Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Death by Virtumondo

  • Please log in to reply



    New Member

  • Member
  • Pip
  • 2 posts
Anyone interested or has plans filing a Class Action against Virtumundo, Inc. 8400 W. 110th Street Suite 330 Overland Park, KS 66210 Phone: 913-660-1300, please let me know; I'm on-board.

In my opinion, this company is headed by pure idiots. How long does a company plan do be around while pissing people off hummmmmm????

If anyone has knowledge how to extract parasite from my throat, I would greatly appreciate help. Please see the following Microsoft Spyware scan and Hijackthis! run.

Spyware Scan Details
Start Date: 10/26/2005 11:27:16 AM
End Date: 10/26/2005 11:33:17 AM
Total Time: 6 mins 1 secs

Detected Threats

Virtumondo Adware more information...
Status: Removed
High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed.

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSEvents.MSEvents.1 MSEvents Object
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSEvents.MSEvents\CLSID {8DBF02DA-4360-4A7E-BEA1-347B87816327}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSEvents.MSEvents\CurVer MSEvents.MSEvents.1
HKEY_CLASSES_ROOT\MSEvents.MSEvents\CLSID {8DBF02DA-4360-4A7E-BEA1-347B87816327}
HKEY_CLASSES_ROOT\MSEvents.MSEvents\CurVer MSEvents.MSEvents.1
HKEY_CLASSES_ROOT\MSEvents.MSEvents MSEvents Object
HKEY_CLASSES_ROOT\MSEvents.MSEvents.1\CLSID {8DBF02DA-4360-4A7E-BEA1-347B87816327}
HKEY_CLASSES_ROOT\MSEvents.MSEvents.1 MSEvents Object
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSEvents.MSEvents.1\CLSID {8DBF02DA-4360-4A7E-BEA1-347B87816327}

Detected Spyware Cookies
No spyware cookies were found during this scan.

Logfile of HijackThis v1.99.1
Scan saved at 1:03:07 PM, on 10/26/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\USB Flash Disk Utility\UFD Utility\UFDMon.exe
C:\Program Files\USB Flash Disk Utility\UFD Utility\USBTD.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Wireless 11Mbps Network\XPFix.exe
C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
C:\Program Files\Remote Master\Remote Master.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Documents and Settings\Administrator\Desktop\New Folder\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://moneycentral....r.asp?mcrid=214
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [UFD Monitor] C:\Program Files\USB Flash Disk Utility\UFD Utility\UFDMon.exe
O4 - HKLM\..\Run: [UFD Utility] C:\Program Files\USB Flash Disk Utility\UFD Utility\USBTD.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DisableEHCI] C:\WINDOWS\S4TSR.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Alice] C:\Program Files\Wireless 11Mbps Network\XPFix.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [IR501 Remote Control] C:\Program Files\Remote Master\Remote Master.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn...UC/MsnPUpld.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SDPAUMS server service (SDPASVC) - Matsushita Electric Industrial Co.,Ltd. - C:\WINDOWS\System32\sdpasvc.exe
O23 - Service: SmartLinkService (SLService) - Unknown owner - slserv.exe (file missing)
O23 - Service: Windows Spooler (winspool32) - Unknown owner - C:\WINDOWS\spool.exe (file missing)
  • 0


Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP