quote:
Originally posted by ipab
These are sketchy for sure
O20 - AppInit_DLLs: C:\WINDOWS\system32\svchy0.dll
O20 - Winlogon Notify: winzdn32 - winzdn32.dll (file missing)
O20 - Winlogon Notify: wvurstu - wvurstu.dll (file missing)
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\JAMESR~1\AppData\Local\Temp\nnnkllk.dll,#1
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\JAMESR~1\AppData\Local\Temp\mllmn.dll,c
O4 - HKLM\..\Policies\Explorer\Run: [svchost.exe] C:\Program Files\Common Files\svchost.exe
C:\Users\JAMESR~1\AppData\Local\Temp\ir_ext_temp_1\autorun.exe
Note sure what this is
C:\Users\JAMESR~1\AppData\Local\Temp\ir_ext_temp_1\autorun.exe
I had a very similar infection and spybot s&d came up clean, so did several other anti-spyware utilities, so what I ended up doing was using Unlocker to delete them, when you try deleting them, because they are hooked into rundll, your system will become all glitchy and such, just stay with it, delete those and then restart and everything should be fixed...
Ofcourse, this is what I did, hopefully it works for you, just don't sue me if it doesn't.
So what do I do with all those files you posted above, just delete them all? Using unlocker?
And what do i do about the file missing ones?
/ 
