Jump to content


  • Content Count

  • Joined

  • Last visited

About raygk

  • Rank
  • Birthday 01/01/1970

Profile Information

  • Interests
  1. I am no expert but was able to remove all traces of Vundo from my computer as I mentioned earlier. Few suggestions for you: 1. After running VundoFix did it find anything? 2. Did you review what is running at startup? You could disable unneeded stuff and see if you stop the re-infection. 3. Suggest you go to http://vundofix.atribune.org/ and read the information there (and the warning). The current version of VundoFix is newer than the one I used. 4. Have you tried the forum at VundoFix home? I suggest you do. There may be an existing topic with info or you could start a new one. 5. How about taking up SUPERAntiSpy suggestion of submitting a support request here so they can run a custom dianostic of your system? Good luck.
  2. Thanks for the response. I don't know if the infection re-installed or not but it wasn't present on the 2nd use of VundoFix or on the final scan via SAS. I have also removed the backup from VundoFix so there are no traces left and I get no indication of any infection now. So I don't think any further support for this problem (if it was one) is necessary. I do very much appreciate the offer and also the interest shown by SAS program support and the great help here from fatdcuk. This speaks very highly for the program, the producers and this forum. Thanks again
  3. Yes, the files were still in the VundoFix backup folder (and appear in the SAS log). But the backed up files were still there when SAS showed a clean computer after the next scan. And the SAS scan log indicated geebb.dll as located in system32 folder (see the log file below). I still don't understand why this showed up but they are all gone now. Also noted (on a scan of a different hard drive) SAS identified a bunch of files named variations of "update.exe" which were not bad since they were added by tax programs and some are from my own programming. It appears SAS identifies any file name containing "update" as bad (?). Yes, it is easy to make them allowed items but just the same makes me wonder. Thanks for your response. ------------------------- SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 02/16/2008 at 02:39 PM Application Version : 3.9.1008 Core Rules Database Version : 3404 Trace Rules Database Version: 1396 Scan type : Quick Scan Total Scan Time : 00:07:46 Memory items scanned : 376 Memory threats detected : 0 Registry items scanned : 810 Registry threats detected : 4 File items scanned : 7362 File threats detected : 2 Adware.Vundo Variant HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59E91E4B-FAC7-46A9-AA5E-74DC655F1588} HKCR\CLSID\{59E91E4B-FAC7-46A9-AA5E-74DC655F1588} HKCR\CLSID\{59E91E4B-FAC7-46A9-AA5E-74DC655F1588}\InprocServer32 HKCR\CLSID\{59E91E4B-FAC7-46A9-AA5E-74DC655F1588}\InprocServer32#ThreadingModel C:\WINDOWS\SYSTEM32\GEEBB.DLL Trojan.Unclassifed/AffiliateBundle C:\VUNDOFIX BACKUPS\IIFFFCD.DLL.BAD ------------------------------------
  4. Thanks for the very rapid response. I downloaded the Vundofix app and ran it. It found (and backedup) 4 files: iifffcd.dll, geebb.ini, gebb.ini2 and gebb.dll and removed them. It did not run after re-boot. I then ran SAS and it said the same files were still present (although I could not see them in the C:\system32\ folder - I include hidden files in the view). I re-ran Vundofix and it ran clean with a message "No infected files were found." So, I ran SAS again. This time it found nothing! So, I guess, the trojan and spyware are gone . I have no idea why SAS found the files after Vundofix was run but "all's well that ends well". Thanks for your help.
  5. I just installed and updated SAS on my computer today. It worked great and found a trojan and adware not found by other anti-spyware applications. After it detected the problems, I quarantined the files and rebooted. I re-ran SAS again and it found the same problems which I again quarantined and re-booted. The problems are still there. My question is: What do I need to do to eliminate the problems? Both scans resulted in identical log files. Any help in riding my computer of these problems would be greatly appreciated. Here is a copy of the last log file: ------------------------------ SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 02/16/2008 at 10:59 AM Application Version : 3.9.1008 Core Rules Database Version : 3404 Trace Rules Database Version: 1396 Scan type : Quick Scan Total Scan Time : 00:08:03 Memory items scanned : 444 Memory threats detected : 2 Registry items scanned : 810 Registry threats detected : 4 File items scanned : 7608 File threats detected : 4 Trojan.Unclassifed/AffiliateBundle C:\WINDOWS\SYSTEM32\IIFFFCD.DLL C:\WINDOWS\SYSTEM32\IIFFFCD.DLL Unclassified.Unknown Origin/System C:\WINDOWS\SYSTEM32\GEEBB.DLL C:\WINDOWS\SYSTEM32\GEEBB.DLL Adware.Vundo Variant HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C845773A-2012-43F5-B94C-FDCDEF29D6D2} HKCR\CLSID\{C845773A-2012-43F5-B94C-FDCDEF29D6D2} HKCR\CLSID\{C845773A-2012-43F5-B94C-FDCDEF29D6D2}\InprocServer32 HKCR\CLSID\{C845773A-2012-43F5-B94C-FDCDEF29D6D2}\InprocServer32#ThreadingModel Adware.Vundo Variant/Rel C:\WINDOWS\SYSTEM32\BBEEG.INI Adware.Vundo-Variant/Small-A C:\WINDOWS\SYSTEM32\JUIEGAXF.DLL -----------------------------------
  • Create New...