I had a problem with Virtumonde spyware a few days ago which Pancake helped me to remove but i am still getting winantivirus popups every now and then so something is still not right.

Ewido comes up with just a couple of tracking cookies and from what i can see, my HJT log seems fine. Could someone please give me a second opinion?

Thanks,

B

Attached Files

	hijackthis.log (3.4 KB, 2 views)
	Report-Scan-20060707-133426.txt (1.3 KB, 1 views)

Do you get the winantivirus popups even when you are not actively browsing? If no, do the popups appear when you are on specific site(s)?

Thanks for the reply.

Am i right in saying my HJT log seems clear?

I have had the winantivirus popup when just on my desktop then even though i press X to close the window it opens FireFox and directs me to the web page. They are very few and far between though....i get maybe 1 every couple of hours.

I have just ran CCleaner and totally flushed out so hopefully it was just the remains of the virtumonde **** and i have now gotten rid.

Will post again if i get another popup.

Let's see if it isn't still hiding on youre pc:

Please download VundoFix.exe from here , and save it to your desktop.

• Double-click VundoFix.exe to run it.
• Put a check next to Run VundoFix as a task.
• You will receive a message saying vundofix will close and re-open in a minute or less. Click OK
• When VundoFix re-opens, click the Scan for Vundo button.
• Once it's done scanning, click the Remove Vundo button.
• You will receive a prompt asking if you want to remove the files, click YES
• Once you click yes, your desktop will go blank as it starts removing Vundo.
• When completed, it will prompt that it will shutdown your computer, click OK.
• Turn your computer back on.

Please post the contents of C:\vundofix.txt.

For users who's tool will not reopen automaticly , try moving VundoFix.exe to the root directory (usually c:\) and run it as a task from there.


And i would recommend to update youre Java:

Updating Java:

• Go to Start > Control Panel double-click on the Software icon > add/remove programs.
• Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
  It should have next icon next to it:
  Select it and click Remove.
• Then Download and install the newest version from here:
  http://www.java.com/en/download/manual.jsp

Hi joe5.

I ran vundofix after i posted earlier, just to make sure i got it all the first time....unfortunately i deleted the log. I have an OCD approach to my desktop y'see

Anyway, i'm glad to report i have not had the popup since my last post so it looks like we got the little critter.

Thanks for the info on updating my java too....i was running the last version rather than the latest so i'll get that updated now.

Thanks for the help guys. You do an awesome service to mankind

Sounds good sofar.

I'll mark this as Fixed for now , but just report back if it turns out there not gone ofcourse.