Jump to content

I am infected


Recommended Posts

Ok, I am a beginner at computers so I will put the information here that I have and hopefully somebody can help. I purchased malwarebytes pro and scanned the computer, but it states everything is ok. I cannot open any programs outside of mozilla firefox and internet explorer (but internet explorer will not load to go anywhere as this virus has changed it to a proxy setting from what I gather thru the research I have done). So I don't believe malwarebytes to be running properly as I think this virus has attached to the malwarebytes file as well. I cannot do any scans or downloads, or right clicks, or regedit, or use any program outside of mozilla firefox.

I am unable to left click on anything as well. This is not the mouse the mouse works properly on another computer. Please help me fix my pc.

I am not able to print anything out either as I cannot download the drivers to the pc. The error I get is not a valid win-32 application. I am not able to reformat the hard drive either as the computer will not recognize the driver.

Link to post
Share on other sites

I have already tried to download this and I CAN'T DOWNLOAD ANY PROGRAMS. They state not a valid win 32 app. I have the virus stopped from running at startup by disabling ROJSTMGT while in safe mode. I have the malwarebytes PRO version. Another thing I would like to add is you can manipulate this virus, anything that you start prior to the virus fully starting will stay opened. If ANYBODY can provide me assistance in fixing the download issues, then maybe I can get rid of this virus. I have spent probably 20 hours so far trying to fix this.

Link to post
Share on other sites

Also I have located one of the files that are infected on the computer under appdata_local a file name ekvxsa with a file obydsftav. This is the antisoft virus, but as I said I am still unable to download anything, but hopefully I will be able to fix this pc before throwing it out the window...

Link to post
Share on other sites

no I am not able to put a removable disk drive in as it won't download the drivers. However, I do believe the antivirus soft to be gone but I am having the issue of not being able to download programs. I believe this to be the Trojan.w32.alureon. As I am not able to download anything it's very difficult to provide you with the information. thanks for your patience. I do have a list I created of some of the registry keys that I think to be linked to this Trojan.w32.alureon if that would be useful.

Link to post
Share on other sites

is that what happens when you stick a usb flash drive in? It should recognize the device and everything. You don't need to update or download anything.

Malwarebytes' Anti-Malware 1.44

Database version: 3741

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18882

2/15/2010 10:46:31 AM

mbam-log-2010-02-15 (10-46-31).txt

Scan type: Full Scan (C:\|D:\|)

Objects scanned: 227291

Time elapsed: 37 minute(s), 52 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Users\Zachary\AppData\Local\VirtualStore\Windows\System32\net.net (Trojan.Downloader) -> Quarantined and deleted successfully.

I think we got the problem fixed finally..... I updated today and wouldn't you know it that malwarebytes found this. I am going to go try to download the steps in the forums now and I will report back...Thanks. I been deleting stuff I don't need from my computer as well so lets see how this does!

Link to post
Share on other sites

:)

Please download and run the following tool to help allow other programs to run. (Courtesy of BleepingComputer.com).

Vista and Win7 users need to right click and choose Run as Admin

rkill.scr

Please post the log. Thanks

I downloaded rkill and when I try to open it says that it can't be opened because it is infected! This is killing me.

Link to post
Share on other sites

It certainly is being persistent. :)

Download Combofix from this webpage: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

--------------------------------------------------------------------

Double click on combofix.exe & follow the prompts.

  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

Note:

Do not mouseclick combofix's window while it's running. That may cause it to stall

Link to post
Share on other sites

It certainly is being persistent. :)

Download Combofix from this webpage: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

--------------------------------------------------------------------

Double click on combofix.exe & follow the prompts.

  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

Note:

Do not mouseclick combofix's window while it's running. That may cause it to stall

Again I am not able to download anything. I am not getting the win32 errer put whatever I download isn't on my desktop. Frustrated to say the least.

Link to post
Share on other sites

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.