Jump to content

Atmpvcno32.exe, kbdlt13232.exe, sprio60032.exe, wmsdmod32.exe....infection


Czar05

Recommended Posts

I have these malicious malware on my computer. I had this problem before, but seems to have returned. Every time I scan my computer using Malwarebytes antimalware I get the following results usually 5-7 infected objects. I have tried both quick and full..but nothing has changed. This malware affects my Mozilla Firefox for some reason. When I start the browser the screen turns white. The all screen is blank, but the tool bar is present. The websites are not displaying. The malware runs on a code name called Bulletstorm. Bulletstorm is a game...but the real issue is I don't have that game. I have never installed the game before on my computer. In my system32 I find these Atmpvcno32.exe, kbdlt13232.exe, sprio60032.exe, wmsdmod32.exe and their descriptions read

Descrition: Bulletstorm

Company: People Can fly

Here is the log for the quick MBAM scan:

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Database version: 7534

Windows 5.1.2600 Service Pack 3

Internet Explorer 7.0.5730.13

8/22/2011 5:28:48 AM

mbam-log-2011-08-22 (05-28-48).txt

Scan type: Quick scan

Objects scanned: 212162

Time elapsed: 8 minute(s), 46 second(s)

Memory Processes Infected: 1

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 8

Memory Processes Infected:

c:\WINDOWS\system32\atmpvcno32.exe (Trojan.Tracur) -> 2804 -> Unloaded process successfully.

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\WINDOWS\system32\atmpvcno32.exe (Trojan.Tracur) -> Quarantined and deleted successfully.

c:\documents and settings\networkservice\application data\0200000011ecd6261406c.manifest (Malware.Trace) -> Quarantined and deleted successfully.

c:\documents and settings\networkservice\application data\0200000011ecd6261406o.manifest (Malware.Trace) -> Quarantined and deleted successfully.

c:\documents and settings\networkservice\application data\0200000011ecd6261406p.manifest (Malware.Trace) -> Quarantined and deleted successfully.

c:\WINDOWS\system32\0200000011ecd6261406c.manifest (Malware.Trace) -> Quarantined and deleted successfully.

c:\WINDOWS\system32\0200000011ecd6261406o.manifest (Malware.Trace) -> Quarantined and deleted successfully.

c:\WINDOWS\system32\0200000011ecd6261406p.manifest (Malware.Trace) -> Quarantined and deleted successfully.

c:\WINDOWS\system32\0200000011ecd6261406s.manifest (Malware.Trace) -> Quarantined and deleted successfully.

Please help......I am not an expert on computers so don't recommend anything complicated or dangerous

Link to post
Share on other sites

Hello Czar05: :welcome:

If you think your system is infected, here are the steps needed to get your computer cleaned:

Please read the following so that you can begin the cleaning process:

You have 3 Options that you can choose from as listed below:

  • Option 1 —— Free Expert advice in the Malware Removal Forum
  • Option 2 —— Paying customer -- Contact Support via email
  • Option 3 —— Premium, Fee-Based Support

OPTION 1

As we don't deal with malware removal in the
False Positives subforum
, you need to start a topic in the
Malware Removal - HijackThis Logs subforum
so a qualified helper can help you fix any malware related problems/infections you may have.

  • Please read and
    CAREFULLY
    follow the
    , skipping any steps you are unable to complete. Then post a
    .

  • After posting your new post, make sure under
    options
    , you select
    Track this topic
    and choose
    Immediate Email Notification
    , so that you're alerted when someone has replied to your post.

  • One of the
    there will give you one-on-one assistance when one becomes available.

  • Please refrain from making any further changes to your computer such as (Install/Uninstall programs, use special fix tools, delete files, edit the registry, etc...) unless advised by a malware removal helper. Doing so can result in system changes which may hinder the attempts by a helper to clean your machine.

NOTE:
Please DO NOT post back to (bump) your topic within the first 48 hours.

Replying to your own posts changes the post count and helpers are looking for topics with zero replies. If you reply to your own post helpers may think that you're already being helped and thus overlook your post.
    • If there is no reply from any experts after 48 hours, you can reply to the topic, asking for help again.

      Or

    • You may send a Private Message to a Moderator asking for assistance.

OPTION 2

Alternatively, as a paying customer, you can contact the help desk at
or
.

OPTION 3

If you would like to use our Malwarebytes Premium Services, Comprehensive solutions to all your computer support needs—from installation and set-up to troubleshooting and tune-ups go to our
support site.

Please be patient, someone will assist you as soon as it is possible.

PS: Please use the Add-Reply.png button instead of other ones when you start replying. :)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.