Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Multiple Problems ..started with Antivirus XP Pro


  • Please log in to reply

#1
Meagen Q

Meagen Q

    New Member

  • Member
  • Pip
  • 1 posts
Last week I noticed that I was infected with Antivirus XP Pro. I did my best to delete it off my computer. It doesn't pop up in the toolbar anymore, my desktop is back to normal, and I'm able to use the task manager.
After I thought I was done with that virus, I've come to find that my internet was disabled. It said in the toolbar that I was connected, but I couldn't browse. I read a view posts and downloaded Winsockfix. That seemed to fix it for a few minutes after restarting, but then it would continue not working.
Now, ANOTHER problem, my internet seems to be working (at least MOST of the time) but when it does work, it is extremely slow. I also have the redirecting problem . I'm not sure if any of these problems are related, but I'm about to pull my hair out. I'm unable to download Hijackthis, but I have attached a Malwarebyte's log. PLEASE HELP! Thanks!

Malwarebytes' Anti-Malware 1.36
Database version: 2154
Windows 5.1.2600 Service Pack 2

5/19/2009 12:39:03 PM
mbam-log-2009-05-19 (12-39-03).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 183820
Time elapsed: 26 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 2
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 7

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\Temp\msb.dll (Trojan.FakeAlert) -> Delete on reboot.

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c2ba40a1-74f3-42bd-f434-12345a2c8953} (Trojan.Ertfor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2ba40a1-74f3-42bd-f434-12345a2c8953} (Trojan.Ertfor) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\autochk (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\autochk (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\lmn_setup.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\autochk.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Derek.QUAVELAPTOP\protect.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Derek.QUAVELAPTOP\Start Menu\Programs\Startup\ChkDisk.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Derek.QUAVELAPTOP\Start Menu\Programs\Startup\ChkDisk.lnk (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\nsrbgxod.bak (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\Temp\msb.dll (Trojan.FakeAlert) -> Delete on reboot.
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP