rrun.exe and izvma.exe Issues

Please follow the steps below:

- Run ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus RemovalMake sure you check version numbers and get all updates.

- Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.


After doing ALL of the above you still have a problem:

- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

- Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

- Run HijackThis and save your log file.

- Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).

 

Why did you post two logs? I only ask for one log! What's the difference?

Why didn't you perform ALL the steps in the READ ME first. The online scanners would have identified some of the hidden problem files that go along with the two you can see.
What steps in the READ ME FIRST did you skip. We expect all of it to be run.

By the way, those are not your only problems. You also have part of a Virtumundo infection (aklsp.dll).

Download LSP - Fix

Now run LSP-Fix.

Check the Box labeled "I know what I'm doing" and then click on the aklsp.dll file (in the “Keep” section) to select it.

Then, Select the >> button to move aklsp.dll into the Remove section.

Now, click the Finish Button. When the Repair Summary box appears, click OK.
If the file is already in the Remove section, just click finish.


Now reboot into safe mode with no network support, make sure you have no browsers opened and then run a full scan with MS Antispyware and let it fix what it finds.

After that follow the steps below:

1 - Please EXTRACT all files from Qoologic Tool to its own folder - C:\Program Files\QoologicFinder . Then, DoubleClick Find-Qoologic.bat to run the tool. It should produce a log - Please attach that with your next post!

2 - Please EXTRACT all the files form RKFiles Tool to its own folder - C:\Program Files\RKTOOL. Then, Please boot to SAFE MODE and DoubleClick rkfiles.bat to run the tool. Let it run and then, when it finishes, look for a log at C:\Log.txt and please attach that log.

 

All steps in the READ ME must be run except the one that say they are optional. The online scanners are not optional and also specifically state that. They should in fact detect some of the problems files. They may not fix it but they will list a bunch of files. The other tools I gave you to run will also help us identify the hidden components so we can create a fix.

 

Okay! Attach the logs when you complete the steps. Please post the results from the online scanners too.