Malwarebytes keeps finding password.stealer

Inactive
By Tooji
Aug 14, 2010
Topic Status:
Not open for further replies.
  1. Tooji

    Tooji Newcomer, in training Topic Starter Posts: 31

    wow the test has been going another 15 hours and seems to be stuck again on something else.

    Do you reccomend a full disk defragmentation?
  2. Broni

    Broni Malware Annihilator Posts: 46,177   +251

    You can try that and also run TFC to get rid of garbage.
  3. Tooji

    Tooji Newcomer, in training Topic Starter Posts: 31

    Okay finally got Dr Web to Work , no viruses found :/

    Lol I dont know if thats good or bas anymore

    Im running a FULL scan of Malwarebytes

    Il report back to you in the morning

    sorry for the delay Ive been trying to finally secure my accounts (from an uninfected computer) and get this dr web cure to work

    thanks for all the help so far and I hope you can still help out,
  4. Broni

    Broni Malware Annihilator Posts: 46,177   +251

    I'm still around :)

    When you have a chance....

    1. Download TDSSKiller and save it to your desktop.
    • Extract (unzip) its contents to your desktop.
    • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

    2. Please download The Avenger by Swandog46 to your Desktop.
    - Right click on the Avenger.zip folder and select Extract All...
    - Follow the prompts and extract the avenger folder to your desktop

    Double click on avenger.exe.
    Click OK in pop-up window.

    Avenger window will open.

    Click on Execute button.
    Click OK in two consecutive pop-up windows.

    Your computer will re-boot now.

    Upon re-boot, Notepad window will open.
    Select all text, copy it, and paste it into next reply.

    NOTE. If the log doesn't open on reboot, open Avenger again, and go File>Open Log File.
  5. Tooji

    Tooji Newcomer, in training Topic Starter Posts: 31

    Sorry I went away for a bit, been really busy with school starting up.

    alright so I ran

    TDSSKiller with 1 suspicious file found

    Log is included

    I've been having problems running the avenger, it runs but at reboot the log file does not come up and when I follow your step to retrieve it sais that there is none.
    ( I think Spybot might be conflicting with it as it takes over the startup, though I tried disabling it and it still didn't work)

    Anyways the first time I was just about to reboot after running it AVG detected a virus.

    FILENAME: C:\WINDOWS\SYSWOW64\DRIVERS\BCVE.SYS

    THREAT NAME: Win32.Agent.fu

    CATEGORY: Malware

    Attached Files:

  6. Broni

    Broni Malware Annihilator Posts: 46,177   +251

    That file found by TDSSKiller is legit (sptd.sys)

    Did you remove, what AVG found?

    But, I took another look at Process Explorer log and I saw something, what I didn't see before.
    Sometimes, you need a fresh look, I guess.
    Some SolutoService.exe process from Soluto Anti-Frustration Software is using 50 % of your CPU.

    I have no idea what it is, but please, uninstall it, restart computer and post fresh PE log.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.