rundll

[tivia]

hi all. new to this site. got a wee problem. rundll. iv run my anti virus and malwarebytes, but can get rid of it, not that clued up on the pc, but im getting there lol. any help would be great. thanks

[noknojon]

Welcome tivia -

I am sorry but "rundll" as such is not an infection - Are there any other details you can lay upon us please -

"Error Loading C:\windows\system 32\bridge.dll " is the kind of rundll error message that you can get. Is yours similar or ....

Thank You -

EDIT -

The only advice I can give to your request is to download CCleaner Slim http://www.piriform.com/ccleaner/builds from this link -

Install the program - Under Internet Explorer , Untick - Cookies, Index.Dat Files, Auto Complete Form History -

Under System, Untick - ChkDsk Fragments, DNS Cache, Startmenu Shortcuts, Desktop Shortcuts

Click on Run Cleaner and this will remove the Temp Files built up in your computer -

[tivia]

hi and thank you, well it only pops up when i start up pc. so what i'll do is shut down and get the details when i restart, then i'll post it on here. thanks for your help

[AdvancedSetup]

Update and Scan with Malwarebytes' Anti-Malware

• Start MalwareBytes AntiMalware (Vista users must Right click and choose RunAs Admin)
  
• Please DO NOT run MBAM in Safe Mode unless requested to, you MUST run it in normal Windows mode.
  
  • Update Malwarebytes' Anti-Malware
    
  • Select the Update tab
    
  • Click Update
    

  [*]When the update is complete, select the Scanner tab

  [*]Select Perform quick scan, then click Scan.

  [*]When the scan is complete, click OK, then Show Results to view the results.

  [*]Be sure that everything is checked, and click Remove Selected.

  [*]When completed, a log will open in Notepad. please copy and paste the log into your next reply

  • If you accidently close it, the log file is saved here and will be named like this:
    
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
    

Then post back the MBAM log.

[tivia]

thank you, im running malwarebytes, but as i do my antivir guard keeps poping up with TR/agent2.ctor trojan which looks like it stops the scan

[tivia]

its stoped, scan is running ok

[tivia]

www.malwarebytes.org

Database version: 4365

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

29/07/2010 10:13:50

mbam-log-2010-07-29 (10-13-50).txt

Scan type: Quick scan

Objects scanned: 187664

Time elapsed: 34 minute(s), 47 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 9

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 9

Files Infected: 5

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{3446af26-b8d7-199b-4cfc-6fd764ca5c9f} (Backdoor.Bot) -> Quarantined and deleted successfully.

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{4776c4dc-e894-7c06-2148-5d73cef5f905} (Backdoor.Bot) -> Quarantined and deleted successfully.

HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{3446af26-b8d7-199b-4cfc-6fd764ca5c9f} (Backdoor.Bot) -> Quarantined and deleted successfully.

HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{4776c4dc-e894-7c06-2148-5d73cef5f905} (Backdoor.Bot) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\.pox (Rogue.FixTool) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\pofile (Rogue.FixTool) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RapportMgmtService.exe (Security.Hijack) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RapportService.exe (Security.Hijack) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safari.exe (Security.Hijack) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra73.exe,) Good: (userinit.exe) -> Quarantined and deleted successfully.

Folders Infected:

C:\Program Files\Perfect Optimizer (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.

C:\Program Files\Perfect Optimizer\Backup (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.

C:\Program Files\Perfect Optimizer\Backup\Application (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.

C:\Program Files\Perfect Optimizer\Backup\Registry (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.

C:\Program Files\Perfect Optimizer\Backup\Registry\FirstBackup (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.

C:\Program Files\Perfect Optimizer\Backup\Registry\FullBackup (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.

C:\Program Files\Perfect Optimizer\Backup\Service (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.

C:\Program Files\Perfect Optimizer\Temp (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\l0wsec (Trojan.Zbot) -> Quarantined and deleted successfully.

Files Infected:

C:\Program Files\Perfect Optimizer\PerfectOptimizer.ini (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\l0wsec\l0cal.ds (Trojan.Zbot) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\l0wsec\us3r.ds (Trojan.Zbot) -> Quarantined and deleted successfully.

C:\Documents and Settings\MORAY\Local Settings\Temp\0.10347532664131698.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\Documents and Settings\MORAY\Local Settings\Temp\0.7203963989774138.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

[tivia]

hope that is what was needed

[AdvancedSetup]

Yes, if you're still having issues then please follow the directions below as we don't work on Malware here in this forum. I just wanted to make sure you were able to run our scanner.

Someone will work with you one on one to assist you in that forum.

Please print out, read and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here.

One of the expert helpers there will give you one-on-one assistance when one becomes available.

After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that you're alerted when someon has replied to your post.

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org

[tivia]

thanks for your help guys .

[AdvancedSetup]

No problem, you're quite welcome.