Endless Paradigm

Endless Paradigm > Computers & Tech > Crazy Computer > I think my computer is badly infected
Full Version: I think my computer is badly infected
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3

amzter

27/07/2007, 11:30 AM
it seems that the virus or what ever it is is using rundll.exe to run .dll files from my temp folder

what should i do

draggy

27/07/2007, 11:46 AM
did you boot into safe mod and delete everything out of the temp folder?

Assassinator

27/07/2007, 05:21 PM
Ha vista. Don't see the point at the moment.

Lots of security holes, incompatability, and SLOW. My mom got a new Core2Duo E5500 laptop (it's fast), and Vista is still pretty slow.

One good thing about vista is that i found is that i don't need to configure LAN. It does it for u altomatically as soon as u stick ur network cable in, convenient. Otherwise, i don't see too much benefits. I don't really care about Vista looking better, I'm not willing to sacrifice speed for looks.

amzter

28/07/2007, 04:25 AM
28/07/2007 12:23:11> Registry modification detected
28/07/2007 12:23:11>
28/07/2007 12:23:11> Root:HKEY_CURRENT_USER
28/07/2007 12:23:11> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:11> Value:cmds
28/07/2007 12:23:11> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:11> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:11>
28/07/2007 12:23:11> Registry modification detected
28/07/2007 12:23:11>
28/07/2007 12:23:11> Root:HKEY_CURRENT_USER
28/07/2007 12:23:11> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:11> Value:cmds
28/07/2007 12:23:11> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:11> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:11>
28/07/2007 12:23:12> Registry modification detected
28/07/2007 12:23:12>
28/07/2007 12:23:12> Root:HKEY_CURRENT_USER
28/07/2007 12:23:12> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:12> Value:cmds
28/07/2007 12:23:12> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:12> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:12>
28/07/2007 12:23:12> Registry modification detected
28/07/2007 12:23:12>
28/07/2007 12:23:12> Root:HKEY_CURRENT_USER
28/07/2007 12:23:12> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:12> Value:cmds
28/07/2007 12:23:12> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:12> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:12>
28/07/2007 12:23:12> Registry modification detected
28/07/2007 12:23:12>
28/07/2007 12:23:12> Root:HKEY_CURRENT_USER
28/07/2007 12:23:12> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:12> Value:cmds
28/07/2007 12:23:12> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:12> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:12>
28/07/2007 12:23:12> Registry modification detected
28/07/2007 12:23:12>
28/07/2007 12:23:12> Root:HKEY_CURRENT_USER
28/07/2007 12:23:12> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:12> Value:cmds
28/07/2007 12:23:12> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:12> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:12>
28/07/2007 12:23:12> Registry modification detected
28/07/2007 12:23:12>
28/07/2007 12:23:12> Root:HKEY_CURRENT_USER
28/07/2007 12:23:12> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:12> Value:cmds
28/07/2007 12:23:12> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:12> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:12>
28/07/2007 12:23:13> Registry modification detected
28/07/2007 12:23:13>
28/07/2007 12:23:13> Root:HKEY_CURRENT_USER
28/07/2007 12:23:13> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:13> Value:cmds
28/07/2007 12:23:13> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:13> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:13>
28/07/2007 12:23:13> Registry modification detected
28/07/2007 12:23:13>
28/07/2007 12:23:13> Root:HKEY_CURRENT_USER
28/07/2007 12:23:13> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:13> Value:cmds
28/07/2007 12:23:13> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:13> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:13>
28/07/2007 12:23:13> Registry modification detected
28/07/2007 12:23:13>
28/07/2007 12:23:13> Root:HKEY_CURRENT_USER
28/07/2007 12:23:13> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:13> Value:cmds
28/07/2007 12:23:13> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:13> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:13>
28/07/2007 12:23:13> Registry modification detected
28/07/2007 12:23:13>
28/07/2007 12:23:13> Root:HKEY_CURRENT_USER
28/07/2007 12:23:13> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:13> Value:cmds
28/07/2007 12:23:13> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:13> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:13>
28/07/2007 12:23:13> Registry modification detected
28/07/2007 12:23:13>
28/07/2007 12:23:13> Root:HKEY_CURRENT_USER
28/07/2007 12:23:13> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:13> Value:cmds
28/07/2007 12:23:13> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:13> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:13>
28/07/2007 12:23:14> Registry modification detected
28/07/2007 12:23:14>
28/07/2007 12:23:14> Root:HKEY_CURRENT_USER
28/07/2007 12:23:14> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:14> Value:cmds
28/07/2007 12:23:14> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:14> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:14>
28/07/2007 12:23:14> Registry modification detected
28/07/2007 12:23:14>
28/07/2007 12:23:14> Root:HKEY_CURRENT_USER
28/07/2007 12:23:14> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:14> Value:cmds
28/07/2007 12:23:14> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:14> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:14>
28/07/2007 12:23:14> Registry modification detected
28/07/2007 12:23:14>
28/07/2007 12:23:14> Root:HKEY_CURRENT_USER
28/07/2007 12:23:14> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:14> Value:cmds
28/07/2007 12:23:14> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:14> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:14>
28/07/2007 12:23:14> Registry modification detected
28/07/2007 12:23:14>
28/07/2007 12:23:14> Root:HKEY_CURRENT_USER
28/07/2007 12:23:14> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:14> Value:cmds
28/07/2007 12:23:14> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:14> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:14>
28/07/2007 12:23:14> Registry modification detected
28/07/2007 12:23:14>
28/07/2007 12:23:14> Root:HKEY_CURRENT_USER
28/07/2007 12:23:14> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:14> Value:cmds
28/07/2007 12:23:14> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:14> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:14>
28/07/2007 12:23:15> Registry modification detected
28/07/2007 12:23:15>
28/07/2007 12:23:15> Root:HKEY_CURRENT_USER
28/07/2007 12:23:15> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:15> Value:cmds
28/07/2007 12:23:15> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:15> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:15>
28/07/2007 12:23:15> Registry modification detected
28/07/2007 12:23:15>
28/07/2007 12:23:15> Root:HKEY_CURRENT_USER
28/07/2007 12:23:15> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:15> Value:cmds
28/07/2007 12:23:15> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:15> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:15>
28/07/2007 12:23:15> Registry modification detected
28/07/2007 12:23:15>
28/07/2007 12:23:15> Root:HKEY_CURRENT_USER
28/07/2007 12:23:15> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:15> Value:cmds
28/07/2007 12:23:15> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:15> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:15>
28/07/2007 12:23:15> Registry modification detected
28/07/2007 12:23:15>
28/07/2007 12:23:15> Root:HKEY_CURRENT_USER
28/07/2007 12:23:15> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:15> Value:cmds
28/07/2007 12:23:15> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:15> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:15>
28/07/2007 12:23:16> Registry modification detected
28/07/2007 12:23:16>
28/07/2007 12:23:16> Root:HKEY_CURRENT_USER
28/07/2007 12:23:16> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:16> Value:cmds
28/07/2007 12:23:16> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:16> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:16>
28/07/2007 12:23:16> Registry modification detected
28/07/2007 12:23:16>
28/07/2007 12:23:16> Root:HKEY_CURRENT_USER
28/07/2007 12:23:16> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:16> Value:cmds
28/07/2007 12:23:16> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:16> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:16>
28/07/2007 12:23:16> Registry modification detected
28/07/2007 12:23:16>
28/07/2007 12:23:16> Root:HKEY_CURRENT_USER
28/07/2007 12:23:16> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:16> Value:cmds
28/07/2007 12:23:16> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:16> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:16>
28/07/2007 12:23:16> Registry modification detected
28/07/2007 12:23:16>
28/07/2007 12:23:16> Root:HKEY_CURRENT_USER
28/07/2007 12:23:16> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:16> Value:cmds
28/07/2007 12:23:16> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:16> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:16>
28/07/2007 12:23:16> Registry modification detected
28/07/2007 12:23:16>
28/07/2007 12:23:16> Root:HKEY_CURRENT_USER
28/07/2007 12:23:16> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:16> Value:cmds
28/07/2007 12:23:16> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:16> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:16>
28/07/2007 12:23:17> Registry modification detected
28/07/2007 12:23:17>
28/07/2007 12:23:17> Root:HKEY_CURRENT_USER
28/07/2007 12:23:17> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:17> Value:cmds
28/07/2007 12:23:17> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:17> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:17>
28/07/2007 12:23:17> Registry modification detected
28/07/2007 12:23:17>
28/07/2007 12:23:17> Root:HKEY_CURRENT_USER
28/07/2007 12:23:17> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:17> Value:cmds
28/07/2007 12:23:17> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:17> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:17>


Log from my adaware process watch

beaner2k6

15/01/2008, 12:34 AM
amzter Wrote:http://myip(obviously i aint giving it out)/my computer/c://ijji/soldierfront
i know your IP address ;)
Pages: 1 2 3
Endless Paradigm > Computers & Tech > Crazy Computer > I think my computer is badly infected
Reference URL's