Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Need to reopen a previous topic

Started by joczr21 , Apr 29 2012 09:26 PM

  • This topic is locked This topic is locked

#1
joczr21
Posted 29 April 2012 - 09:26 PM

joczr21

    Member

  • Member
  • PipPip
  • 13 posts
I just got through going through the process of fixing my computer under the topic "Really bad malware/virus need some help". It has only been a few days and I have not downloaded anything but something is going on. I ran Malwarebytes and it found 8 items. I would so appreciate help in fixing this. I am posting the logfile of the Malwarebytes run.

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.30.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
John O. B. Cole :: JOHNOBCOLE-PC [administrator]

4/29/2012 9:23:03 PM
mbam-log-2012-04-29 (21-23-03).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 296663
Time elapsed: 46 minute(s), 47 second(s)

Memory Processes Detected: 1
C:\Users\John O. B. Cole\AppData\Local\dplaysvr.exe (Trojan.Agent) -> 972 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dplaysvr (Trojan.Agent) -> Data: C:\Users\John O. B. Cole\AppData\Local\dplaysvr.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dplaysvr (Trojan.Agent) -> Data: C:\Users\John O. B. Cole\AppData\Local\dplaysvr.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|DATA4F8.tmp.exe (Trojan.FakeAlert) -> Data: C:\Users\JOHNOB~1.COL\AppData\Local\Temp\DATA4F8.tmp.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Users\John O. B. Cole\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M4QSESUN\3[1].exe (Trojan.CleaMan.TxGen) -> Quarantined and deleted successfully.
C:\Users\John O. B. Cole\AppData\Local\dplaysvr.exe (Trojan.Agent) -> Delete on reboot.
C:\Users\John O. B. Cole\Local Settings\Application Data\dplaysvr.exe (Trojan.Agent) -> Delete on reboot.
C:\Users\John O. B. Cole\AppData\Local\temp\DATA4F8.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

(end)
  • 0

Advertisements

#2
RKinner
Posted 29 April 2012 - 10:42 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
I've reopened your old topic. Post this log there. I'm sure a new OTL log would also be useful. I'm going to close this one.

Ron
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP