Hi,

I would like to know if there is anything else I should do now.
Thank you in advance.

Attached Files

	hijackthis.log (7.7 KB, 4 views)
	mbam-log-2009-11-20 (23-28-47).txt (5.3 KB, 3 views)
	SUPERAntiSpyware Scan Log - 11-21-2009 - 00-45-35.log (1.0 KB, 2 views)

Welcome to TechSpot, Dakota. I'll help with the malware.

But first, some history please:
1. What have you done so far prior to these 3 programs.
2. What problems specifically are you having?
3. Is your ISP NeuStar or NEUS in Virginia?
4. Are you connecting to the MSI site in Taiwan intentionally?

You do have malware, but it is very helpful to know what problem it is causing.

As soon as I get those answers, I will know how to direct you.

Thanks for your answer.

1. I didn't do anything prior to these 3 programs

2. Before I run the 3 programs I had a 60 seconds countdown, telling me that my laptop was going to shut down. I shat down the laptop before the countdown was over. When I turned it on again, I followed the 8 steps. My antivirus indicated that the laptop was infected with Trojan Horse Hiloti.D; Generic 15. ACUX; SHeur2.BOHA but I think it's gone now. Now I don't have the countdown anymore but each time I turn the laptop on I get a message saying: "RUNDLL - Error loading C:\WINDOWS\akugahopiranohi.dll - The specified module could not be found."

3. I don't know. I have no technical knowledge.

4. I don't connect to the MSI site in Taiwan intentionally (but my laptop brand is MSI)

Whenever the system is shutting down, you need to let the process finish. when you don't programs/apps and anything else might not have time to close properly. So when you startup again. you will most likely get errors.

AVG and Heur frequently means a Virut infection. Please do the following so we can check for that:

• Make sure to use Internet Explorer for this
• Please go to VirSCAN.org FREE on-line scan service
• Copy and paste the following file path into the "Suspicious files to scan" box on the top of the page:
  • c:\windows\system32\userinit.exe
• Click on the Upload button
• If a pop-up appears saying the file has been scanned already, please select the ReScan button.
• Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
• Paste the contents of the Clipboard in your next reply.

Also scan these,

C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe


Please include the log into the next reply.

Virut is a Polymorphic File Infector that infects .EXE and .SCR files. It opens a Backdoor by connecting to a predefined IRC Server and waits for commands from the remote attacker

There is more information here:
http://miekiemoes.blogspot.com/2009/...-throwing.html


No matter what the infections is, you should change all of your passwords and monitor any online financial transactions.