1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

RUNDLL problem

Discussion in 'Virus & Other Malware Removal' started by monkeybro81, Sep 27, 2008.

Thread Status:
Not open for further replies.
Advertisement
  1. monkeybro81

    monkeybro81 Thread Starter

    Joined:
    Sep 27, 2008
    Messages:
    8
    When i boot up my pc straight away the first popup is a RUNDLL error that says
    "RUNDLL"
    "Error loading C:\WINDOWS\system32\iltdxdwb.dll"
    "The specified module could not be found."


    after this message around 5-10 seconds the computer hangs.
    so i cannot do anything about it as i cannot run any programs what should i do?:confused: Please help me i am using my friends computer to post this.
     
    monkeybro81, Sep 27, 2008
    #1
  3. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    Press F8 at boot time

    boot to safe mode with networking & then do this

    Please download http://www.malwarebytes.org/affiliates/thespykiller/mbam-setup.exe (Malwarebytes' Anti-Malware) to your desktop.

    Double-click mbam-setup.exe and follow the prompts to install the program. At the end, be sure a checkmark is placed next to the following:

    Update Malwarebytes' Anti-Malware. Launch Malwarebytes' Anti-Malware. Then click Finish.

    If an update is found, it will download and install the latest version. Press Update to make sure the latest database is loaded.
    Once the program has loaded, select Perform quick scan, then click Scan.
    When the scan is complete, click OK, then Show Results to view the results.
    Be sure that everything is checked, and click Remove Selected.
    When completed, a log will open in Notepad.
    Please include this log in your next reply.

    that will run in safe mode & after it has fixed things it should let you boot normally
     
    dvk01, Sep 27, 2008
    #2
  4. monkeybro81

    monkeybro81 Thread Starter

    Joined:
    Sep 27, 2008
    Messages:
    8
    Erm i done everything you told me to do and i ended up without the error
    message but the computer still hangs after around 10mins
     
    monkeybro81, Sep 28, 2008
    #3
  5. monkeybro81

    monkeybro81 Thread Starter

    Joined:
    Sep 27, 2008
    Messages:
    8
    Now it does no hang anymore.BUT is RESTARTS???!!!??? how?????? help me pls someone.
     
    monkeybro81, Sep 28, 2008
    #4
  6. monkeybro81

    monkeybro81 Thread Starter

    Joined:
    Sep 27, 2008
    Messages:
    8
    this are the logs
    Malwarebytes' Anti-Malware 1.28
    Database version: 1217
    Windows 5.1.2600 Service Pack 2

    9/28/2008 2:32:29 PM
    mbam-log-2008-09-28 (14-32-29).txt

    Scan type: Quick Scan
    Objects scanned: 47983
    Time elapsed: 4 minute(s), 4 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 18
    Registry Keys Infected: 44
    Registry Values Infected: 99
    Registry Data Items Infected: 3
    Folders Infected: 0
    Files Infected: 109

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    C:\WINDOWS\system32\nnnnNEVo.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\xppobasg.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\murpxh.dll (Trojan.Vundo) -> Delete on reboot.
    C:\WINDOWS\system32\mlJYsQgG.dll (Trojan.Vundo) -> Delete on reboot.
    C:\WINDOWS\system32\dqcdqynn.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\comuidsg.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\WINDOWS\system32\ieabribh.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\WINDOWS\system32\izyxfozn.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\WINDOWS\system32\bvpwqlpo.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\imgutilhx2.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\rasdlgcq.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\inetresdxc.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\cliconfgzx.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\poiooujb.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\adsntzt.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\certmgrkd.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\scrruncqsj.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\HBmhly.dll (Spyware.OnlineGames) -> Delete on reboot.

    Registry Keys Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{89b0f5b6-fd47-419e-a575-c55cf015a09d} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{89b0f5b6-fd47-419e-a575-c55cf015a09d} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e525b124-28e1-4d57-b784-b2aabfbbfa66} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mljysqgg (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{e525b124-28e1-4d57-b784-b2aabfbbfa66} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eb618e53-5f10-4f61-9576-d41f5cd574b3} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{eb618e53-5f10-4f61-9576-d41f5cd574b3} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_CLASSES_ROOT\thunderadvise.thunderhlpobj (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\thunderadvise.thunderhlpobj.1 (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{da1de019-a6a8-ed40-4b87-248b2a93de99} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{898e02ab-9372-4a2c-9c4a-ffe1af61097f} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{da191de0-aa86-4ed0-4b87-292a3d48be99} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{eb9660d8-e1cd-4ff0-b4a9-00cd907f928a} (Spyware.OnlineGames) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{21be5fdf-d4cb-4850-ad99-21e68b50bf3f} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{65056902-6e7b-4bd7-95ba-688db5fa5beb} (Spyware.OnlineGames) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{6b9fead7-4319-4312-ab05-d8c9cd255bfe} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{434fa69c-5f0a-42e1-82b8-10af2c8e53c6} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{da191de0-aa86-4ed0-4b87-293d48b2ae99} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{2876d76c-caaa-4313-af97-8d1d9a2a1087} (Trojan.Agent) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{71a78cd4-e470-4a18-8457-e0e0283dd507} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{da56b183-a731-402b-9235-2cb8803e212d} (Trojan.Agent) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{2cb77746-8ecc-40ca-8217-10ca8be5efc8} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{f0c9fbc2-6fa2-479d-b65d-f9d65c613ecc} (Trojan.Agent) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{bb4e3499-0132-4d3f-849a-2be1b26d84e1} (Trojan.Agent) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{7a6df30e-d0f2-446f-b4f0-bf4232d60e07} (Trojan.Agent) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{76d44356-b494-443a-bedc-aa68de4255e6} (Trojan.Agent) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{e0f3526a-4165-4589-80cd-50b6fbac3bda} (Trojan.Agent) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{9e8287b0-0f3a-48ae-99c5-a6e0aac36bc5} (Trojan.Agent) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{d3112b69-a745-4805-874e-abd480ea1299} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{00240024-0024-0024-0024-00240024bb15} (Trojan.Agent) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{f0930a2f-d971-4828-8209-b7dfd266ed44} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\hbkernel32 (Backdoor.Bot) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\hbkernel32 (Backdoor.Bot) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\hbkernel32 (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hbkernel32 (Backdoor.Bot) -> Delete on reboot.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\1cac7a6c (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{e525b124-28e1-4d57-b784-b2aabfbbfa66} (Trojan.Vundo) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\sysocmgr (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{898e02ab-9372-4a2c-9c4a-ffe1af61097f} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\comuidsg.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{eb9660d8-e1cd-4ff0-b4a9-00cd907f928a} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\slbiopfs2.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\zqhlcfqk.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\dgiobciw.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ieabribh.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{65056902-6e7b-4bd7-95ba-688db5fa5beb} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\mstimewd.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\oktfzlvv.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\zpafzkoj.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\vzstgmjq.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\izyxfozn.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\msnmsg (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{2876d76c-caaa-4313-af97-8d1d9a2a1087} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\dpvvoxmh.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\bvpwqlpo.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{da56b183-a731-402b-9235-2cb8803e212d} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\imgutilhx2.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{f0c9fbc2-6fa2-479d-b65d-f9d65c613ecc} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\rasdlgcq.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{bb4e3499-0132-4d3f-849a-2be1b26d84e1} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\inetresdxc.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{7a6df30e-d0f2-446f-b4f0-bf4232d60e07} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\cliconfgzx.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{76d44356-b494-443a-bedc-aa68de4255e6} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\dispexcb.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\poiooujb.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{e0f3526a-4165-4589-80cd-50b6fbac3bda} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\adsntzt.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{9e8287b0-0f3a-48ae-99c5-a6e0aac36bc5} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\certmgrkd.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{00240024-0024-0024-0024-00240024bb15} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\scrruncqsj.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\htgvejzb.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\jaqibozl.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\tqteffql.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\pfcgigxn.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\gskwhsth.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\njzsdhoe.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\jmngulfk.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\lfpcumpa.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\uownismw.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\eztlbvlk.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\vwhtinzs.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\rltvftgr.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\jnddkyay.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\bjqabuio.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\vkviguvq.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\rjpdqfdr.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\pdwnudpy.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\jmgjsbwi.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\jzakjwja.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\avicapwm.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\zhyskdcu.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ntxjaxhz.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\qfadgpoz.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\twainyy.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\dkogqpdx.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\jngunuqd.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\qrefsbkp.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\mlfivtrq.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\kmvyhqab.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\hinaxztw.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\thunderadvise (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\lweurqhx.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\aflnoqvb.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\tozgcwmh.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\sfytmeij.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\dgvfjxud.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\qbakpwdl.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\tscfgwmijxsj.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\cdencjcg.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\fzqbkxsr.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\vlzwlwwr.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\srymexsw.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\mhwiiwxl.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\eqhokbrw.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\bootvidgj.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\bgpjsluk.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ogzdodqs.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\oghswhws.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\malbfynv.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\enhvkhgi.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\xolehlpjh.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\cppafobi.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\tnznfvfj.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\kzidyhxc.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\gnmxzuol.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\xhhcmpik.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\3PMmUpdate (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HBService32 (Trojan.Agent) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winsysm (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winsysw (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\amva (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm1f9f49f0 (Trojan.Agent) -> Delete on reboot.

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\nnnnnevo -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\nnnnnevo -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\WINDOWS\system32\wqzymf.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\mlJYsQgG.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\nnnnNEVo.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\oVENnnnn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\oVENnnnn.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\lkvsljwx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\xwjlsvkl.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\xphvkoqp.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\pqokvhpx.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\xppobasg.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\gsaboppx.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\murpxh.dll (Trojan.Vundo) -> Delete on reboot.
    C:\WINDOWS\system32\dqcdqynn.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\sysocmgr.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\comuidsg.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\WINDOWS\AppPatch\DesktopWin.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ieabribh.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\WINDOWS\system32\izyxfozn.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Program Files\Messenger\msgmr.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\bvpwqlpo.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\imgutilhx2.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\rasdlgcq.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\inetresdxc.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\cliconfgzx.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\poiooujb.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\adsntzt.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\certmgrkd.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\scrruncqsj.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\linkinfo.dll (Trojan.Downloader) -> Delete on reboot.
    C:\WINDOWS\system32\ampxhgns.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\apycdvna.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\arwjwste.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\cmbdaf.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\cxpzqv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\dfjrojsw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\fpsyxrvu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\fpvwuj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\gfasmvwy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\gkjmaddk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\gprwcejl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\gucpoxmc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ifbmavfe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\jpaepk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\jrmtfcos.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\jwdmqgdj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\kkcxnhsc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\kkkdxn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\lgxybc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\mcromv.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\mhelxeng.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\mhffdl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\mtncaggc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\nblfpllh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\nbwkva.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\nngcnnrt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\npprql.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
     
    monkeybro81, Sep 28, 2008
    #5
  7. monkeybro81

    monkeybro81 Thread Starter

    Joined:
    Sep 27, 2008
    Messages:
    8
    C:\WINDOWS\system32\ohgyvmao.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\qxfel.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\rutqafyw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ssqPIyAQ.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\svftcmot.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ulojdinb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\vgwebefj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\wcjfws.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\wcnarkgg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\wllame.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\wlwxbaoo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\xsrsoq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ykcodpat.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\yofple.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\yqvvlaey.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ywypao.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\zfashl.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\cdralw.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\WINDOWS\Temp\wmsetup.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Fatboy\Local Settings\Temp\wmsetup.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\7NCTSGE4\1b[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\7NCTSGE4\26[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\7NCTSGE4\30[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\7NCTSGE4\b[1].gif (Spyware.OnLineGames) -> Quarantined and deleted successfully.
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\7NCTSGE4\update[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MX17RM6O\1b[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MX17RM6O\23[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MX17RM6O\29[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MX17RM6O\30[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MX17RM6O\abb[1].gif (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MX17RM6O\d[1].gif (Virus.Alman) -> Quarantined and deleted successfully.
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\VZWIZAGW\23[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\VZWIZAGW\27[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\VZWIZAGW\28[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\VZWIZAGW\31[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\VZWIZAGW\update[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\ZLKX0E3V\26[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\ZLKX0E3V\28[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Fatboy\Local Settings\Temporary Internet Files\Content.IE5\O72XGT01\upd105320[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Fatboy\Local Settings\Temporary Internet Files\Content.IE5\Q9MBOVQR\nd82m0[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
    C:\WINDOWS\Update.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\System.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\HBKernel32.sys (Backdoor.Bot) -> Delete on reboot.
    C:\WINDOWS\350102M.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\WINDOWS\350102L.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\amvo.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\amvo0.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\uukpaipg.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\BM1f9f49f0.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\BM1f9f49f0.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\HBmhly.dll (Spyware.OnlineGames) -> Delete on reboot.
     
    monkeybro81, Sep 28, 2008
    #6
  8. monkeybro81

    monkeybro81 Thread Starter

    Joined:
    Sep 27, 2008
    Messages:
    8
    Malwarebytes' Anti-Malware 1.28
    Database version: 1217
    Windows 5.1.2600 Service Pack 2

    9/28/2008 3:28:08 PM
    mbam-log-2008-09-28 (15-28-08).txt

    Scan type: Full Scan (C:\|)
    Objects scanned: 96283
    Time elapsed: 14 minute(s), 6 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 4
    Registry Values Infected: 1
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 99

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\hbkernel32 (Backdoor.Bot) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\hbkernel32 (Backdoor.Bot) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\hbkernel32 (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hbkernel32 (Backdoor.Bot) -> Delete on reboot.

    Registry Values Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HBService32 (Trojan.Agent) -> Delete on reboot.

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\Documents and Settings\Fatboy\Local Settings\Temp\wmsetup.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Fatboy\Local Settings\Temporary Internet Files\Content.IE5\Q9MBOVQR\abb[1].gif (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010149.dll (Trojan.Small) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010161.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010198.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010217.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010233.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010299.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010300.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010305.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010330.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010359.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010376.dll (Trojan.Small) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010378.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010408.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010419.dll (Trojan.Small) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010423.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0012403.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0013407.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0013434.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0014429.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0015434.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0016429.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0016441.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0017433.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0017455.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0017462.dll (Trojan.Small) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0019455.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0020454.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0020486.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0021483.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0021496.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0022490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0024490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0026490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0027490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0028490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0029491.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0030490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0031490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0033490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0034490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0035491.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0036490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0037490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0040491.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041482.sys (Trojan.Alman) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041500.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041502.dll (Trojan.Small) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041503.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041505.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041506.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041507.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041508.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041509.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041510.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041511.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041512.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041513.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041514.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041515.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041516.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041517.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041518.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041519.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041520.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041521.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041522.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041523.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041524.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041525.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041526.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041527.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041528.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041529.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041530.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041531.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041532.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041533.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041534.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041535.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041536.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041537.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041538.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041539.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041540.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041541.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041542.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041543.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041544.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041545.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041546.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041547.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041548.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041572.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041573.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041574.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041575.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\HBKernel32.sys (Backdoor.Bot) -> Delete on reboot.
     
    monkeybro81, Sep 28, 2008
    #7
  9. monkeybro81

    monkeybro81 Thread Starter

    Joined:
    Sep 27, 2008
    Messages:
    8
    The error message is gone it does not hang anymore but it restarts after i use it for like 10mins-15mins
     
    monkeybro81, Sep 28, 2008
    #8
  10. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    That sounds like overheating

    & is probably a blocked fan on CPU

    run MBAM again & post its new log as there looks like still some infections there
     
    dvk01, Sep 28, 2008
    #9
  11. monkeybro81

    monkeybro81 Thread Starter

    Joined:
    Sep 27, 2008
    Messages:
    8
    Malwarebytes' Anti-Malware 1.28
    Database version: 1217
    Windows 5.1.2600 Service Pack 2

    9/29/2008 8:05:06 PM
    mbam-log-2008-09-29 (20-05-06).txt

    Scan type: Full Scan (C:\|)
    Objects scanned: 95685
    Time elapsed: 1 hour(s), 9 minute(s), 13 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 3
    Registry Values Infected: 1
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 1

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hbkernel32 (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\hbkernel32 (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hbkernel32 (Backdoor.Bot) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HBService32 (Trojan.Agent) -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\WINDOWS\system32\drivers\HBKernel32.sys (Backdoor.Bot) -> Delete on reboot.
     
    monkeybro81, Oct 3, 2008
    #10
  12. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    next stage

    Please visit Combofix Guide & Instructions for instructions for downloading and running ComboFix: especially follow the advice about installing the recovery console

    Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall

    Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
    Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply

    and tell us if it is still shutting down all the time
     
    dvk01, Oct 5, 2008
    #11

  13. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - RUNDLL problem
  1. kanyder

    In Progress RunDLL: Problem StartupCheckLibrary.dll AND winscomrssrv.dll

    kanyder, Oct 10, 2019, in forum: Virus & Other Malware Removal
    Replies:
    12
    Views:
    459
    kanyder
    Oct 17, 2019 at 9:48 AM
  2. thelonetraveller

    In Progress RunDLL: Problem StartupCheckLibrary.dll AND winscomrssrv.dll

    thelonetraveller, Sep 28, 2019, in forum: Virus & Other Malware Removal
    Replies:
    1
    Views:
    321
    iMacg3
    Sep 29, 2019
  3. abduh33

    New rundll error

    abduh33, Sep 7, 2019, in forum: Virus & Other Malware Removal
    Replies:
    8
    Views:
    565
    abduh33
    Sep 9, 2019
  4. Tigerwout

    Weird internet connection problem

    Tigerwout, Oct 14, 2019 at 7:29 AM, in forum: Virus & Other Malware Removal
    Replies:
    14
    Views:
    385
    Couriant
    Oct 16, 2019 at 11:45 AM
  5. pujarisanjay

    New operating system problem

    pujarisanjay, Sep 8, 2019, in forum: Virus & Other Malware Removal
    Replies:
    2
    Views:
    446
    Cookiegal
    Sep 8, 2019
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/753750

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice