Jump to content

Need help regarding a number of issues.


Recommended Posts

I'm having some pretty major issues.. firstly I started having issues with accessing certain websites (eg. google), I noticed a chunk of bandwidth was missing over only 2 days that I know I didn't use, and then asked a friend for some help with it.. he recommended Malwarebytes, after my regular software wasn't picking anything up (AVG).

I attempted to access the Malwarebytes website and that too was inaccessible (ended up getting the software off a different site that didn't seem to be blocked). after I downloaded Malwarebytes I attempted to update and got hit with "Error Code 732", so I ran the scan anyway and found a few things. I figured everything was now okay and finished what I was doing and shut down.

The next day I turned the PC on and more bandwidth was gone, so I decided to look further into things and attempt to continue fixing things myself. I tried a few more virus/spyware software and nothing worked, meanwhile I've been running scans every so often in a futile attempt to clean things up.

In the end I've decided to try here and hopefully avoid a reformat. I started with your DIY fix on "Error Code 732" and that didn't work.

These are the files that I got from the scans:

Malwarebytes' Anti-Malware 1.44

Database version: 3510

Windows 6.0.6001 Service Pack 1

Internet Explorer 8.0.6001.18882

23/03/2010 3:13:16 AM

mbam-log-2010-03-23 (03-13-16).txt

Scan type: Full Scan (C:\|E:\|G:\|)

Objects scanned: 363119

Time elapsed: 1 hour(s), 18 minute(s), 34 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 3

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Windows\System32\spool\prtprocs\w32x86\00007c9c.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Malwarebytes' Anti-Malware 1.44

Database version: 3510

Windows 6.0.6001 Service Pack 1

Internet Explorer 8.0.6001.18882

24/03/2010 12:33:40 AM

mbam-log-2010-03-24 (00-33-40).txt

Scan type: Full Scan (C:\|E:\|G:\|)

Objects scanned: 362022

Time elapsed: 1 hour(s), 10 minute(s), 41 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

Malwarebytes' Anti-Malware 1.44

Database version: 3510

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18882

25/03/2010 1:45:27 AM

mbam-log-2010-03-25 (01-45-27).txt

Scan type: Full Scan (C:\|E:\|G:\|)

Objects scanned: 363837

Time elapsed: 1 hour(s), 18 minute(s), 24 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 2

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe (Security.Hijack) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe (Security.Hijack) -> Delete on reboot.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Malwarebytes' Anti-Malware 1.44

Database version: 3510

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18882

26/03/2010 12:13:50 AM

mbam-log-2010-03-26 (00-13-50).txt

Scan type: Full Scan (C:\|E:\|G:\|)

Objects scanned: 363946

Time elapsed: 1 hour(s), 24 minute(s), 15 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 2

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe (Security.Hijack) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe (Security.Hijack) -> Delete on reboot.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Any help you can give would be greatly appreciated.

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.