CPMebc86926 / e8fb5aba /hovevifedi in Run (Registry)

Reply

Join Date: Apr 2006
Posts: 2
Reputation: powerthink is an unknown quantity at this point 
Solved Threads: 0
powerthink powerthink is offline Offline
Newbie Poster

CPMebc86926 / e8fb5aba /hovevifedi in Run (Registry)

 
0
  #1
Dec 1st, 2008
Hi guys,
I have those things in the Run section of Registry

Key Name: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Class Name: <NO CLASS>
Last Write Time: 12/2/2008 - 1:07 PM
Value 0
Name: CTFMON.EXE
Type: REG_SZ
Data: C:\WINDOWS\system32\ctfmon.exe

Value 1
Name: CPMebc86926
Type: REG_SZ
Data: Rundll32.exe "c:\windows\system32\dumepiwo.dll",a

Value 2
Name: e8fb5aba
Type: REG_SZ
Data: rundll32.exe "C:\WINDOWS\system32\suvatepe.dll",b

Value 3
Name: hovevifedi
Type: REG_SZ
Data: Rundll32.exe "C:\WINDOWS\system32\lameweka.dll",s

Any idea what they are?
Thanks.

Apparently they are not there anymore, there are 3 rundll messages come up with error loading ......
Google it does not come up with anything.




Powerthink
Last edited by powerthink; Dec 1st, 2008 at 10:25 pm.
Reply With Quote Quick reply to this message  
Join Date: May 2005
Posts: 3,204
Reputation: gerbil will become famous soon enough gerbil will become famous soon enough 
Solved Threads: 188
gerbil gerbil is offline Offline
Nearly a Senior Poster

Re: CPMebc86926 / e8fb5aba /hovevifedi in Run (Registry)

 
0
  #2
Dec 2nd, 2008
The first is a system file, the others pests.
==Please download Malwarebytes' Anti-Malware
from: http://www.majorgeeks.com/Malwarebyt...are_d5756.html
or: http://www.besttechie.net/tools/mbam-setup.exe
=Dclick that file, mbam-setup.exe, to install the application,
-ensure that it is set to update and start, else start it via the icon.
Select "Perform Quick Scan", then click Scan; the application will guide you through the remaining steps.
ENSURE that EVERYTHING found has a CHECKMARK against it, then click Remove Selected.
If malware has been found [and removed] MBAM will automatically produce a log for you... do not click the Save Logfile button.
When it completes examine the log: if some files are listed as Delete on Reboot then restart your machine before continuing.
Post the Notepad log [it is also saved under Logs tab in MBAM].
Deep, deep in the woods, but walking about.
Reply With Quote Quick reply to this message  
Join Date: Apr 2006
Posts: 2
Reputation: powerthink is an unknown quantity at this point 
Solved Threads: 0
powerthink powerthink is offline Offline
Newbie Poster

Re: CPMebc86926 / e8fb5aba /hovevifedi in Run (Registry)

 
0
  #3
Dec 2nd, 2008
Hi Gerbil,
Thanks for your advice.
At this time of the year I have to reimage that laptop. But for more information that happened when an African guy plug the usb into her laptop.
Cheers
Reply With Quote Quick reply to this message  
Reply

Quick Reply to Thread
This thread is more than three months old.
Perhaps start a new thread instead?
Message:



Other Threads in the Windows NT / 2000 / XP Forum
Thread Tools Search this Thread



Tag cloud for Windows NT / 2000 / XP
.net 3.5 3daccelertion 64bit 2007 2010 a.exe activedirectory address alaris android apache application appstore arm automatically black blue boot bsod canonical chinese codeplex combofix computerfreezes cursor deployment desktop desktops domain downloads drive eartlink error explorer fax firefox fonts format framework freeze gadgets home install intel internet laptop latitude linux mac markshuttleworth microsoft mobile monitor netbooks nvidia open opensource operatingsystems options osinstallationproblem palm partition patch port printer program proxy raid rds reformat remotedesktop remotedesktopconnection repair replacingraiddrive retrieve screen server. sharepoint simplifiedchinese sitetositevpn slowperformance sp1 studios ubuntu unreadable update upgrade videodrivers virtual virus volume vpn vulnerability window windows windows7 windowsxp xp xpde
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC