Files Infected:
Memory Modules Infected:
C:\WINDOWS\system32\bolfnkwy.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\pmnmLBqr.dll (Trojan.Vundo.H) -> Delete on reboot.
O2 - BHO: {dd3878c5-bcd0-07f8-bda4-36750fad48f1} - {1f84daf0-5763-4adb-8f70-0dcb5c8783dd} - C:\WINDOWS\system32\qpatov.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunServices: [Windows] taskmngr.exe
O4 - HKLM\..\RunServices: [Device Manager] wfxmgr.exe
O20 - AppInit_DLLs: qpatov.dll