Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Getting Pop-ups That Give Me A C++ Runtime Error


  • This topic is locked This topic is locked
7 replies to this topic

#1 Qwiggalo

Qwiggalo

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 01 April 2007 - 03:53 PM

I know how I was infected, I was trying to get Dreamweaver on my computer and I downloaded a keygen from some shifty website because I was in a hurry. I opened that file and now I have this problem that I've been holding back to fix for a few months. Last two weeks it started giving me pop-ups that would give me this Runtime Error on explorer.exe. I would have to leave it there as it would just come back but my computer would still run fine.

I really would rather not format.

I'm not illiterate in this, and went through the log and took out everything that was in there and took care of everything in my control panel ad/remove, but no success. My log looks clean now to me at least. Any ideas? I don't remember what I took out I guess I should've wrote it all out.


Logfile of HijackThis v1.99.1
Scan saved at 4:33:10 PM, on 4/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Cyberlink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\LClock\LClock.exe
E:\Program Files\UltraMon\UltraMon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\CTHELPER.EXE
E:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\vsnpstd.exe
E:\Program Files\Adobe\Adobe Photoshop Lightroom\apdproxy.exe
C:\WINDOWS\system32\WDBtnMgr.exe
E:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
E:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\program files\steam\steam.exe
E:\FRAPS\FRAPS.EXE
E:\PROGRA~1\AIM95\aim.exe
E:\Program Files\Vidalia\vidalia.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
E:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
E:\Program Files\Privoxy\privoxy.exe
E:\Program Files\My Book\WD Backup\uBBMonitor.exe
E:\Program Files\MagicDisc\MagicDisc.exe
E:\Program Files\Xfire\xfire.exe
E:\Program Files\Wowhead Client\Wowhead_Client.exe
E:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Ventrilo\Ventrilo.exe
C:\WINDOWS\system32\sndvol32.exe
C:\WINDOWS\explorer.exe
E:\Program Files\UltraMon\UltraMonTaskbar.exe
E:\Program Files\foobar2000\foobar2000.exe
E:\Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O4 - HKLM\..\Run: [LClock] "C:\Program Files\LClock\LClock.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [UltraMon] "E:\Program Files\UltraMon\UltraMon.exe" /auto
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "E:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "E:\Program Files\Adobe\Adobe Photoshop Lightroom\apdproxy.exe"
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\mjmhnbny.dll",setvm
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\tllxsvtb.dll",setvm
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Steam] "e:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Fraps] E:\FRAPS\FRAPS.EXE
O4 - HKCU\..\Run: [AIM] E:\PROGRA~1\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Vidalia] "E:\Program Files\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PeerGuardian] "E:\Program Files\PeerGuardian2\pg2.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "E:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: MagicDisc.lnk = E:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: Xfire.lnk = E:\Program Files\Xfire\xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Privoxy.lnk = E:\Program Files\Privoxy\privoxy.exe
O4 - Global Startup: WD Backup Monitor.lnk = E:\Program Files\My Book\WD Backup\uBBMonitor.exe
O4 - Global Startup: Wowhead Client.lnk = E:\Program Files\Wowhead Client\Wowhead_Client.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: AOL Instant Messenger (SM) - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - E:\PROGRA~1\AIM95\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
O10 - Broken Internet access because of LSP provider 'prxerdrv.dll' missing
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Unknown owner - E:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" -win32service (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - E:\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe

BC AdBot (Login to Remove)

 


#2 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:04:56 PM

Posted 01 April 2007 - 05:05 PM

Hello,

The fact that you don't have any security related programs installed, no firewall and no antivirus and in a meanwhile visit illegal sites to get keygens to steal your software doesn't suprise me at all that you get infected.
And then you want us to clean up the malware you allowed already because you wanted to steal software? :thumbsup:

Anyway, first you should do here is, install an antivirus and firewall, because this is somewhat suicidal in today's digital world if you don't have them installed. You post your log and you never took any responsability to try to get rid of it with the necessary scans as it is stated in the forum faq.
That's why I want you to install them first!!

Avira, AVG OR Active Virus Shield (uncheck the Security Toolbar during install) are good FREE antivirus.
Never install more than one antivirusscanner or firewall on your system! Several together can give problems and decrease the reliability of it seriously!
Comodo OR Kerio are FREE firewalls.

Understanding and using firewalls

Perform a full scan with your antivirus and let it remove anything it is finding.
Then reboot.

After reboot, post a new HijackThislog in your next reply so we can start from there.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 Qwiggalo

Qwiggalo
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 01 April 2007 - 09:45 PM

I have run ad-aware and did a full AVG scan (among other scans) prior to posting this, and I was doing these scans again during making the original post, and they haven't changed anything either.

I guess I'll have to reformat. Thank you for your time though.

--------------------------------

You probably don't care about my opinions but under this I will share them with you.

I don't need a firewall as I'm on DSL and I even have difficultly setting up a server for video games.

I used to have Panda AntiVirus but it is such an annoying program, all the other anti-virus programs I've used I find are just annoying and slow down my system. I just keep a close eye on what I run, this was just a fluke in my thinking, and I regret ever opening that file. I have learned from that though.

You may call it stealing, I call it copying, and it's more of an extended trial. I buy products I can afford and liked after my extended trials. Because of my copying I have become a professional video editor in turn giving them more business then taking away as I would have never found the profession unless I did. I will be buying Adobe CS3 because of my extended trials. I don't consider pirating stealing in my definition.

#4 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:04:56 PM

Posted 02 April 2007 - 04:32 AM

I used to have Panda AntiVirus but it is such an annoying program, all the other anti-virus programs I've used I find are just annoying and slow down my system

malware slows down the system even more, damages and steals personal info. So the choice shouldn't be that hard though. But that's your call ofcourse.

Concerning pirated software - it's always a risk if you want to use/have it, because you never know what you download. Also, malware is lurking where you can get the pirated software/hacks/cracks.
If you want to take that risk, that's fine for me, but don't complain afterwards that it damaged your system. It's your choice.

A format will not be needed here imho, we can solve this manually, but for that I really want you to install an Antivirus. That's at least a step you have to perform if you want this system clean again - so it can already delete a lot.

Then post a new Hijackthislog. Also, Can you rename Hijackthis.exe to Analyse.exe
Then scan with Analyse.exe and post the log in your next reply (which will be a hijackthislog ofcourse)
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#5 Qwiggalo

Qwiggalo
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 04 April 2007 - 05:55 AM

Sorry, no anti-virus still but pop-ups are now gone!

After a trip to VundoFix, and changing HijackThis.exe to Analyze.exe.

Here's what Vundo... fixed. Yuck.

VundoFix V6.3.19

Checking Java version...

Java version is 1.5.0.7
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Java version is 1.5.0.11

Scan started at 6:52:33 PM 4/3/2007

Listing files found while scanning....

C:\WINDOWS\system32\aclscafo.exe
C:\WINDOWS\system32\adxbqjtd.exe
C:\WINDOWS\system32\anqjmhlw.exe
C:\WINDOWS\system32\aobkhnbe.exe
C:\WINDOWS\system32\aqclusip.dll
C:\WINDOWS\system32\bakmpypo.exe
C:\WINDOWS\system32\bbafwude.dll
C:\WINDOWS\system32\bfkwduex.dll
C:\WINDOWS\system32\bldnfatv.exe
C:\WINDOWS\system32\btvsxllt.ini
C:\WINDOWS\system32\byxuroo.dll
C:\WINDOWS\system32\cmekukua.exe
C:\WINDOWS\system32\dqhxdeef.exe
C:\WINDOWS\system32\ecvhgwkk.exe
C:\WINDOWS\system32\eiadesou.dll
C:\WINDOWS\system32\enkbiglp.exe
C:\WINDOWS\system32\entwmofa.exe
C:\WINDOWS\system32\erkaxfgn.exe
C:\WINDOWS\system32\esfbtpbe.exe
C:\WINDOWS\system32\exphrsus.exe
C:\WINDOWS\system32\fdwdtfaa.dll
C:\WINDOWS\system32\femokukg.exe
C:\WINDOWS\system32\fheerngn.exe
C:\WINDOWS\system32\ftlklksr.exe
C:\WINDOWS\system32\gqrfdjqr.exe
C:\WINDOWS\system32\gtnttwck.dll
C:\WINDOWS\system32\hghgacqf.dll
C:\WINDOWS\system32\hiynucwp.exe
C:\WINDOWS\system32\hpteqgma.exe
C:\WINDOWS\system32\htkptrip.exe
C:\WINDOWS\system32\hymqfbnq.dll
C:\WINDOWS\system32\iklbajlf.exe
C:\WINDOWS\system32\ikwemnwe.exe
C:\WINDOWS\system32\iliuwxea.dll
C:\WINDOWS\system32\ilyooceu.exe
C:\WINDOWS\system32\imyicakw.exe
C:\WINDOWS\system32\jenlblyd.dll
C:\WINDOWS\system32\jftavkix.exe
C:\WINDOWS\system32\jgolyqvt.exe
C:\WINDOWS\system32\jiyrbkfk.exe
C:\WINDOWS\system32\jnaucnju.exe
C:\WINDOWS\system32\jxgylgkh.exe
C:\WINDOWS\system32\kgqjddgm.exe
C:\WINDOWS\system32\knbwstfc.dll
C:\WINDOWS\system32\koaffapp.exe
C:\WINDOWS\system32\kwinfqge.exe
C:\WINDOWS\system32\lwpexvsh.dll
C:\WINDOWS\system32\meidhiym.exe
C:\WINDOWS\system32\meyggmhg.dll
C:\WINDOWS\system32\mhcxpesl.exe
C:\WINDOWS\system32\mhowicwu.dll
C:\WINDOWS\system32\midfwyer.exe
C:\WINDOWS\system32\mjmhnbny.dll
C:\WINDOWS\system32\mpvxbowj.exe
C:\WINDOWS\system32\mwhywoxj.exe
C:\WINDOWS\system32\mxbdyify.exe
C:\WINDOWS\system32\nemdmssn.exe
C:\WINDOWS\system32\oakgudcj.exe
C:\WINDOWS\system32\osuphobq.exe
C:\WINDOWS\system32\prjxfxuc.exe
C:\WINDOWS\system32\qcjtmjmp.dll
C:\WINDOWS\system32\qdgvdpfb.dll
C:\WINDOWS\system32\qecgbpgb.exe
C:\WINDOWS\system32\qgkhvrxh.exe
C:\WINDOWS\system32\qjeqbvwu.exe
C:\WINDOWS\system32\qjvdamvq.exe
C:\WINDOWS\system32\qkutctxq.exe
C:\WINDOWS\system32\rayemhts.dll
C:\WINDOWS\system32\rfjlgvxw.exe
C:\WINDOWS\system32\sfgapxcd.exe
C:\WINDOWS\system32\stasslgg.exe
C:\WINDOWS\system32\svehvkxt.exe
C:\WINDOWS\system32\svxuvukn.dll
C:\WINDOWS\system32\tbjndetn.exe
C:\WINDOWS\system32\tllxsvtb.dll
C:\WINDOWS\system32\tlprsryj.exe
C:\WINDOWS\system32\ttvloaic.exe
C:\WINDOWS\system32\uflsoqpa.exe
C:\WINDOWS\system32\ujragenv.exe
C:\WINDOWS\system32\uobpmepm.exe
C:\WINDOWS\system32\usjflgpv.exe
C:\WINDOWS\system32\vohpnuul.dll
C:\WINDOWS\system32\vtsqn.dll
C:\WINDOWS\system32\vwtytcit.exe
C:\WINDOWS\system32\waxstlyi.exe
C:\WINDOWS\system32\wbtjcret.dll
C:\WINDOWS\system32\wjhaofyv.exe
C:\WINDOWS\system32\wpiguobj.exe
C:\WINDOWS\system32\wpmbyidl.dll
C:\WINDOWS\system32\wrjdjagc.exe
C:\WINDOWS\system32\wtauqdxm.exe
C:\WINDOWS\system32\wvdlgldb.dll
C:\WINDOWS\system32\xepqhxkb.exe
C:\WINDOWS\system32\xfomskbx.exe
C:\WINDOWS\system32\xfrvaisq.exe
C:\WINDOWS\system32\xggxqvfe.dll
C:\WINDOWS\system32\xjqrkfmf.exe
C:\WINDOWS\system32\xjrxjety.exe
C:\WINDOWS\system32\xklrrtra.exe
C:\WINDOWS\system32\xnydwxxx.dll
C:\WINDOWS\system32\xperaddo.exe
C:\WINDOWS\system32\ylxuesri.exe
C:\WINDOWS\system32\ynbnhmjm.ini
C:\WINDOWS\system32\yvrxsuvb.exe

Beginning removal...

Beginning removal...

Attempting to delete C:\WINDOWS\system32\aclscafo.exe
C:\WINDOWS\system32\aclscafo.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\adxbqjtd.exe
C:\WINDOWS\system32\adxbqjtd.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\anqjmhlw.exe
C:\WINDOWS\system32\anqjmhlw.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\aobkhnbe.exe
C:\WINDOWS\system32\aobkhnbe.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\aqclusip.dll
C:\WINDOWS\system32\aqclusip.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\bakmpypo.exe
C:\WINDOWS\system32\bakmpypo.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\bbafwude.dll
C:\WINDOWS\system32\bbafwude.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\bfkwduex.dll
C:\WINDOWS\system32\bfkwduex.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\bldnfatv.exe
C:\WINDOWS\system32\bldnfatv.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\btvsxllt.ini
C:\WINDOWS\system32\btvsxllt.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\byxuroo.dll
C:\WINDOWS\system32\byxuroo.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\cmekukua.exe
C:\WINDOWS\system32\cmekukua.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\dqhxdeef.exe
C:\WINDOWS\system32\dqhxdeef.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\ecvhgwkk.exe
C:\WINDOWS\system32\ecvhgwkk.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\eiadesou.dll
C:\WINDOWS\system32\eiadesou.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\enkbiglp.exe
C:\WINDOWS\system32\enkbiglp.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\entwmofa.exe
C:\WINDOWS\system32\entwmofa.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\erkaxfgn.exe
C:\WINDOWS\system32\erkaxfgn.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\esfbtpbe.exe
C:\WINDOWS\system32\esfbtpbe.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\exphrsus.exe
C:\WINDOWS\system32\exphrsus.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\fdwdtfaa.dll
C:\WINDOWS\system32\fdwdtfaa.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\femokukg.exe
C:\WINDOWS\system32\femokukg.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\fheerngn.exe
C:\WINDOWS\system32\fheerngn.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\ftlklksr.exe
C:\WINDOWS\system32\ftlklksr.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\gqrfdjqr.exe
C:\WINDOWS\system32\gqrfdjqr.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\gtnttwck.dll
C:\WINDOWS\system32\gtnttwck.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\hghgacqf.dll
C:\WINDOWS\system32\hghgacqf.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\hiynucwp.exe
C:\WINDOWS\system32\hiynucwp.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\hpteqgma.exe
C:\WINDOWS\system32\hpteqgma.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\htkptrip.exe
C:\WINDOWS\system32\htkptrip.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\hymqfbnq.dll
C:\WINDOWS\system32\hymqfbnq.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\iklbajlf.exe
C:\WINDOWS\system32\iklbajlf.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\ikwemnwe.exe
C:\WINDOWS\system32\ikwemnwe.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\iliuwxea.dll
C:\WINDOWS\system32\iliuwxea.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ilyooceu.exe
C:\WINDOWS\system32\ilyooceu.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\imyicakw.exe
C:\WINDOWS\system32\imyicakw.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\jenlblyd.dll
C:\WINDOWS\system32\jenlblyd.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\jftavkix.exe
C:\WINDOWS\system32\jftavkix.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\jgolyqvt.exe
C:\WINDOWS\system32\jgolyqvt.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\jiyrbkfk.exe
C:\WINDOWS\system32\jiyrbkfk.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\jnaucnju.exe
C:\WINDOWS\system32\jnaucnju.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\jxgylgkh.exe
C:\WINDOWS\system32\jxgylgkh.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\kgqjddgm.exe
C:\WINDOWS\system32\kgqjddgm.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\knbwstfc.dll
C:\WINDOWS\system32\knbwstfc.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\koaffapp.exe
C:\WINDOWS\system32\koaffapp.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\kwinfqge.exe
C:\WINDOWS\system32\kwinfqge.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\lwpexvsh.dll
C:\WINDOWS\system32\lwpexvsh.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\meidhiym.exe
C:\WINDOWS\system32\meidhiym.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\meyggmhg.dll
C:\WINDOWS\system32\meyggmhg.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\mhcxpesl.exe
C:\WINDOWS\system32\mhcxpesl.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\mhowicwu.dll
C:\WINDOWS\system32\mhowicwu.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\midfwyer.exe
C:\WINDOWS\system32\midfwyer.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\mjmhnbny.dll
C:\WINDOWS\system32\mjmhnbny.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\mpvxbowj.exe
C:\WINDOWS\system32\mpvxbowj.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\mwhywoxj.exe
C:\WINDOWS\system32\mwhywoxj.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\mxbdyify.exe
C:\WINDOWS\system32\mxbdyify.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\nemdmssn.exe
C:\WINDOWS\system32\nemdmssn.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\oakgudcj.exe
C:\WINDOWS\system32\oakgudcj.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\osuphobq.exe
C:\WINDOWS\system32\osuphobq.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\prjxfxuc.exe
C:\WINDOWS\system32\prjxfxuc.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\qcjtmjmp.dll
C:\WINDOWS\system32\qcjtmjmp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\qdgvdpfb.dll
C:\WINDOWS\system32\qdgvdpfb.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\qecgbpgb.exe
C:\WINDOWS\system32\qecgbpgb.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\qgkhvrxh.exe
C:\WINDOWS\system32\qgkhvrxh.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\qjeqbvwu.exe
C:\WINDOWS\system32\qjeqbvwu.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\qjvdamvq.exe
C:\WINDOWS\system32\qjvdamvq.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\qkutctxq.exe
C:\WINDOWS\system32\qkutctxq.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\rayemhts.dll
C:\WINDOWS\system32\rayemhts.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\rfjlgvxw.exe
C:\WINDOWS\system32\rfjlgvxw.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\sfgapxcd.exe
C:\WINDOWS\system32\sfgapxcd.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\stasslgg.exe
C:\WINDOWS\system32\stasslgg.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\svehvkxt.exe
C:\WINDOWS\system32\svehvkxt.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\svxuvukn.dll
C:\WINDOWS\system32\svxuvukn.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\tbjndetn.exe
C:\WINDOWS\system32\tbjndetn.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\tllxsvtb.dll
C:\WINDOWS\system32\tllxsvtb.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\tlprsryj.exe
C:\WINDOWS\system32\tlprsryj.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\ttvloaic.exe
C:\WINDOWS\system32\ttvloaic.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\uflsoqpa.exe
C:\WINDOWS\system32\uflsoqpa.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\ujragenv.exe
C:\WINDOWS\system32\ujragenv.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\uobpmepm.exe
C:\WINDOWS\system32\uobpmepm.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\usjflgpv.exe
C:\WINDOWS\system32\usjflgpv.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\vohpnuul.dll
C:\WINDOWS\system32\vohpnuul.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vtsqn.dll
C:\WINDOWS\system32\vtsqn.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vwtytcit.exe
C:\WINDOWS\system32\vwtytcit.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\waxstlyi.exe
C:\WINDOWS\system32\waxstlyi.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\wbtjcret.dll
C:\WINDOWS\system32\wbtjcret.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\wjhaofyv.exe
C:\WINDOWS\system32\wjhaofyv.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\wpiguobj.exe
C:\WINDOWS\system32\wpiguobj.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\wpmbyidl.dll
C:\WINDOWS\system32\wpmbyidl.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\wrjdjagc.exe
C:\WINDOWS\system32\wrjdjagc.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\wtauqdxm.exe
C:\WINDOWS\system32\wtauqdxm.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\wvdlgldb.dll
C:\WINDOWS\system32\wvdlgldb.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\xepqhxkb.exe
C:\WINDOWS\system32\xepqhxkb.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\xfomskbx.exe
C:\WINDOWS\system32\xfomskbx.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\xfrvaisq.exe
C:\WINDOWS\system32\xfrvaisq.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\xggxqvfe.dll
C:\WINDOWS\system32\xggxqvfe.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\xjqrkfmf.exe
C:\WINDOWS\system32\xjqrkfmf.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\xjrxjety.exe
C:\WINDOWS\system32\xjrxjety.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\xklrrtra.exe
C:\WINDOWS\system32\xklrrtra.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\xnydwxxx.dll
C:\WINDOWS\system32\xnydwxxx.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\xperaddo.exe
C:\WINDOWS\system32\xperaddo.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\ylxuesri.exe
C:\WINDOWS\system32\ylxuesri.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\ynbnhmjm.ini
C:\WINDOWS\system32\ynbnhmjm.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\yvrxsuvb.exe
C:\WINDOWS\system32\yvrxsuvb.exe Has been deleted!

Performing Repairs to the registry.
Done!

#6 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:04:56 PM

Posted 04 April 2007 - 05:59 AM

Hi,

Please also post a new HijackThislog as I asked.
You say that you still didn't install an Antivirus. If you did, Vundofix wouldn't have to delete that much since most scanners target them as well and delete them.

Edited by miekiemoes, 04 April 2007 - 06:00 AM.

AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#7 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:04:56 PM

Posted 10 April 2007 - 05:01 PM

Still with us?
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#8 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:04:56 PM

Posted 14 April 2007 - 02:24 PM

Due to the lack of feedback, this Topic is closed.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users