Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Registry Keys that are viruses will not delete!

  • Please log in to reply
1 reply to this topic

#1 nickinator17


  • Members
  • 1 posts
  • Local time:12:01 AM

Posted 01 April 2009 - 05:21 PM

Any help would greatly be appreciated. For a very long time, I didnt have any AV software or firewall, and I hadnt even downloaded any updates from Microsoft.com. So my computer got infected. Bad. But once I realized of my ignorance, i bought Kaspersky Internet Secruity along with Iolo's System Mechanics. I cleaned up my pc real nice except that their are still a few viruses that cannot be deleted by Kaspersky even after i update the databases. After doing some snooping, i found these viruses all located here:


Here are the names and Data (exactly as they appear)

CPMff28e741 Rundll32.exe "c:\windows\sysem32\tifileze.dll",a
fc1bd4dd rundll32.exe "C:\WINDOWS\system32\yofamoyu.dll",b
Ycafuqepiconihu rundll32.exe "C:\WINDOWS\iluwucob.dll",e

Now ive done my fair share of research and I know what the Rundll32.exe is and that microsft originally has them but i know these are not suppose to be their! Ive tried countless times to delete them but they jus regenerate themselves.

Please help me!! Its driving m insane. I am prepared to use HiJackThis and Combofix to get this issue resolved. Once again,any help would be geatly appreciated.

BC AdBot (Login to Remove)


#2 snowdrop


  • Members
  • 513 posts
  • Local time:11:01 PM

Posted 02 April 2009 - 02:08 PM

I am prepared to use HiJackThis and Combofix to get this issue resolved. Once again,any help would be geatly appreciated.


ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

You could try running a safer tool such as Superantispyware by following the instructions in this post


and Malwarebytes as guided in this post

if you post the reports from those maybe helpers can see what the way forward might be :thumbsup:

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users