VundoFix V4.0
Listing files found while scanning....
VundoFix V4.2.27
Scan started at 7:27:05 AM 3/2/2006
Listing files found while scanning....
C:\WINDOWS\system32\ursqn.dll
C:\WINDOWS\System32\wvwwu.dll
C:\WINDOWS\System32\uwwvw.ini
C:\WINDOWS\System32\uwwvw.bak2
C:\WINDOWS\System32\uwwvw.ini2
C:\WINDOWS\System32\pmnmj.dll
C:\WINDOWS\System32\jmnmp.ini
C:\WINDOWS\System32\jmnmp.bak1
C:\WINDOWS\System32\jmnmp.bak2
C:\WINDOWS\system32\jmnmp.bak1
C:\WINDOWS\system32\jmnmp.bak2
C:\WINDOWS\system32\jmnmp.ini
C:\WINDOWS\system32\pmnmj.dll
C:\WINDOWS\system32\uwwvw.ini2
C:\WINDOWS\system32\uwwvw.bak2
C:\WINDOWS\system32\uwwvw.ini
C:\WINDOWS\system32\uwwvw.ini2
C:\WINDOWS\system32\wvwwu.dll
Attempting to delete C:\WINDOWS\system32\ursqn.dll
C:\WINDOWS\system32\ursqn.dll Has been deleted!
Attempting to delete C:\WINDOWS\System32\wvwwu.dll
C:\WINDOWS\System32\wvwwu.dll Has been deleted!
Attempting to delete C:\WINDOWS\System32\uwwvw.ini
C:\WINDOWS\System32\uwwvw.ini Has been deleted!
Attempting to delete C:\WINDOWS\System32\uwwvw.bak2
C:\WINDOWS\System32\uwwvw.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\System32\uwwvw.ini2
C:\WINDOWS\System32\uwwvw.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\System32\pmnmj.dll
C:\WINDOWS\System32\pmnmj.dll Has been deleted!
Attempting to delete C:\WINDOWS\System32\jmnmp.ini
C:\WINDOWS\System32\jmnmp.ini Has been deleted!
Attempting to delete C:\WINDOWS\System32\jmnmp.bak1
C:\WINDOWS\System32\jmnmp.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\System32\jmnmp.bak2
C:\WINDOWS\System32\jmnmp.bak2 Has been deleted!
Performing Repairs to the registry.
Done!
Logfile of HijackThis v1.99.1
Scan saved at 10:03:10 PM, on 3/2/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Warez P2P Client\warez.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bell\Access Manager\app\TangoService.exe
C:\WINDOWS\wscntify.exe
C:\WINDOWS\winmgmc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Brandon1\Desktop\apps\HijackThis.exe
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [winsync] C:\WINDOWS\System32\yopyak.exe reg_run
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [warez] "C:\Program Files\Warez P2P Client\warez.exe" -h
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} -
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) -
http://housecall65.t...ivex/hcImpl.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) -
https://h17000.www1....loadManager.ocxO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn...pDownloader.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{6D26235C-B977-4564-8514-B22928DA66CE}: Domain = sympatico.ca
O17 - HKLM\System\CCS\Services\Tcpip\..\{BEB044F9-39C8-4576-925F-A2BBC7895333}: NameServer = 67.69.184.135 206.47.244.51
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AppGateway - Unknown owner - C:\WINDOWS\alg.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: SSMC (SpoolSvcw) - Unknown owner - C:\WINDOWS\spoolsc.exe (file missing)
O23 - Service: Tango Service (TangoService) - Unknown owner - C:\Program Files\Bell\Access Manager\app\TangoService.exe
O23 - Service: windows virus scanner (windows antivirus) - Unknown owner - C:\WINDOWS\nav32.exe (file missing)
O23 - Service: windows kernel 386 (windows kernel) - Unknown owner - C:\WINDOWS\krnl386.exe (file missing)
O23 - Service: network monitoring tools (windows network) - Unknown owner - C:\WINDOWS\nvcr32.exe (file missing)
O23 - Service: security centre (windows security centre) - Unknown owner - C:\WINDOWS\wscntify.exe
O23 - Service: Microsoft Windows Update Service (Windows Update Service) - Unknown owner - C:\WINDOWS\services.exe (file missing)
O23 - Service: Windows Logon (winlog) - Unknown owner - C:\WINDOWS\winlog.exe (file missing)
O23 - Service: Windows Control MnG (winmgmc) - Unknown owner - C:\WINDOWS\winmgmc.exe