Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My computer may be infected with a trojan [Multiple Logs]


  • Please log in to reply

#1
AlienwareAurora

AlienwareAurora

    New Member

  • Member
  • Pip
  • 7 posts
hello, yesterday I may have been infected.
I was on a forum and someone posted a link so I clicked it, and Java opened up, this is known as a driveby, and I think I got infected by it.
1.My issues are:

computer startup is slow
computer has occasional hiccups 10 minutes after startup
NOD32 give me a trojan alert but can't fix it.
Posted Image

When I click on clean this happens
Posted Image

2.My MBAM log:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4875

Windows 6.1.7600 Service Pack 3
Internet Explorer 8.0.7600.16385

10/18/2010 5:25:33 PM
mbam-log-2010-10-18 (17-25-33).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 741388
Time elapsed: 2 hour(s), 53 minute(s), 10 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

3.My OTL log:

http://tinypaste.com/587896

4.My GMER log:

GMER 1.0.15.15472 - http://www.gmer.net
Rootkit scan 2010-10-18 18:55:16
Windows 6.1.7600 Service Pack 3
Running: dxwkpvb7.exe

---- Registry - GMER 1.0.15 ----

Reg   HKLM\SYSTEM\CurrentControlSet\services\sptd\[email protected]    771343423
Reg   HKLM\SYSTEM\CurrentControlSet\services\sptd\[email protected]    285507792
Reg   HKLM\SYSTEM\CurrentControlSet\services\sptd\[email protected]    2
Reg   HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED6141  
Reg   HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED6141  1
Reg   HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED6141  0x22 0x85 0x32 0x40 ...
Reg   HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A  
Reg   HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A  0x00 0x00 0x00 0x00 ...
Reg   HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A  0
Reg   HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A  0xF1 0x63 0x96 0x73 ...
Reg   HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A  C:\Program Files (x86)\DAEMON Tools Lite\
Reg   HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A  
Reg   HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A  0x20 0x01 0x00 0x00 ...
Reg   HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A  0x31 0x01 0xE6 0xB9 ...
Reg   HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A  
Reg   HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A  0x1C 0xD5 0x56 0xDE ...
Reg   HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF  
Reg   HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF  0x20 0x01 0x00 0x00 ...
Reg   HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF  0x31 0x01 0xE6 0xB9 ...
Reg   HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF  
Reg   HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF  0x1C 0xD5 0x56 0xDE ...
Reg   HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\  
Reg   HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\  0x61 0x62 0x67 0x6E ...
Reg   HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\  0x65 0x62 0x68 0x6C ...
Reg   HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags  1

---- Files - GMER 1.0.15 ----

File  C:\Users\Josue\AppData\Local\Temp\etilqs_adSdfCFm8NTeTdddjbpP  0 bytes
File  C:\Users\Josue\AppData\Local\Temp\etilqs_Y18qhw3jVjGagFfkxBag  0 bytes

File  C:\Users\Josue\AppData\Local\Temp\fla43D6.tmp     1418596 bytes
File  C:\Users\Josue\AppData\Local\Temp\flaF9A6.tmp     2608911 bytes

---- EOF - GMER 1.0.15 ----

Issues encountered:
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP