|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Resolved HJT Threads Resolved spyware and popup issues. |
|
|
LinkBack | Thread Tools |
04-13-2009, 09:32 AM
|
#1 (permalink) |
|
Registered User
Join Date: Apr 2009
Posts: 1
OS: Windows XP
|
IE popups / errors
Occasionally I get IE popups and often error messages asking me if I want to send a report. I ran Malwarebytes' anti Malware and restarted. Now I receive error messages saying
"The application or DLL c:\windows\system32\wuvotifa.dll is not a valid Windows image. Please check this against your installation diskette." every time I try to run an application or even open a new tab in Google Chrome. Here is the report from Malwarebytes' Malwarebytes' Anti-Malware 1.36 Database version: 1975 Windows 5.1.2600 Service Pack 2 4/13/2009 11  21 AMmbam-log-2009-04-13 (11-06-21).txt Scan type: Quick Scan Objects scanned: 95142 Time elapsed: 4 minute(s), 28 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 7 Registry Values Infected: 5 Registry Data Items Infected: 2 Folders Infected: 0 Files Infected: 4 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ee5b36a1-e5bc-47d8-b4bc-0dcb95edddec} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{ee5b36a1-e5bc-47d8-b4bc-0dcb95edddec} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eee17712-987e-4424-a00c-9da0bc4e2078} (Trojan.Fakealert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\3cd483b0 (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm3fe7b02c (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gejugavuku (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.BHO) -> Quarantined and deleted successfully. Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.BHO) -> Data: c:\windows\system32\wuvotifa.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\yabuvasu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\usavubay.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. c:\WINDOWS\system32\wuvotifa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vawevoyu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. |
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
04-13-2009, 11:38 AM
|
#2 (permalink) | |
|
Manager, Security Center, TSF Academy; Analyst, Security Team
Join Date: Jan 2005
Location: Transylvania County, North Carolina, USA
Posts: 35,661
OS: 2000 Pro; XP Pro; XP Home
|
Re: IE popups / errors
Hello and Welcome to TSF.
We only want certain logs posted unless otherwise requested. Not sure where on this forum you see us asking for a log from that tool to be posted as an opening to a request for help. We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a Quote:
--------------------------------------------------------------------------------------------- Please follow our pre-posting process outlined here: NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed. You may link back to this topic for reference. If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply. Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.
__________________
Practice Safe Surfing Because what you don't know, CAN hurt you.  Microsoft MVP - Consumer Security 2009
|
|
|
|
|
| Thread Tools | |
|
|
