Jump to content
Sign in to follow this  
RonB

O.K., Whats Going On Here...

Recommended Posts

Hi,

I am running the free copy and was thinking about upgrading to the pay version BUT.

When I run a scan SAS comes up with an adware with 5 instances in two places. It's named Vondu or Varient.

Clean it out and restart...Scan again and the same adware comes up in the same places!!??

Whats going on? Is this a false positive from something in my system or should I be concerned?

Thanks much for any ideas, comments or suggestions...all MUCH appreciated!

Cheers, RonB

Share this post


Link to post
Share on other sites

Here you go. Two scan logs, one from today as a full scan and one from yesterday as a quick scan. They both came up with the same thing. I could probably scan again right now and have the same result.

I am wondering if this adware has parts embedded somewhere that SAS does not look and is using System Restore to reset itself after each scan. I am trying to figure out how to turn off System Restore and then scan but the functions are grayed out on it's tab even though I have Admin access. The never ending fun of computers...

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 05/07/2009 at 11:28 AM

Application Version : 4.26.1002

Core Rules Database Version : 3881

Trace Rules Database Version: 1829

Scan type : Complete Scan

Total Scan Time : 00:44:26

Memory items scanned : 434

Memory threats detected : 0

Registry items scanned : 5342

Registry threats detected : 5

File items scanned : 19551

File threats detected : 1

Adware.Vundo Variant

HKLM\Software\Classes\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}

HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}

HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}\InprocServer32

HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}\InprocServer32#ThreadingModel

C:\WINDOWS\SYSTEM32\VEBIMAYO.DLL

HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 05/06/2009 at 08:55 PM

Application Version : 4.26.1002

Core Rules Database Version : 3875

Trace Rules Database Version: 1823

Scan type : Custom Scan

Total Scan Time : 00:06:16

Memory items scanned : 0

Memory threats detected : 0

Registry items scanned : 5357

Registry threats detected : 5

File items scanned : 0

File threats detected : 1

Adware.Vundo Variant

HKLM\Software\Classes\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}

HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}

HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}\InprocServer32

HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}\InprocServer32#ThreadingModel

C:\WINDOWS\SYSTEM32\VEBIMAYO.DLL

HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×