Forum Home
Press F1
Thread ID: 65449	2006-01-18 08:57:00	Unknown HijackThis scan results	polo (6383)	Press F1

Post ID	Timestamp	Content	User
422330	2006-01-18 08:57:00	Everytime I use system scan with HijackThis software I get 3 results. They are O2 - BHO: ATLDistrib Object - {2353FCBC-012D-487B-8BF3-865C0929FBEB} - C:\WINDOWS\System32\mllji.dll O20 - Winlogon Notify: mllji - C:\WINDOWS\System32\mllji.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll I have fix checked them. But they come back again after a new scan. I don't what are this problems and what effect it has on my pc.How do i fix these. Plz help.	polo (6383)
422331	2006-01-18 10:02:00	Seems you may have the Vundo virus... Try the instructions of the second post on this page (forums.tomcoyote.org)	Myth (110)
422332	2006-01-19 02:26:00	This is a quicker way to fix it..... Download VirtumundoBegone (secured2k.home.comcast.net) and save it to your desktop. When you have done this doubleclick on VirtumundoBeGone.exe and follow the instructions. When it has finished, reboot and post the log that is created on your desktop called VBG.TXT in your next reply. Do not worry if you see a BLUE SCREEN "Fatal Error" Message, it is normal and expected.	Pancake (6359)
422333	2006-01-19 06:26:00	VBG Log [01/19/2006, 19:15:10] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\50 Cent\Desktop\VirtumundoBeGone.exe" ) [01/19/2006, 19:15:15] - Detected System Information: [01/19/2006, 19:15:15] - Windows Version: 5.1.2600, Service Pack 1 [01/19/2006, 19:15:15] - Current Username: 50 Cent (Admin) [01/19/2006, 19:15:15] - Windows is in NORMAL mode. [01/19/2006, 19:15:15] - Searching for Browser Helper Objects: [01/19/2006, 19:15:15] - BHO 1: {2353FCBC-012D-487B-8BF3-865C0929FBEB} (ATLDistrib Object) [01/19/2006, 19:15:15] - ALERT: Found ATLDistrib Object! [01/19/2006, 19:15:15] - Finished Searching Browser Helper Objects [01/19/2006, 19:15:15] - *** Detected ATLDistrib Object [01/19/2006, 19:15:15] - Trying to remove ATLDistrib Object... [01/19/2006, 19:15:16] - Terminating Process: IEXPLORE.EXE [01/19/2006, 19:15:16] - Terminating Process: RUNDLL32.EXE [01/19/2006, 19:15:16] - Disabling Automatic Shell Restart [01/19/2006, 19:15:16] - Terminating Process: EXPLORER.EXE [01/19/2006, 19:15:16] - Suspending the NT Session Manager System Service [01/19/2006, 19:15:16] - Terminating Windows NT Logon/Logoff Manager [01/19/2006, 19:15:16] - Re-enabling Automatic Shell Restart [01/19/2006, 19:15:16] - File to disable: C:\WINDOWS\System32\mllji.dll [01/19/2006, 19:15:16] - Renaming C:\WINDOWS\System32\mllji.dll -> C:\WINDOWS\System32\mllji.dll.vir [01/19/2006, 19:15:16] - File successfully renamed! [01/19/2006, 19:15:16] - Removing HKLM\...\Browser Helper Objects\{2353FCBC-012D-487B-8BF3-865C0929FBEB} [01/19/2006, 19:15:16] - Removing HKCR\CLSID\{2353FCBC-012D-487B-8BF3-865C0929FBEB} [01/19/2006, 19:15:16] - Adding Kill Bit for ActiveX for GUID: {2353FCBC-012D-487B-8BF3-865C0929FBEB} [01/19/2006, 19:15:16] - Deleting ATLEvents/MSEvents Registry entries [01/19/2006, 19:15:16] - Removing HKLM\...\Winlogon\Notify\mllji [01/19/2006, 19:15:16] - Searching for Browser Helper Objects: [01/19/2006, 19:15:16] - Finished Searching Browser Helper Objects [01/19/2006, 19:15:16] - Finishing up... [01/19/2006, 19:15:16] - A restart is needed. [01/19/2006, 19:15:22] - Attempting to Restart via STOP error (Blue Screen!)	polo (6383)
422334	2006-01-19 06:42:00	OK,Thats fixed it.Just to see that you are all clean Please download HijackThis (www.cyberanswers.org). It will create a directory folder for you in C\Program files. Run a scan and save the log file. Post the whole log file here. Do not fix anything since most of them listed there are harmless (some are system required). This program will help determine what,if anymore, spyware/malware is on your computer.	Pancake (6359)
422335	2006-01-19 10:54:00	My problem is fixd i have no suspects on hijackthis scan. Pancake thanks for the tips.	polo (6383)
422336	2006-01-19 12:30:00	Ok,no probs	Pancake (6359)
1