Jump to content

Post-Malware Issues


NightSky
 Share

Recommended Posts

Just finished removing malware from my computer a few moments ago, but it managed to change many of my computer settings before i was able to get rid of it. Now that its finally gone I'm finding myself trying to change everything back to the way it was, but there are 2 problems with one idea seeming them to be linked together: The "Administrater Account" is still showing up in the log-in screen, and the start menu/task bar/windows are set in Windows Classic style under Display Properties --> Appearance. After looking around under all the menus, i can see that the "Administrater Account" isn't listed under the User Accounts in the Control Panel, and the Windows XP style is completely removed along with all the components. The only idea i've been able to come up with is that the accounts are caught between safe-mode and normal-mode. It would be greatly appreciated if someone could help me solve this minor issue.

Link to post
Share on other sites

After messing around for a few more minutes, it seems like the majority of my drivers arn't working correctly. select few of the USB ports are working but all the others arn't, and the audio driver isn't functioning correctly. i've tried to update/re-install but they keep on telling me that it has failed.

Link to post
Share on other sites

hello

sounds like your in selective startup click on start then run and type msconfig then click ok

when the system configuration utility starts choose normal startup then click ok and it should

ask you to restart the pc

it should fix it as long as theres no other problems sometimes when the pc crashes it will go

into selective startup

:rolleyes:

Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.34

Database version: 1811

Windows 5.1.2600 Service Pack 3

2/27/2009 6:25:39 PM

mbam-log-2009-02-27 (18-25-39).txt

Scan type: Quick Scan

Objects scanned: 67914

Time elapsed: 6 minute(s), 27 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 2

Registry Data Items Infected: 8

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rundll32.exe (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rundll32.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\wave1 (Hijack.Sound) -> Bad: (C:\DOCUME~1\ADMINI~1\APPLIC~1\MACROM~1\Common\8047e04c1.dll) Good: (wdmaud.drv) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\midi1 (Hijack.Sound) -> Bad: (C:\DOCUME~1\ADMINI~1\APPLIC~1\MACROM~1\Common\8047e04c1.dll) Good: (wdmaud.drv) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\mixer1 (Hijack.Sound) -> Bad: (C:\DOCUME~1\ADMINI~1\APPLIC~1\MACROM~1\Common\8047e04c1.dll) Good: (wdmaud.drv) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\aux1 (Hijack.Sound) -> Bad: (C:\DOCUME~1\ADMINI~1\APPLIC~1\MACROM~1\Common\8047e04c1.dll) Good: (wdmaud.drv) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\midi2 (Hijack.Sound) -> Bad: (C:\DOCUME~1\ADMINI~1\APPLIC~1\MACROM~1\Common\8047e04c1.dll) Good: (wdmaud.drv) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\wave2 (Hijack.Sound) -> Bad: (C:\DOCUME~1\ADMINI~1\APPLIC~1\MACROM~1\Common\8047e04c1.dll) Good: (wdmaud.drv) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\aux2 (Hijack.Sound) -> Bad: (C:\DOCUME~1\ADMINI~1\APPLIC~1\MACROM~1\Common\8047e04c1.dll) Good: (wdmaud.drv) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\mixer2 (Hijack.Sound) -> Bad: (C:\DOCUME~1\ADMINI~1\APPLIC~1\MACROM~1\Common\8047e04c1.dll) Good: (wdmaud.drv) -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Documents and Settings\Administrator\Application Data\Macromedia\Common\8047e04c1.dll (Trojan.Agent) -> Quarantined and deleted successfully.

Quick Scan i just finished, doing a full scan now

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.