Tech Support Forum - View Single Post - [SOLVED] Possible Trojan Vondu virus and slow performance.

Katana · 12-05-2008, 05:07 AM

That looks like the same log from Combofix, please try again.

Custom CFScript

Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

Code:

File::
C:\Program Files\MUSICMATCH\Common\ComponentMgr\HoldingArea\WebSys2\WebSys.mmz
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\WebSys\offline.mmz
c:\windows\Tasks\EasyShare Registration Task.job
Folder::
c:\documents and settings\All Users\Application Data\830483350
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"=-
"SpybotSD TeaTimer"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MMTray"=-
"ISUSPM Startup"=-
"ISUSScheduler"=-
"Share-to-Web Namespace Daemon"=-
"dscactivate"=-
"DellSupportCenter"=-
"582137331"=-
"SunJavaUpdateSched"=-
"Adobe Reader Speed Launcher"=-

Save this as CFScript.txt and place it on your desktop.
Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own. This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper

12-05-2008, 05:07 AM	#8 (permalink)
Katana Analyst, Security Team Join Date: Nov 2007 Location: Manchester, UK Posts: 1,361 OS: W2K SP4 + XP SP2 + Vista	Re: Possible Trojan Vondu virus and slow performance. That looks like the same log from Combofix, please try again. Custom CFScript Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below: Code: File:: C:\Program Files\MUSICMATCH\Common\ComponentMgr\HoldingArea\WebSys2\WebSys.mmz C:\Program Files\MUSICMATCH\Musicmatch Jukebox\WebSys\offline.mmz c:\windows\Tasks\EasyShare Registration Task.job Folder:: c:\documents and settings\All Users\Application Data\830483350 Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DellSupport"=- "SpybotSD TeaTimer"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MMTray"=- "ISUSPM Startup"=- "ISUSScheduler"=- "Share-to-Web Namespace Daemon"=- "dscactivate"=- "DellSupportCenter"=- "582137331"=- "SunJavaUpdateSched"=- "Adobe Reader Speed Launcher"=- Save this as CFScript.txt and place it on your desktop. Referring to the screenshot above, drag CFScript.txt into ComboFix.exe. ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal. When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply. CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall. Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system. A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own. This tool is not a toy and not for everyday use. ComboFix SHOULD NOT be used unless requested by a forum helper __________________