Endless Paradigm / Computers & Tech / Crazy Computer / I think my computer is badly infected

Post Reply 
I think my computer is badly infected
Author Message
amzter
The bird stole my shoe.

Posts: 1,830.3066
Threads: 342
Joined: 3rd May 2007
Reputation: -4.56241
E-Pigs: 54.7074
Offline
Post: #21
RE: I think my computer is badly infected
it seems that the virus or what ever it is is using rundll.exe to run .dll files from my temp folder

what should i do
[Image: 494851774.png]
Search:
27/07/2007 11:30 AM
Visit this user's website Find all posts by this user Quote this message in a reply
draggy
Dragon Lord

Posts: 111.4477
Threads: 14
Joined: 10th Jun 2007
Reputation: 1.62242
E-Pigs: 1.2225
Offline
Post: #22
RE: I think my computer is badly infected
did you boot into safe mod and delete everything out of the temp folder?
27/07/2007 11:46 AM
Visit this user's website Find all posts by this user Quote this message in a reply
Assassinator
...

Posts: 6,646.6190
Threads: 176
Joined: 24th Apr 2007
Reputation: 8.53695
E-Pigs: 140.8363
Offline
Post: #23
RE: I think my computer is badly infected
Ha vista. Don't see the point at the moment.

Lots of security holes, incompatability, and SLOW. My mom got a new Core2Duo E5500 laptop (it's fast), and Vista is still pretty slow.

One good thing about vista is that i found is that i don't need to configure LAN. It does it for u altomatically as soon as u stick ur network cable in, convenient. Otherwise, i don't see too much benefits. I don't really care about Vista looking better, I'm not willing to sacrifice speed for looks.
27/07/2007 05:21 PM
Find all posts by this user Quote this message in a reply
amzter
The bird stole my shoe.

Posts: 1,830.3066
Threads: 342
Joined: 3rd May 2007
Reputation: -4.56241
E-Pigs: 54.7074
Offline
Post: #24
RE: I think my computer is badly infected
28/07/2007 12:23:11> Registry modification detected
28/07/2007 12:23:11>
28/07/2007 12:23:11> Root:HKEY_CURRENT_USER
28/07/2007 12:23:11> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:11> Value:cmds
28/07/2007 12:23:11> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:11> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:11>
28/07/2007 12:23:11> Registry modification detected
28/07/2007 12:23:11>
28/07/2007 12:23:11> Root:HKEY_CURRENT_USER
28/07/2007 12:23:11> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:11> Value:cmds
28/07/2007 12:23:11> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:11> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:11>
28/07/2007 12:23:12> Registry modification detected
28/07/2007 12:23:12>
28/07/2007 12:23:12> Root:HKEY_CURRENT_USER
28/07/2007 12:23:12> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:12> Value:cmds
28/07/2007 12:23:12> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:12> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:12>
28/07/2007 12:23:12> Registry modification detected
28/07/2007 12:23:12>
28/07/2007 12:23:12> Root:HKEY_CURRENT_USER
28/07/2007 12:23:12> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:12> Value:cmds
28/07/2007 12:23:12> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:12> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:12>
28/07/2007 12:23:12> Registry modification detected
28/07/2007 12:23:12>
28/07/2007 12:23:12> Root:HKEY_CURRENT_USER
28/07/2007 12:23:12> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:12> Value:cmds
28/07/2007 12:23:12> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:12> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:12>
28/07/2007 12:23:12> Registry modification detected
28/07/2007 12:23:12>
28/07/2007 12:23:12> Root:HKEY_CURRENT_USER
28/07/2007 12:23:12> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:12> Value:cmds
28/07/2007 12:23:12> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:12> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:12>
28/07/2007 12:23:12> Registry modification detected
28/07/2007 12:23:12>
28/07/2007 12:23:12> Root:HKEY_CURRENT_USER
28/07/2007 12:23:12> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:12> Value:cmds
28/07/2007 12:23:12> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:12> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:12>
28/07/2007 12:23:13> Registry modification detected
28/07/2007 12:23:13>
28/07/2007 12:23:13> Root:HKEY_CURRENT_USER
28/07/2007 12:23:13> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:13> Value:cmds
28/07/2007 12:23:13> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:13> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:13>
28/07/2007 12:23:13> Registry modification detected
28/07/2007 12:23:13>
28/07/2007 12:23:13> Root:HKEY_CURRENT_USER
28/07/2007 12:23:13> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:13> Value:cmds
28/07/2007 12:23:13> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:13> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:13>
28/07/2007 12:23:13> Registry modification detected
28/07/2007 12:23:13>
28/07/2007 12:23:13> Root:HKEY_CURRENT_USER
28/07/2007 12:23:13> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:13> Value:cmds
28/07/2007 12:23:13> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:13> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:13>
28/07/2007 12:23:13> Registry modification detected
28/07/2007 12:23:13>
28/07/2007 12:23:13> Root:HKEY_CURRENT_USER
28/07/2007 12:23:13> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:13> Value:cmds
28/07/2007 12:23:13> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:13> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:13>
28/07/2007 12:23:13> Registry modification detected
28/07/2007 12:23:13>
28/07/2007 12:23:13> Root:HKEY_CURRENT_USER
28/07/2007 12:23:13> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:13> Value:cmds
28/07/2007 12:23:13> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:13> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:13>
28/07/2007 12:23:14> Registry modification detected
28/07/2007 12:23:14>
28/07/2007 12:23:14> Root:HKEY_CURRENT_USER
28/07/2007 12:23:14> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:14> Value:cmds
28/07/2007 12:23:14> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:14> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:14>
28/07/2007 12:23:14> Registry modification detected
28/07/2007 12:23:14>
28/07/2007 12:23:14> Root:HKEY_CURRENT_USER
28/07/2007 12:23:14> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:14> Value:cmds
28/07/2007 12:23:14> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:14> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:14>
28/07/2007 12:23:14> Registry modification detected
28/07/2007 12:23:14>
28/07/2007 12:23:14> Root:HKEY_CURRENT_USER
28/07/2007 12:23:14> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:14> Value:cmds
28/07/2007 12:23:14> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:14> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:14>
28/07/2007 12:23:14> Registry modification detected
28/07/2007 12:23:14>
28/07/2007 12:23:14> Root:HKEY_CURRENT_USER
28/07/2007 12:23:14> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:14> Value:cmds
28/07/2007 12:23:14> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:14> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:14>
28/07/2007 12:23:14> Registry modification detected
28/07/2007 12:23:14>
28/07/2007 12:23:14> Root:HKEY_CURRENT_USER
28/07/2007 12:23:14> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:14> Value:cmds
28/07/2007 12:23:14> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:14> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:14>
28/07/2007 12:23:15> Registry modification detected
28/07/2007 12:23:15>
28/07/2007 12:23:15> Root:HKEY_CURRENT_USER
28/07/2007 12:23:15> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:15> Value:cmds
28/07/2007 12:23:15> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:15> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:15>
28/07/2007 12:23:15> Registry modification detected
28/07/2007 12:23:15>
28/07/2007 12:23:15> Root:HKEY_CURRENT_USER
28/07/2007 12:23:15> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:15> Value:cmds
28/07/2007 12:23:15> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:15> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:15>
28/07/2007 12:23:15> Registry modification detected
28/07/2007 12:23:15>
28/07/2007 12:23:15> Root:HKEY_CURRENT_USER
28/07/2007 12:23:15> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:15> Value:cmds
28/07/2007 12:23:15> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:15> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:15>
28/07/2007 12:23:15> Registry modification detected
28/07/2007 12:23:15>
28/07/2007 12:23:15> Root:HKEY_CURRENT_USER
28/07/2007 12:23:15> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:15> Value:cmds
28/07/2007 12:23:15> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:15> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:15>
28/07/2007 12:23:16> Registry modification detected
28/07/2007 12:23:16>
28/07/2007 12:23:16> Root:HKEY_CURRENT_USER
28/07/2007 12:23:16> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:16> Value:cmds
28/07/2007 12:23:16> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:16> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:16>
28/07/2007 12:23:16> Registry modification detected
28/07/2007 12:23:16>
28/07/2007 12:23:16> Root:HKEY_CURRENT_USER
28/07/2007 12:23:16> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:16> Value:cmds
28/07/2007 12:23:16> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:16> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:16>
28/07/2007 12:23:16> Registry modification detected
28/07/2007 12:23:16>
28/07/2007 12:23:16> Root:HKEY_CURRENT_USER
28/07/2007 12:23:16> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:16> Value:cmds
28/07/2007 12:23:16> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:16> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:16>
28/07/2007 12:23:16> Registry modification detected
28/07/2007 12:23:16>
28/07/2007 12:23:16> Root:HKEY_CURRENT_USER
28/07/2007 12:23:16> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:16> Value:cmds
28/07/2007 12:23:16> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:16> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:16>
28/07/2007 12:23:16> Registry modification detected
28/07/2007 12:23:16>
28/07/2007 12:23:16> Root:HKEY_CURRENT_USER
28/07/2007 12:23:16> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:16> Value:cmds
28/07/2007 12:23:16> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:16> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:16>
28/07/2007 12:23:17> Registry modification detected
28/07/2007 12:23:17>
28/07/2007 12:23:17> Root:HKEY_CURRENT_USER
28/07/2007 12:23:17> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:17> Value:cmds
28/07/2007 12:23:17> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:17> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:17>
28/07/2007 12:23:17> Registry modification detected
28/07/2007 12:23:17>
28/07/2007 12:23:17> Root:HKEY_CURRENT_USER
28/07/2007 12:23:17> Key:Software\Microsoft\Windows\CurrentVersion\Run
28/07/2007 12:23:17> Value:cmds
28/07/2007 12:23:17> Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\hgghi.dll,CreateProtectProc
28/07/2007 12:23:17> New Data:rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbxut.dll,CPP
28/07/2007 12:23:17>


Log from my adaware process watch
[Image: 494851774.png]
Search:
28/07/2007 04:25 AM
Visit this user's website Find all posts by this user Quote this message in a reply
beaner2k6
∞©∞

Posts: 2,523.4281
Threads: 62
Joined: 1st Mar 2007
Reputation: 1.65351
E-Pigs: 73.7237
Offline
Post: #25
RE: I think my computer is badly infected
amzter Wrote:http://myip(obviously i aint giving it out)/my computer/c://ijji/soldierfront
i know your IP address ;)
[Image: beaner2k6.jpg]
[Image: 218ohu.jpg]
[Image: newbitmapimage3aj5.png]
[Image: beaner2k6.png]
15/01/2008 12:34 AM
Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)

 Quick Theme:


Privacy Policy | Endless Paradigm | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication