Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Svchost ,rundll Pop Up Coming

  • Please log in to reply
1 reply to this topic

#1 hemase


  • Members
  • 2 posts
  • Local time:08:51 AM

Posted 18 July 2008 - 01:47 AM

I have a problem with these svchost pop up rundll popup.I have followed some instructions in this site's forum ,according that i have got hotfix log file following are that log file has
HAXFIX logfile - by Marckie

version 5.01.2
Thu 07/17/2008 15:35:34.68
running from C:\HaxFix

--- Checking for Haxdoor ---

checking for a3d files
a3d files not found

checking for matching notify keys
no matching notify keys found

checking for matching services
matching services found

checking for matching safeboot services
no matching safeboot services found

--- Checking for Goldun ---

checking for SSODL keys
no ssodl keys found

checking for notify keys
no notify keys found

checking for services
no services found

checking iexplore.exe
iexplore.exe is not infected

--- Checking for other Goldun and Haxdoor files ---
no other Haxdoor or Goldun files found

--- Catchme logfile - thank you Gmer ---

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-17 15:35:50
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

C:\WINDOWS\system32\findstr.exe [4408] 0x84E23738
C:\microsoft\svchost.exe [2116] 0x84A4A328

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]

scanning hidden files ...

C:\Documents and Settings\Company\Cookies\company@thebleepmovie[2].txt 93 bytes
C:\Documents and Settings\Company\Local Settings\Temporary Internet Files\Content.IE5\3K19ZGV0\m241[1].jpg 13557 bytes
C:\Documents and Settings\Company\Local Settings\Temporary Internet Files\Content.IE5\3K19ZGV0\tn148[1].jpg 1793 bytes
C:\Documents and Settings\Company\Local Settings\Temporary Internet Files\Content.IE5\3K19ZGV0\154[1].jpg 10198 bytes
C:\Documents and Settings\Company\Local Settings\Temporary Internet Files\Content.IE5\8J2DY2FD\66570025_JPG[1].jpg

scan completed successfully
hidden processes: 2
hidden services: 0
hidden files: 5

--- Analysing Catchme logfile ---

no matching regkeys found


after i installed haxfix i havent got that svchost popup now rundll pop up and following are my problems.
And unwanted irritating sites are automatically opened.then mouse scrolling by itself then blinking also.Cant find mouse position.How can we over come this problem.

Thanks in advance

[Moderator edit: move post to more appropriate forum. jgweed]

Edited by jgweed, 18 July 2008 - 06:59 AM.

BC AdBot (Login to Remove)


#2 boopme


    To Insanity and Beyond

  • Global Moderator
  • 73,490 posts
  • Gender:Male
  • Location:NJ USA
  • Local time:09:51 AM

Posted 22 July 2008 - 07:39 PM

Hi sorry you were missed, Is this an XP machine?
Also if you still need help,please do this scan...

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Reagardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users