Win XP?? Keep Getting Popup Error on Startup? Please Help me Fix

Discussion in 'malware problems & news' started by sandman423, Aug 9, 2008.

Thread Status:
Not open for further replies.
  1. sandman423

    sandman423 Registered Member

    Joined:
    Nov 25, 2007
    Posts:
    32
    I think my computer is Infected...I ran Malware Bytes and Got this....

    Malwarebytes' Anti-Malware 1.24
    Database version: 1012
    Windows 5.1.2600 Service Pack 2

    3:01:51 PM 8/9/2008
    mbam-log-8-9-2008 (15-01-47).txt

    Scan type: Full Scan (C:\|D:\|)
    Objects scanned: 167240
    Time elapsed: 34 minute(s), 4 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 2
    Registry Keys Infected: 12
    Registry Values Infected: 3
    Registry Data Items Infected: 2
    Folders Infected: 0
    Files Infected: 16

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    C:\WINDOWS\system32\rqRLDurr.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\hgGxUoom.dll (Trojan.Vundo) -> No action taken.

    Registry Keys Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1b734ed5-abea-482d-8fc7-779051d9aa02} (Trojan.Vundo) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{1b734ed5-abea-482d-8fc7-779051d9aa02} (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24873b0f-3b95-48b1-8e9a-0adbc71f0da8} (Trojan.Vundo) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{24873b0f-3b95-48b1-8e9a-0adbc71f0da8} (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e525b124-28e1-4d57-b784-b2aabfbbfa66} (Trojan.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{e525b124-28e1-4d57-b784-b2aabfbbfa66} (Trojan.BHO) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\hggxuoom (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> No action taken.

    Registry Values Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\9831db6c (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm9b02e8f0 (Trojan.Agent) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{e525b124-28e1-4d57-b784-b2aabfbbfa66} (Trojan.Vundo) -> No action taken.

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\rqrldurr -> No action taken.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\rqrldurr -> No action taken.

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\WINDOWS\system32\gjbyzr.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\rqRLDurr.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\rruDLRqr.ini (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\rruDLRqr.ini2 (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\ivwpurtr.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\rtrupwvi.ini (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\hgGxUoom.dll (Trojan.BHO) -> No action taken.
    C:\Documents and Settings\Gus\Local Settings\Temporary Internet Files\Content.IE5\414P2JSP\kb456456[1] (Trojan.Vundo) -> No action taken.
    C:\Documents and Settings\Gus\Local Settings\Temporary Internet Files\Content.IE5\GLSR6DM1\kb767887[1] (Trojan.Vundo) -> No action taken.
    C:\Program Files\WinRAR\Patch.exe (Trojan.Downloader) -> No action taken.
    C:\WINDOWS\system32\tjfaojaq.dll (Trojan.Vundo) -> No action taken.
    D:\Apps\iPod\MediaMonkey Gold\CORE10k.EXE (Trojan.Agent) -> No action taken.
    C:\WINDOWS\system32\woawgmrm.dll (Trojan.Agent) -> No action taken.
    C:\WINDOWS\system32\mlJBsQGx.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\BM9b02e8f0.xml (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\BM9b02e8f0.txt (Trojan.Vundo) -> No action taken.


    Main Trojans Found wer Trojan.Vundo and Trojan.BHO..

    Please help me fix my computer...My Automatic Windows Updates always comes up red and I need to manually turn it on...

    Also I get these Error Messages when Starting computer...

    I also added my HiJackThis Log...

    Please help me fix this asap...
     

    Attached Files:

    Last edited by a moderator: Aug 10, 2008
  2. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
  3. sandman423

    sandman423 Registered Member

    Joined:
    Nov 25, 2007
    Posts:
    32
    Please help me fix ths I posted my HiJackThis Elsewhere just seeking some help...

    It is Highly Annoying...Plus I just posted the Malware Bytes Log...
     
  4. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    Post your hijackthis log at www.hijackthis.de, copy and paste your log there and there's a database of known safe and unsafe apps there.
     
  5. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    172,208
    Location:
    Texas
    Wilders no longer analyzes logs as noted here.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.