Thanks, so much for your help!
New HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:32:30 PM, on 9/1/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft SQL Server\MSSQL$KBMSS\Binn\sqlservr.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Dell\RAID Storage Manager\StorServ.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\dumb.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.emastercam.com/cgi-bin/ultimatebb.cgi
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.dell.com
O2 - BHO: (no name) - {02DCA195-602B-4B1F-83FF-381B7E804BDB} - C:\WINDOWS\SYSTEM32\HDBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.7\THGuard.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [RssReader] C:\Program Files\RssReader\RssReader.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: Start 3DxWare.lnk = C:\Program Files\3Dconnexion\3Dconnexion 3DxWare\3DxSrv.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Microsoft AntiSpyware helper - {2D6667CD-7DBC-462B-9219-69B03F9E3A42} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2D6667CD-7DBC-462B-9219-69B03F9E3A42} - (no file) (HKCU)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) -
https://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) -
http://www.trendsecure.com/framework/co ... mHcmsX.CAB
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) -
http://h20270.www2.hp.com/ediags/gmn/in ... er_gmn.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) -
http://housecall65.trendmicro.com/house ... hcImpl.cab
O16 - DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101} (EModelNonVersionSpecificViewControl Class) -
http://www.3dpublisher.net/SWService/eD ... nglish.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupda ... 4814349281
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) -
http://housecall65.trendmicro.com/house ... hcImpl.cab
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) -
file://C:\Program Files\AutoCAD 2002\AcDcToday.ocx
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) -
https://h17000.www1.hp.com/ewfrf-JAVA/S ... anager.ocx
O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) -
file://C:\Program Files\AutoCAD 2002\InstBanr.ocx
O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) -
file://C:\Program Files\AutoCAD 2002\InstFred.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) -
file://C:\Program Files\AutoCAD 2002\AcPreview.ocx
O20 - Winlogon Notify: khfgefd - khfgefd.dll (file missing)
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: RAID Storage Manager Agent (RAIDStorAgent) - Dell - C:\Program Files\Dell\RAID Storage Manager\StorServ.exe
O24 - Desktop Component 0: (no name) - C:\Program Files\Windows Media Player\profsywuywue.html
--
End of file - 8591 bytes
ComboFix:
ComboFix 07-08-30.3 - "R. Mark Anderson" 2007-09-01 15:06:26.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.1.1252.1.1033.18.638 [GMT -4:00]
* Created a new restore point
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\R1D43~1.MAR\APPLIC~1\winantispyware 2007
C:\DOCUME~1\R1D43~1.MAR\STARTM~1\Programs\Startup.\TA_Start.lnk
C:\DOCUME~1\R1D43~1.MAR\STARTM~1\Programs\Startup\ta_start.lnk
C:\Program Files\Common Files\WinAntiSpyware 2007
C:\Program Files\Common Files\winantispyware 2007\err.log
C:\Program Files\Messenger\hory22011.exe
C:\Program Files\TrustIn Bar
C:\Program Files\Windows Media Player\lavujadu.dll
C:\Program Files\Windows Media Player\lavujadu574.dll
C:\Program Files\Windows Media Player\profsywuywue.html
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\Temp\fse
C:\Temp\fse\tmpZTF.log
C:\WINDOWS\system32\bnihreg.dll
C:\WINDOWS\system32\drivers\fopn.sys
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\f02WtR
C:\WINDOWS\system32\gsxfoekv.exe
C:\WINDOWS\system32\H7
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\pmkjh.dll
C:\WINDOWS\SYSTEM32\pqtwa.bak1
C:\WINDOWS\system32\vtsts.dll
C:\WINDOWS\system32\wpcap.dll
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_DOMAINSERVICE
-------\LEGACY_FOPN
-------\LEGACY_NETWORK_MONITOR
-------\LEGACY_NPF
-------\DomainService
-------\NPF
((((((((((((((((((((((((( Files Created from 2007-08-01 to 2007-09-01 )))))))))))))))))))))))))))))))
2007-09-01 15:05 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-09-01 14:55 <DIR> d-------- C:\VundoFix Backups
2007-09-01 02:10 <DIR> d-------- C:\DOCUME~1\R1D43~1.MAR\APPLIC~1\TrojanHunter
2007-09-01 01:39 <DIR> d-------- C:\Program Files\TrojanHunter 4.7
2007-08-31 12:38 393,224 --a------ C:\sysuxwu.exe
2007-08-31 11:32 512,096 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\amon.sys
2007-08-31 11:32 298,104 --a------ C:\WINDOWS\SYSTEM32\imon.dll
2007-08-31 11:32 15,424 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\nod32drv.sys
2007-08-31 10:51 <DIR> d-------- C:\DOCUME~1\R1D43~1.MAR\.housecall6.6
2007-08-31 09:20 89,088 --a------ C:\WINDOWS\SYSTEM32\atl71.dll
2007-08-31 09:20 5,585 --a------ C:\WINDOWS\SYSTEM32\ssqro.dll
2007-08-31 09:15 <DIR> d--hs---- C:\WINDOWS\Ui4gTWFyayBBbmRlcnNvbg
2007-08-31 09:15 <DIR> d-------- C:\WINDOWS\SYSTEM32\drvr2
2007-08-31 09:15 <DIR> d-------- C:\WINDOWS\SYSTEM32\cfig322
2007-08-31 09:15 <DIR> d-------- C:\WINDOWS\SYSTEM32\capcom
2007-08-27 22:48 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Actify
2007-08-26 13:23 25,437 --a------ C:\WINDOWS\SYSTEM32\LANPRESS.DLL
2007-08-26 13:23 <DIR> d-------- C:\Program Files\Speed Stream
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-31 23:30 --------- d-------- C:\DOCUME~1\R1D43~1.MAR\APPLIC~1\nView_Wallpaper
2007-08-31 18:17 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-08-31 15:07 --------- d-------- C:\Program Files\Trend Micro
2007-08-29 18:01 --------- d-------- C:\DOCUME~1\R1D43~1.MAR\APPLIC~1\AdobeUM
2007-08-28 10:31 --------- d-------- C:\Program Files\Solid Edge V19
2007-08-26 21:16 --------- d-------- C:\Program Files\RssReader
2006-11-16 13:09 9232 --a------ C:\DOCUME~1\R1D43~1.MAR\mqdmmdfl.sys
2006-11-16 13:09 92064 --a------ C:\DOCUME~1\R1D43~1.MAR\mqdmmdm.sys
2006-11-16 13:09 79328 --a------ C:\DOCUME~1\R1D43~1.MAR\mqdmserd.sys
2006-11-16 13:09 66656 --a------ C:\DOCUME~1\R1D43~1.MAR\mqdmbus.sys
2006-11-16 13:09 6208 --a------ C:\DOCUME~1\R1D43~1.MAR\mqdmcmnt.sys
2006-11-16 13:09 5936 --a------ C:\DOCUME~1\R1D43~1.MAR\mqdmwhnt.sys
2006-11-16 13:09 4048 --a------ C:\DOCUME~1\R1D43~1.MAR\mqdmcr.sys
2006-11-16 13:09 25600 --a------ C:\DOCUME~1\R1D43~1.MAR\usbsermptxp.sys
2006-11-16 13:09 22768 --a------ C:\DOCUME~1\R1D43~1.MAR\usbsermpt.sys
2006-06-12 11:10 991 --a------ C:\Program Files\INSTALL.LOG
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 01:01]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 23:32]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 15:57]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2004-05-29 16:52]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2004-05-29 16:52]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 10:44]
"DVDTray"="C:\Program Files\HP DVD\Umbrella\DVDTray.exe" [2004-09-03 13:14]
"DVDBitSet"="C:\Program Files\HP DVD\Umbrella\DVDBitSet.exe" [2003-12-18 17:37]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-03-15 02:04]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-08-31 11:31]
"THGuard"="C:\Program Files\TrojanHunter 4.7\THGuard.exe" [2007-08-11 20:49]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-11-15 16:18]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-04-14 16:56]
"RssReader"="C:\Program Files\RssReader\RssReader.exe" []
C:\DOCUME~1\ADMINI~1\STARTM~1\Programs\Startup\
DESKTOP.INI [2004-03-20 13:58:38]
C:\DOCUME~1\DEFAUL~1\STARTM~1\Programs\Startup\
DESKTOP.INI [2005-09-28 14:10:21]
C:\DOCUME~1\R1D43~1.MAR\STARTM~1\Programs\Startup\
DESKTOP.INI [2004-03-20 13:58:38]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\STARTM~1\Programs\Startup\
DESKTOP.INI [2004-03-20 13:58:38]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoDispBackgroundPage"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= C:\Program Files\Windows Media Player\profsywuywue.html
FriendlyName=
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\khfgefd]
khfgefd.dll
R0 aarich;aarich;C:\WINDOWS\System32\drivers\aarich.sys
R0 AFAmgt;AFAmgt;C:\WINDOWS\System32\drivers\AFAmgt.sys
R2 ASFAgent;ASF Agent;C:\Program Files\Intel\ASF Agent\ASFAgent.exe
R2 AsfAlrt;AsfAlrt;\??\C:\WINDOWS\System32\drivers\AsfAlrt.sys
R2 MSSQL$KBMSS;MSSQL$KBMSS;C:\Program Files\Microsoft SQL Server\MSSQL$KBMSS\Binn\sqlservr.exe -sKBMSS
R2 Npser;NPser;C:\WINDOWS\System32\drivers\npser.sys
R2 RAIDStorAgent;RAID Storage Manager Agent;C:\Program Files\Dell\RAID Storage Manager\StorServ.exe
R2 WIBUKEY;WIBU-KEY Kernel Driver;C:\WINDOWS\System32\DRIVERS\Wibukey.sys
S3 brfilt;Brother MFC Filter Driver;C:\WINDOWS\System32\Drivers\Brfilt.sys
S3 brparimg;Brother Multi Function Parallel Image driver;C:\WINDOWS\System32\DRIVERS\BrParImg.sys
S3 BrParWdm;Brother WDM Parallel Driver;C:\WINDOWS\System32\Drivers\BrParwdm.sys
S3 BrSerWDM;Brother WDM Serial driver;C:\WINDOWS\System32\Drivers\BrSerWdm.sys
S3 Ip6FwHlp;IPv6 Internet Connection Firewall;C:\WINDOWS\System32\svchost.exe -k netsvcs
S3 mf;mf;C:\WINDOWS\System32\DRIVERS\mf.sys
S3 MotDev;Motorola Inc. USB Device;C:\WINDOWS\System32\DRIVERS\motodrv.sys
S3 motmodem;Motorola USB CDC ACM Driver;C:\WINDOWS\System32\DRIVERS\motmodem.sys
S3 SQLAgent$KBMSS;SQLAgent$KBMSS;C:\Program Files\Microsoft SQL Server\MSSQL$KBMSS\Binn\sqlagent.EXE -i KBMSS
S3 vgadrv;vgadrv;C:\WINDOWS\System32\DRIVERS\vgadrv.sys
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-09-01 16:29:19
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-09-01 16:29:57 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-09-01 16:29
--- E O F ---
VundoFix:
VundoFix V6.5.7
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Java version is 1.4.2.5
Old versions of java are exploitable and should be removed.
Scan started at 2:55:51 PM 9/1/2007
Listing files found while scanning....
C:\windows\system32\khffcyv.dll
C:\WINDOWS\system32\khfgefd.dll
C:\WINDOWS\System32\ststv.bak1
C:\WINDOWS\System32\ststv.bak2
C:\WINDOWS\System32\ststv.ini
C:\WINDOWS\System32\vtsts.dll
C:\windows\system32\vtuvutu.dll
Beginning removal...
Attempting to delete C:\windows\system32\khffcyv.dll
C:\windows\system32\khffcyv.dll Has been deleted!
Attempting to delete C:\WINDOWS\System32\ststv.bak1
C:\WINDOWS\System32\ststv.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\System32\ststv.bak2
C:\WINDOWS\System32\ststv.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\System32\ststv.ini
C:\WINDOWS\System32\ststv.ini Has been deleted!
Attempting to delete C:\WINDOWS\System32\vtsts.dll
C:\WINDOWS\System32\vtsts.dll Could not be deleted.
Attempting to delete C:\windows\system32\vtuvutu.dll
C:\windows\system32\vtuvutu.dll Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.5.7
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Java version is 1.4.2.5
Old versions of java are exploitable and should be removed.
Scan started at 3:00:46 PM 9/1/2007
Listing files found while scanning....
No infected files were found.
Beginning removal...
VundoFix V6.5.7
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Java version is 1.4.2.5
Old versions of java are exploitable and should be removed.
Scan started at 3:03:46 PM 9/1/2007
Listing files found while scanning....
No infected files were found.