Home > General > Top-banners.com/vundo


Please help!!Here is the latest HiJack This logfile:Logfile of HijackThis v1.99.1Scan saved at 9:50:31 PM, on 4/10/2007Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\windows\System32\smss.exeC:\windows\system32\csrss.exeC:\windows\system32\winlogon.exeC:\windows\system32\services.exeC:\windows\system32\lsass.exeC:\windows\system32\svchost.exeC:\windows\System32\svchost.exeC:\windows\System32\svchost.exeC:\windows\System32\svchost.exeC:\windows\system32\spoolsv.exeC:\windows\Explorer.EXEC:\Program Files\Adobe\Photoshop Album Starter Then I get to the next page where you click on the My Computer and I have done it now 4 times. I'll give you a website after we are done that many members found very helpful to help speed up their computer. Click the Statistics/Logs tab.Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.It will open in your default text editor (such as Notepad/Wordpad).Please highlight everything in the notepad, then right-click and choose copy.Click close navigate here

I have run and installed just about everything in order to clean this system. Oct 06, 2008 - 14:48 Like HibonActivity Score 3736Cooool !!!! I had to hard boot it manually. Awaiting further instructions.

Visitor is reading अमेरिकामा हिडिरहेको अवस्थामा भारतीय महिलालाई प्रहरीले कागज द Visitor is reading PHARMACY INFO. C:\WINDOWS\system32\micro1\win5.exe -> Dropper.Agent.bfr : Cleaned with backup (quarantined). Visitor is reading पूर्व पतिको बिबाह हुने खबर सुन्दा प्रियंका कार्की बेहोस Your Banner Here Subscribers [Total Subscribers 1] natyavaruval Please log in to subscribe to confused_soul's postings. :: Subscribe Oct 06, 2008 - 22:14 Like jimchristianxActivity Score 116Definitely done by a traditional ad agency.

YOU CAN ALSO IN ORDER TO POST! C:\Program Files\HijackThis\backups\backup-20070411-191731-536.dll -> Downloader.ConHook.an : Cleaned with backup (quarantined). C:\WINDOWS\system32\drivers\core.sys -> Rootkit.Agent.eq : Cleaned with backup (quarantined). Posted on 03-24-098:56 AM Reply [Subscribe] Login in to Rate this Post: 0 ?

I am at my wits end!! This could be an application that expires after a few days, weeks... Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe" []"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" []"Windows update loader"="C:\Windows\xpupdate.exe" []"Spoolsv"="C:\WINDOWS\system32\spoolvs.exe" []C:\Documents and Settings\kyles huntin @ fish\Start Menu\Programs\Startup\DESKTOP.INI [8/10/2004 2:04:12 PM] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [12/14/2004 https://adsoftheworld.com/media/online/doritos_case_study Events + ADD EVENTS FEB 17 FRI » MA » Party » Valentine party with Naren Limbu, Boston FEB 19 SUN » IL » Concert » Nima Rumba and the Band-Chicago,IL

Logfile of HijackThis v1.99.1Scan saved at 7:31:38 PM, on 4/11/2007Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\windows\System32\smss.exeC:\windows\system32\csrss.exeC:\windows\system32\winlogon.exeC:\windows\system32\services.exeC:\windows\system32\lsass.exeC:\windows\system32\svchost.exeC:\windows\System32\svchost.exeC:\windows\System32\svchost.exeC:\windows\System32\svchost.exeC:\windows\Explorer.EXEC:\windows\system32\spoolsv.exeC:\Program Files\Webroot\Spy Sweeper\SpySweeper.exeC:\Program Files\Spyware Doctor\SDTrayApp.exeC:\Program Files\Prevx1\PXConsole.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\Spyware Doctor\svcntaux.exeC:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exeC:\Program plus WTF IS WITH THAT GD-ANNOYING SONG??! C:\Documents and Settings\Cassandra\Cookies\[email protected][2].txt -> TrackingCookie.Aavalue : Cleaned. C:\Program Files\HijackThis\backups\backup-20070410-184148-181.dll -> Adware.ZQuest : Cleaned with backup (quarantined).

is this "Nepalileaks"?? Download and try Malwarebytes Anti-Malware from http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html View/Share this post only View User Profile View User Postings chipledhunga Please log in to subscribe to chipledhunga's postings. Is this normal?? 0 #8 hottiemom24 Posted 11 April 2007 - 08:28 PM hottiemom24 Member Topic Starter Member 42 posts Ok, this log file popped up and I still see crap If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats.

Both McAfee and Norton could detect the trojan but failed to completely remove it. check over here i am running windows xp. Several functions may not work. I have 'fixed' them 4 times now!

Win32/Vundo might also attempt to shut down the McAfee Common Framework service. Oct 06, 2008 - 15:59 Like LessTalkMoreMockActivity Score 104Sigh* we are now stealing ideas from people who are more creatively finding ways to avoid online advertising? Oct 06, 2008 - 6:27 Like vaikuntaActivity Score 64This is so cool, you should put it some where like a banner! his comment is here If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.

The fact that this form of advertising is achieving the current social conversation it's getting = Gold. "a good creative doesn't let anyone know where he stole the idea from in Anyone... The demon possession you are experiencing may have deceptively come attached to a recent download of an infected file or plug-in.

Please don't answer me back till I posst the other stuff.

All Rights Reserved. From there, Trojan.Win32/Vundo.gen!X may modify the OS itself and intercept calls to fool your anti-malware and remain undetected. Hi ppl my comp is infected with Vundo...So any1 with previous experience with this please help me out..it's making my life hell.. Share this post Link to post Share on other sites FShite    New Member Topic Starter Members 25 posts ID: 3   Posted February 19, 2008 Malwarebytes' Anti-Malware 1.03Database version: 370Scan

so i downloaded windows live one care and it worked. Oct 06, 2008 - 17:57 Like LessTalkMoreMockActivity Score 104Of the 100+ add-ons available for Firefox, "adblockers" are the most popular. Share this post Link to post Share on other sites FShite    New Member Topic Starter Members 25 posts ID: 7   Posted February 21, 2008 That did the trick on weblink Stop the madness before it goes too far!

vundofix seemed to have removed some files, but norton is still detecting and blocking intrusion attempts from top-banners.com. I was bombarded by pop ups, and also browser windows closed without any warning not to mention the overall performance degradation and frequent lock ups. For example, in the wild variants have been observed to connect to the following IP addresses: Later variants, such as Trojan:Win32/Vundo.QA and Trojan:Win32/Vundo.gen!AW, may connect to Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\Netscape Internet Service\Netscape Web Accelerator\pbhelper.dllO2 -

Please post that log in your next reply.Important Note - Do not mouseclick combofix's window whilst it's running. Privacy Policy Rules · Help Advertise | About Us | User Agreement | Privacy Policy | Sitemap | Chat | RSS Feeds | Contact Us Tech Support Forums | Virus Removal C:\Program Files\HijackThis\backups\backup-20070411-193100-494.dll -> Downloader.ConHook.an : Cleaned with backup (quarantined). I logged on to get to this site and sure enough got 3 pop ups.

Username or email: I've forgotten my password Forum Password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Community Forum Just a 'Doritos experience'. Says that the system is clean. I have a set of restore CDs on the way but I wondered if I couldn't clean it up instead.

Most anti-virus or anti-spyware programs are not equipped to detect and remove Trojan.Win32/Vundo.gen!X, so you should not be dismayed when you learn that your manual efforts failed. OK back to your computer. Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\PROGRA~1\NETSCA~1\NETSCA~1\pbhelper.dllO2 - BHO: PnIEBrowserHelperObj Class - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} iphone 5 koi?

If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead. Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe" -quietO4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /backgroundO4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exeO4 - HKCU\..\Run: [spoolsv] C:\WINDOWS\system32\spoolvs.exeO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE. not that new.

I am ready to chuck this computer out the window. 0 #6 hottiemom24 Posted 11 April 2007 - 07:59 PM hottiemom24 Member Topic Starter Member 42 posts Here is the uninstall about semester break help Vundo infected.. I ran the Vundo fix with windows up and it locked up. Simple ideas are the best !