decaff Posted September 30, 2009 ID:135651 Share Posted September 30, 2009 I recently got somehow infected with a trojan that simply kept popping up on my Windows security for deletion, repeatedly. So I ran an AVG free full system scan which turned up nothing. Concerned I searched the internet for help and came across Malwarebytes and decided to use it, however upon clicking "Quick Scan" just after installation it froze for a second and then closed, whenever I subsequently attempt to use Malwarebytes I get the message "Windows cannot access the specified..." you know how it goes.So upon browsing these forums I saw the instructions for running combofix, so I did. Afterwards however I found I could not run anything at all outside of safe mode, getting a registry key modification warning bubble. I do however have the combofix log:ComboFix 09-09-29.02 - Andy 30/09/2009 10:06.1.4 - NTFSx86Microsoft Link to post Share on other sites More sharing options...
decaff Posted September 30, 2009 Author ID:135668 Share Posted September 30, 2009 Small update, managed to get Mbam working by installing it again and running it in safe mode, a quick scan found one file which I chose to delete. Here's the log:Malwarebytes' Anti-Malware 1.41Database version: 2876Windows 6.0.6001 Service Pack 1 (Safe Mode)30/09/2009 12:06:37mbam-log-2009-09-30 (12-06-37).txtScan type: Quick ScanObjects scanned: 81259Time elapsed: 6 minute(s), 13 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 1Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:C:\Windows\win32k.sys (Trojan.Dropper) -> Quarantined and deleted successfully. Link to post Share on other sites More sharing options...
sjpritch25 Posted October 2, 2009 ID:136864 Share Posted October 2, 2009 Welcome to Malwarebytes!!!! Please download Win32kDiag.exe by AD to your Desktop.Double-click on Win32kDiag.exe.It will create Win32kDiag.txt on your Desktop.In your next reply, please include the log. Thanks Link to post Share on other sites More sharing options...
Recommended Posts