RUNDLL problem

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.
M

monkeybro81

Thread Starter
Joined
Sep 27, 2008
Messages
8
When i boot up my pc straight away the first popup is a RUNDLL error that says
"RUNDLL"
"Error loading C:\WINDOWS\system32\iltdxdwb.dll"
"The specified module could not be found."


after this message around 5-10 seconds the computer hangs.
so i cannot do anything about it as i cannot run any programs what should i do?:confused: Please help me i am using my friends computer to post this.
 
dvk01

dvk01

Derek
Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
Press F8 at boot time

boot to safe mode with networking & then do this

Please download http://www.malwarebytes.org/affiliates/thespykiller/mbam-setup.exe (Malwarebytes' Anti-Malware) to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program. At the end, be sure a checkmark is placed next to the following:

Update Malwarebytes' Anti-Malware. Launch Malwarebytes' Anti-Malware. Then click Finish.

If an update is found, it will download and install the latest version. Press Update to make sure the latest database is loaded.
Once the program has loaded, select Perform quick scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad.
Please include this log in your next reply.

that will run in safe mode & after it has fixed things it should let you boot normally
 
M

monkeybro81

Thread Starter
Joined
Sep 27, 2008
Messages
8
Erm i done everything you told me to do and i ended up without the error
message but the computer still hangs after around 10mins
 
M

monkeybro81

Thread Starter
Joined
Sep 27, 2008
Messages
8
this are the logs
Malwarebytes' Anti-Malware 1.28
Database version: 1217
Windows 5.1.2600 Service Pack 2

9/28/2008 2:32:29 PM
mbam-log-2008-09-28 (14-32-29).txt

Scan type: Quick Scan
Objects scanned: 47983
Time elapsed: 4 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 18
Registry Keys Infected: 44
Registry Values Infected: 99
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 109

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\nnnnNEVo.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\xppobasg.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\murpxh.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\mlJYsQgG.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\dqcdqynn.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\comuidsg.dll (Spyware.OnlineGames) -> Delete on reboot.
C:\WINDOWS\system32\ieabribh.dll (Spyware.OnlineGames) -> Delete on reboot.
C:\WINDOWS\system32\izyxfozn.dll (Spyware.OnlineGames) -> Delete on reboot.
C:\WINDOWS\system32\bvpwqlpo.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\imgutilhx2.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\rasdlgcq.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\inetresdxc.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\cliconfgzx.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\poiooujb.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\adsntzt.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\certmgrkd.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\scrruncqsj.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\HBmhly.dll (Spyware.OnlineGames) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{89b0f5b6-fd47-419e-a575-c55cf015a09d} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{89b0f5b6-fd47-419e-a575-c55cf015a09d} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e525b124-28e1-4d57-b784-b2aabfbbfa66} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mljysqgg (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{e525b124-28e1-4d57-b784-b2aabfbbfa66} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eb618e53-5f10-4f61-9576-d41f5cd574b3} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{eb618e53-5f10-4f61-9576-d41f5cd574b3} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\thunderadvise.thunderhlpobj (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\thunderadvise.thunderhlpobj.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{da1de019-a6a8-ed40-4b87-248b2a93de99} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{898e02ab-9372-4a2c-9c4a-ffe1af61097f} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{da191de0-aa86-4ed0-4b87-292a3d48be99} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{eb9660d8-e1cd-4ff0-b4a9-00cd907f928a} (Spyware.OnlineGames) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{21be5fdf-d4cb-4850-ad99-21e68b50bf3f} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{65056902-6e7b-4bd7-95ba-688db5fa5beb} (Spyware.OnlineGames) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6b9fead7-4319-4312-ab05-d8c9cd255bfe} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{434fa69c-5f0a-42e1-82b8-10af2c8e53c6} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{da191de0-aa86-4ed0-4b87-293d48b2ae99} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2876d76c-caaa-4313-af97-8d1d9a2a1087} (Trojan.Agent) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{71a78cd4-e470-4a18-8457-e0e0283dd507} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{da56b183-a731-402b-9235-2cb8803e212d} (Trojan.Agent) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{2cb77746-8ecc-40ca-8217-10ca8be5efc8} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f0c9fbc2-6fa2-479d-b65d-f9d65c613ecc} (Trojan.Agent) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{bb4e3499-0132-4d3f-849a-2be1b26d84e1} (Trojan.Agent) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{7a6df30e-d0f2-446f-b4f0-bf4232d60e07} (Trojan.Agent) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{76d44356-b494-443a-bedc-aa68de4255e6} (Trojan.Agent) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{e0f3526a-4165-4589-80cd-50b6fbac3bda} (Trojan.Agent) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{9e8287b0-0f3a-48ae-99c5-a6e0aac36bc5} (Trojan.Agent) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{d3112b69-a745-4805-874e-abd480ea1299} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00240024-0024-0024-0024-00240024bb15} (Trojan.Agent) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{f0930a2f-d971-4828-8209-b7dfd266ed44} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\hbkernel32 (Backdoor.Bot) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\hbkernel32 (Backdoor.Bot) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\hbkernel32 (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hbkernel32 (Backdoor.Bot) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\1cac7a6c (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{e525b124-28e1-4d57-b784-b2aabfbbfa66} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\sysocmgr (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{898e02ab-9372-4a2c-9c4a-ffe1af61097f} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\comuidsg.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{eb9660d8-e1cd-4ff0-b4a9-00cd907f928a} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\slbiopfs2.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\zqhlcfqk.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\dgiobciw.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ieabribh.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{65056902-6e7b-4bd7-95ba-688db5fa5beb} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\mstimewd.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\oktfzlvv.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\zpafzkoj.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\vzstgmjq.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\izyxfozn.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\msnmsg (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{2876d76c-caaa-4313-af97-8d1d9a2a1087} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\dpvvoxmh.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\bvpwqlpo.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{da56b183-a731-402b-9235-2cb8803e212d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\imgutilhx2.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{f0c9fbc2-6fa2-479d-b65d-f9d65c613ecc} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\rasdlgcq.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{bb4e3499-0132-4d3f-849a-2be1b26d84e1} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\inetresdxc.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{7a6df30e-d0f2-446f-b4f0-bf4232d60e07} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\cliconfgzx.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{76d44356-b494-443a-bedc-aa68de4255e6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\dispexcb.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\poiooujb.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{e0f3526a-4165-4589-80cd-50b6fbac3bda} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\adsntzt.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{9e8287b0-0f3a-48ae-99c5-a6e0aac36bc5} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\certmgrkd.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{00240024-0024-0024-0024-00240024bb15} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\scrruncqsj.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\htgvejzb.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\jaqibozl.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\tqteffql.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\pfcgigxn.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\gskwhsth.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\njzsdhoe.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\jmngulfk.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\lfpcumpa.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\uownismw.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\eztlbvlk.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\vwhtinzs.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\rltvftgr.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\jnddkyay.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\bjqabuio.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\vkviguvq.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\rjpdqfdr.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\pdwnudpy.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\jmgjsbwi.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\jzakjwja.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\avicapwm.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\zhyskdcu.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ntxjaxhz.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\qfadgpoz.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\twainyy.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\dkogqpdx.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\jngunuqd.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\qrefsbkp.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\mlfivtrq.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\kmvyhqab.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\hinaxztw.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\thunderadvise (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\lweurqhx.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\aflnoqvb.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\tozgcwmh.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\sfytmeij.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\dgvfjxud.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\qbakpwdl.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\tscfgwmijxsj.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\cdencjcg.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\fzqbkxsr.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\vlzwlwwr.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\srymexsw.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\mhwiiwxl.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\eqhokbrw.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\bootvidgj.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\bgpjsluk.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ogzdodqs.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\oghswhws.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\malbfynv.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\enhvkhgi.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\xolehlpjh.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\cppafobi.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\tnznfvfj.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\kzidyhxc.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\gnmxzuol.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\xhhcmpik.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\3PMmUpdate (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HBService32 (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winsysm (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winsysw (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\amva (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm1f9f49f0 (Trojan.Agent) -> Delete on reboot.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\nnnnnevo -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\nnnnnevo -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\wqzymf.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mlJYsQgG.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\nnnnNEVo.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\oVENnnnn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oVENnnnn.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lkvsljwx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xwjlsvkl.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xphvkoqp.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pqokvhpx.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xppobasg.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\gsaboppx.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\murpxh.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\dqcdqynn.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\sysocmgr.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\comuidsg.dll (Spyware.OnlineGames) -> Delete on reboot.
C:\WINDOWS\AppPatch\DesktopWin.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ieabribh.dll (Spyware.OnlineGames) -> Delete on reboot.
C:\WINDOWS\system32\izyxfozn.dll (Spyware.OnlineGames) -> Delete on reboot.
C:\Program Files\Messenger\msgmr.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bvpwqlpo.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\imgutilhx2.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\rasdlgcq.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\inetresdxc.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\cliconfgzx.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\poiooujb.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\adsntzt.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\certmgrkd.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\scrruncqsj.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\linkinfo.dll (Trojan.Downloader) -> Delete on reboot.
C:\WINDOWS\system32\ampxhgns.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\apycdvna.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\arwjwste.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cmbdaf.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cxpzqv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dfjrojsw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fpsyxrvu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fpvwuj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gfasmvwy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gkjmaddk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gprwcejl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gucpoxmc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ifbmavfe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jpaepk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jrmtfcos.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jwdmqgdj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kkcxnhsc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kkkdxn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lgxybc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcromv.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mhelxeng.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mhffdl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mtncaggc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nblfpllh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nbwkva.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nngcnnrt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\npprql.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
 
M

monkeybro81

Thread Starter
Joined
Sep 27, 2008
Messages
8
C:\WINDOWS\system32\ohgyvmao.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qxfel.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rutqafyw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssqPIyAQ.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\svftcmot.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ulojdinb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vgwebefj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wcjfws.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wcnarkgg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wllame.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wlwxbaoo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xsrsoq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ykcodpat.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yofple.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yqvvlaey.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ywypao.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zfashl.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\cdralw.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\wmsetup.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Fatboy\Local Settings\Temp\wmsetup.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\7NCTSGE4\1b[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\7NCTSGE4\26[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\7NCTSGE4\30[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\7NCTSGE4\b[1].gif (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\7NCTSGE4\update[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MX17RM6O\1b[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MX17RM6O\23[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MX17RM6O\29[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MX17RM6O\30[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MX17RM6O\abb[1].gif (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MX17RM6O\d[1].gif (Virus.Alman) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\VZWIZAGW\23[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\VZWIZAGW\27[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\VZWIZAGW\28[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\VZWIZAGW\31[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\VZWIZAGW\update[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\ZLKX0E3V\26[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\ZLKX0E3V\28[1].gif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Fatboy\Local Settings\Temporary Internet Files\Content.IE5\O72XGT01\upd105320[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Fatboy\Local Settings\Temporary Internet Files\Content.IE5\Q9MBOVQR\nd82m0[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\Update.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\System.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\HBKernel32.sys (Backdoor.Bot) -> Delete on reboot.
C:\WINDOWS\350102M.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\350102L.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\amvo.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\amvo0.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uukpaipg.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM1f9f49f0.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM1f9f49f0.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\HBmhly.dll (Spyware.OnlineGames) -> Delete on reboot.
 
M

monkeybro81

Thread Starter
Joined
Sep 27, 2008
Messages
8
Malwarebytes' Anti-Malware 1.28
Database version: 1217
Windows 5.1.2600 Service Pack 2

9/28/2008 3:28:08 PM
mbam-log-2008-09-28 (15-28-08).txt

Scan type: Full Scan (C:\|)
Objects scanned: 96283
Time elapsed: 14 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 99

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\hbkernel32 (Backdoor.Bot) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\hbkernel32 (Backdoor.Bot) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\hbkernel32 (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hbkernel32 (Backdoor.Bot) -> Delete on reboot.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HBService32 (Trojan.Agent) -> Delete on reboot.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Fatboy\Local Settings\Temp\wmsetup.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Fatboy\Local Settings\Temporary Internet Files\Content.IE5\Q9MBOVQR\abb[1].gif (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010149.dll (Trojan.Small) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010161.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010198.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010217.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010233.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010299.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010300.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010305.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010330.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010359.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010376.dll (Trojan.Small) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010378.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010408.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010419.dll (Trojan.Small) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0010423.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0012403.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0013407.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0013434.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0014429.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP45\A0015434.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0016429.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0016441.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0017433.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0017455.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0017462.dll (Trojan.Small) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0019455.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0020454.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0020486.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0021483.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0021496.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0022490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0024490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0026490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0027490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0028490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0029491.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0030490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0031490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0033490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0034490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0035491.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0036490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0037490.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0040491.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041482.sys (Trojan.Alman) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041500.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041502.dll (Trojan.Small) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041503.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041505.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041506.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041507.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041508.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041509.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041510.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041511.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041512.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041513.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041514.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041515.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041516.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041517.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041518.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041519.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041520.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041521.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041522.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041523.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041524.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041525.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041526.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041527.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041528.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041529.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041530.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041531.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041532.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041533.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041534.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041535.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041536.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041537.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041538.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041539.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041540.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041541.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041542.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041543.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041544.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041545.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041546.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041547.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041548.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041572.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041573.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041574.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8651BD2-FBE3-4BB5-896D-965327852336}\RP49\A0041575.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\HBKernel32.sys (Backdoor.Bot) -> Delete on reboot.
 
M

monkeybro81

Thread Starter
Joined
Sep 27, 2008
Messages
8
The error message is gone it does not hang anymore but it restarts after i use it for like 10mins-15mins
 
dvk01

dvk01

Derek
Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
That sounds like overheating

& is probably a blocked fan on CPU

run MBAM again & post its new log as there looks like still some infections there
 
M

monkeybro81

Thread Starter
Joined
Sep 27, 2008
Messages
8
Malwarebytes' Anti-Malware 1.28
Database version: 1217
Windows 5.1.2600 Service Pack 2

9/29/2008 8:05:06 PM
mbam-log-2008-09-29 (20-05-06).txt

Scan type: Full Scan (C:\|)
Objects scanned: 95685
Time elapsed: 1 hour(s), 9 minute(s), 13 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hbkernel32 (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\hbkernel32 (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hbkernel32 (Backdoor.Bot) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HBService32 (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\drivers\HBKernel32.sys (Backdoor.Bot) -> Delete on reboot.
 
dvk01

dvk01

Derek
Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
next stage

Please visit Combofix Guide & Instructions for instructions for downloading and running ComboFix: especially follow the advice about installing the recovery console

Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply

and tell us if it is still shutting down all the time
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Total: 307 (members: 4, guests: 303)
Top