Hi
The vundofix log shows your java is out-of-date
jre1.5.0 now has update _11 ... But jre1.6.0 is much faster...
Go to add/remove programs and uninstall any earlier versions ... (jre1.5.0.6)
Then You can go here and install the latest version of Java.
http://java.sun.com/javase/downloads/index.jsp
Scroll down the page to 'Java Runtime Environment (JRE) 6' and press the 'Download' button.
Running an out-of-date version of java is an infection risk.
-
Originally Posted by
MichiganGirl
When I start or restart my computer, something comes up that says Configuration settings have changed, and it takes me to setup, but I just exit out of setup. Does that have anything to do with any of the bugs?
Thanks again!
No this has nothing to do with malware ... it's because you've unchecked items in Msconfig (startup tab) ... just check the box which says " don't show this again"
-
Open notepad and copy/paste the text in the code box below into it:
NOTE* make sure to only highlight and copy what is inside the code box nothing out side of it.
Also ..
Pay particular attention to this :-
Make sure the word File:: is on the first line of the text file you save (no blank line above it, & no space in front of it)
Code:
File::
C:\WINDOWS\system32\rttss.bak2
C:\WINDOWS\system32\rttss.bak1
C:\WINDOWS\chhgudkA.exe
C:\WINDOWS\system32\vvdiais.dll
C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job
Folder::
C:\VundoFix Backups
C:\Temp
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3964D8D6-86D0-493A-B460-A805B5401114}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{60875658-630e-4dfa-84d3-806432bdc66d}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{706706E8-3111-423C-B165-69AD659F541C}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{72F6D9A2-853F-41ED-AC9F-62E1CB8E7639}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A8FB8EB3-183B-4598-924D-86F0E5E37085}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD4AE849-FEDD-4564-A873-D3EA7592F76B}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddayx]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljhggd]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssttr]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{ZN}]
Save this as "CFScript.txt"
Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below.
This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThis log.
steam