\classes\runmsc.loader Low
WhenU.SaveNow HKLM\software\classes\runmsc.loader## Low
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\3N5VD9JG\pc[1].htm High
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\3N5VD9JG\horiz-L2R[1].gif High
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\F8LNQ4UD\pc[1].htm High
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\F8LNQ4UD\BeachChairs[1].jpg High
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\4HIRC5EV\horiz-R2L[1].gif High
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\OLYVSX2V\star2[1].gif High
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\3N5VD9JG\star4[1].gif High
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\F8LNQ4UD\RollerCoaster[1].jpg High
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\OLYVSX2V\vert-B2T[1].gif High
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\4HIRC5EV\index[2].htm Elevated
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\4HIRC5EV\functions.js[1].htm Elevated
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\OLYVSX2V\vert-T2B[1].gif High
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\4HIRC5EV\AniVertBar2[1].gif High
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\3N5VD9JG\header-bg[1].gif Elevated
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\3N5VD9JG\CruiseShip2[1].jpg High
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\OLYVSX2V\txtChoose[1].gif High
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\OLYVSX2V\checksoft[1].js Elevated
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\4HIRC5EV\star0[1].gif High
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\OLYVSX2V\btn-click-here3[1].gif Elevated
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\F8LNQ4UD\styles[1].css Elevated
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\3N5VD9JG\star1[1].gif High
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\F8LNQ4UD\index6[1].css Elevated
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\OLYVSX2V\arrow[1].gif Elevated
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\4HIRC5EV\icon3[1].gif Elevated
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\F8LNQ4UD\blue3[1].jpg High
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\F8LNQ4UD\icon1[1].gif Elevated
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\4HIRC5EV\footer-bg[1].gif Elevated
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\F8LNQ4UD\logo-bg[1].gif Elevated
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\OLYVSX2V\icon2[1].gif Elevated
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\4HIRC5EV\cruisesmall[1].jpg High
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\3N5VD9JG\logo3[1].gif Elevated
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\3N5VD9JG\icon4[1].gif Elevated
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\3N5VD9JG\download2[1].htm Elevated
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\4HIRC5EV\star3[1].gif High
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\F8LNQ4UD\WinFixer2005ScannerInstall[1].exe Elevated
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\OLYVSX2V\WINNERFLASH[1].gif High
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\OLYVSX2V\index[6].htm Elevated
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\F8LNQ4UD\icon5[1].gif Elevated
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\3N5VD9JG\WFXScanR[1].exe Elevated
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\OLYVSX2V\page-bg[1].gif Elevated
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\4HIRC5EV\cdown[1].gif High
Known Bad Sites C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\4HIRC5EV\pc[1].htm High
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\4HIRC5EV\win_fixer_banner[1].swf Elevated
Affiliated with Browser Hijackers C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\3N5VD9JG\box2[1].gif Elevated
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\F8LNQ4UD\tucows_5_cows[1].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\4HIRC5EV\topshareware[1].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\3N5VD9JG\sharetool_logo1[1].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\4HIRC5EV\soft14[1].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\3N5VD9JG\logo[2].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\3N5VD9JG\check[1].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\OLYVSX2V\penguinsoft[1].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\4HIRC5EV\softpedia_clean_award[1].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\F8LNQ4UD\emaddr[1].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\OLYVSX2V\allthesoft_5rating[1].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\4HIRC5EV\discountfiles[1].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\F8LNQ4UD\spyzooka[1].htm High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\F8LNQ4UD\soft_for_all_5stars[1].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\OLYVSX2V\daolnwod5[1].jpg High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\4HIRC5EV\freescanbl[1].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\F8LNQ4UD\design[1].css High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\3N5VD9JG\carlhaugen[1].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\3N5VD9JG\sharewareriver[1].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\4HIRC5EV\5starshare_award5[1].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\F8LNQ4UD\award5stars_softsland[1].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\3N5VD9JG\download2you[1].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\OLYVSX2V\brothersoft[1].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\F8LNQ4UD\5stars_rating[1].gif High
Rogue Anti-Spyware Products C:\Documents and Settings\Kally\Local Settings\Temporary Internet Files\Content.IE5\3N5VD9JG\bluebox[1].gif High
Tracking Cookie(s) C:\Documents and Settings\Kally\Cookies\kally@geekstogo[1].txt Medium

Hope to hear from you soon..

Edited by k27, 18 October 2005 - 07:14 AM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP