Win XP?? Keep Getting Popup Error on Startup? Please Help me Fix

Discussion in 'malware problems & news' started by sandman423, Aug 9, 2008.

Thread Status:
Not open for further replies.
  1. sandman423

    sandman423 Registered Member

    Joined:
    Nov 25, 2007
    Posts:
    32
    I think my computer is Infected...I ran Malware Bytes and Got this....

    Malwarebytes' Anti-Malware 1.24
    Database version: 1012
    Windows 5.1.2600 Service Pack 2

    3:01:51 PM 8/9/2008
    mbam-log-8-9-2008 (15-01-47).txt

    Scan type: Full Scan (C:\|D:\|)
    Objects scanned: 167240
    Time elapsed: 34 minute(s), 4 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 2
    Registry Keys Infected: 12
    Registry Values Infected: 3
    Registry Data Items Infected: 2
    Folders Infected: 0
    Files Infected: 16

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    C:\WINDOWS\system32\rqRLDurr.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\hgGxUoom.dll (Trojan.Vundo) -> No action taken.

    Registry Keys Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1b734ed5-abea-482d-8fc7-779051d9aa02} (Trojan.Vundo) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{1b734ed5-abea-482d-8fc7-779051d9aa02} (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24873b0f-3b95-48b1-8e9a-0adbc71f0da8} (Trojan.Vundo) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{24873b0f-3b95-48b1-8e9a-0adbc71f0da8} (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e525b124-28e1-4d57-b784-b2aabfbbfa66} (Trojan.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{e525b124-28e1-4d57-b784-b2aabfbbfa66} (Trojan.BHO) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\hggxuoom (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> No action taken.

    Registry Values Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\9831db6c (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm9b02e8f0 (Trojan.Agent) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{e525b124-28e1-4d57-b784-b2aabfbbfa66} (Trojan.Vundo) -> No action taken.

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\rqrldurr -> No action taken.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\rqrldurr -> No action taken.

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\WINDOWS\system32\gjbyzr.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\rqRLDurr.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\rruDLRqr.ini (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\rruDLRqr.ini2 (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\ivwpurtr.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\rtrupwvi.ini (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\hgGxUoom.dll (Trojan.BHO) -> No action taken.
    C:\Documents and Settings\Gus\Local Settings\Temporary Internet Files\Content.IE5\414P2JSP\kb456456[1] (Trojan.Vundo) -> No action taken.
    C:\Documents and Settings\Gus\Local Settings\Temporary Internet Files\Content.IE5\GLSR6DM1\kb767887[1] (Trojan.Vundo) -> No action taken.
    C:\Program Files\WinRAR\Patch.exe (Trojan.Downloader) -> No action taken.
    C:\WINDOWS\system32\tjfaojaq.dll (Trojan.Vundo) -> No action taken.
    D:\Apps\iPod\MediaMonkey Gold\CORE10k.EXE (Trojan.Agent) -> No action taken.
    C:\WINDOWS\system32\woawgmrm.dll (Trojan.Agent) -> No action taken.
    C:\WINDOWS\system32\mlJBsQGx.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\BM9b02e8f0.xml (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\BM9b02e8f0.txt (Trojan.Vundo) -> No action taken.


    Main Trojans Found wer Trojan.Vundo and Trojan.BHO..

    Please help me fix my computer...My Automatic Windows Updates always comes up red and I need to manually turn it on...

    Also I get these Error Messages when Starting computer...

    I also added my HiJackThis Log...

    Please help me fix this asap...
     

    Attached Files:

    Last edited by a moderator: Aug 10, 2008
  2. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
  3. sandman423

    sandman423 Registered Member

    Joined:
    Nov 25, 2007
    Posts:
    32
    Please help me fix ths I posted my HiJackThis Elsewhere just seeking some help...

    It is Highly Annoying...Plus I just posted the Malware Bytes Log...
     
  4. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    Post your hijackthis log at www.hijackthis.de, copy and paste your log there and there's a database of known safe and unsafe apps there.
     
  5. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,794
    Location:
    Texas
    Wilders no longer analyzes logs as noted here.
     
Loading...
Thread Status:
Not open for further replies.