Jump to content

Malwarebytes finally removed uacinit.dll.....but something is still wrong


Recommended Posts

Hey Guys,

On sunday my computer was infected, so after some research, I ran malwarebytes and found some bad stuff. I ran malwarebytes a couple more times, and finally got the uacinit.dll deleted. The problem is my computer is still acting wierd. My Norton antivirus still will not run past 6000 files. Here is the first malwarebytes log and the last with the uacinit.dll deleted.

Any help will be much appreciated.

Thanks,

Knox

Malwarebytes Log #1

Malwarebytes' Anti-Malware 1.40

Database version: 2594

Windows 5.1.2600 Service Pack 2 (Safe Mode)

8/10/2009 6:24:17 PM

mbam-log-2009-08-10 (18-24-17).txt

Scan type: Full Scan (C:\|D:\|E:\|)

Objects scanned: 279121

Time elapsed: 45 minute(s), 31 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Delete on reboot.

Malwarebytes #2

Malwarebytes' Anti-Malware 1.40

Database version: 2594

Windows 5.1.2600 Service Pack 2 (Safe Mode)

8/10/2009 9:00:36 PM

mbam-log-2009-08-10 (21-00-36).txt

Scan type: Full Scan (C:\|D:\|E:\|)

Objects scanned: 279452

Time elapsed: 45 minute(s), 6 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 8

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\system32\UACfdopboiooy.dll (Trojan.TDSS) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\UACmlasqtenbo.dll (Trojan.TDSS) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\UACvdeksaxfqp.dll (Trojan.TDSS) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\UACyibrwhoyqj.dll (Rogue.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\UACayiasmknbx.sys (Trojan.TDSS) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\UACcgbojnoejt.dat (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\UACsleqeuptrm.dll (Trojan.Agent) -> Quarantined and deleted successfully.

Link to post
Share on other sites

Hi kjolly7 And Welcome to Malwarebytes!

Download RootRepeal:

http://rootrepeal.googlepages.com/RootRepeal.zip

  • Extract the archive to a folder you create such as C:\RootRepeal
  • Double-click RootRepeal.exe to launch the program (Vista users should right-click and select "Run as Administrator).
  • Click the "File" tab (located at the bottom of the RootRepeal screen)
  • Click the "Scan" button
  • In the popup dialog, check the drives to be scanned - making sure to check your primary operating system drive - normally C:
  • Click OK and the file scan will begin
  • When the scan is done, there will be files listed, but most if not all of them will be legitimate
  • Click the "Save Report" Button
  • Save the log file to your Documents folder
  • Post the content of the RootRepeal file scan log in your next reply.

Link to post
Share on other sites

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.