HAVING COMPUTER ISSUES...VIRUSES,SPYWARE, ETC...INFO HERE

  • Wanna Join? New users you can now register lightning fast using your Facebook or Twitter accounts.
Jan 11, 2006
5,728
1,890
0
45
grouchoweed.ipbfree.com
I'm having few problems with my laptop.



1. When I start it up, I get the follwing error on the desktop. "C:\windows\system32\iifdedap.dll

specified module could not be found


What is this? Also, my laptop has been shutting itself off randomly. I'm running Malwarebytes Anti Malware scan right now and it says I have 25 infescted files so far... great.



Any help please?
 
Mar 13, 2003
5,302
606
113
anybody ever had your firewall turn off from time to time while on the computer??!!...For some reason my firewall turns off, for what seems no reason at all (i turn it back on right away and doesnt go back off the remainder of the time im using the comp and then the same thing when i turn off and back on)...I have dont both virus and spyawre scans on my comp but nothing shows up. Anybody have any tips/advice as to what it can be?!
 
Jan 11, 2006
5,728
1,890
0
45
grouchoweed.ipbfree.com
Save log from the Hijackthis program... not sure if this is from startup or what.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:32:32 AM, on 12/20/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\iifdedAP.dll,#1
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 4459 bytes
 
Jan 31, 2008
2,764
3,360
113
44
try to run a OS cd recovery disc, based on the cd that came with your computer or if u made one with your pc

heres an example of the windows xp professional cd, run from the cd when u restart.
u hit the R key, and so on.


so do the same but with the cd that came from or with YOUR computer.
 

CyrusTheVirus

thats just my ghost
Oct 31, 2002
4,074
2,538
113
legendary
I'm having few problems with my laptop.



1. When I start it up, I get the follwing error on the desktop. "C:\windows\system32\iifdedap.dll

specified module could not be found


What is this? Also, my laptop has been shutting itself off randomly. I'm running Malwarebytes Anti Malware scan right now and it says I have 25 infescted files so far... great.



Any help please?
*edit*
Memory Modules Infected:
C:\WINDOWS\system32\iifdedAP.dll (Trojan.Vundo.H) -> Delete on reboot.
from
http://www.computerforum.com/142667-computer-going-kaput-2.html

http://www.symantec.com/connect/forums/trojanvundoh

http://www.symantec.com/security_response/writeup.jsp?docid=2004-112210-3747-99

* pre edit thoughts *

Unregister that dll file might help you out but I'm no windoze expert :ermm:

Try this...

boot up to safe mode

Start menu -> run -> cmd

regsrv32 /u C:\windows\system32\iifdedap.dll

or

regsrv32 /u iifdedap.dll

or maybe both just to be sure.

then reboot into normal mode

if that works........ enjoy

It should unlink that dll file so your system doesn't cry about it missing

if it does more harm then good... sorry and shit.. I'm no windoze expert

see also http://technet.microsoft.com/en-us/library/bb490985.aspx
 
Jan 11, 2006
5,728
1,890
0
45
grouchoweed.ipbfree.com
Alright... downloaded that trojan.vundo remover, ran it, but it didn't seem to do anything.


Edit: Finally got it into Safe mode. tried to unregister that .dll file. Got this instead:

'regsrv32' is not recognized as an internal or external command. operable program or batch file.

So, I guess it didn't do anything either.


Also, ran that trojan.vundo thing again, and this popped up as a file on my desktop. I assume it's a log.


"Symantec Trojan.Vundo Removal Tool 1.5.1

Cannot scan winlogon plugins!"