TechSpot

My Computer running windows xp seems infected

By Carnarvaro
Apr 27, 2013
  1. I have my computer running windows xp professional (Computer is a Dell Latitiude D610) and it connected once to internet (via wireless) and then after then it no longer connects. I believe it is infected by a virus as the person who used it says she did not at any point scan for viruses. I have followed the instructions on http://www.techspot.com/community/t...lware-removal-preliminary-instructions.58138/ and will be posting the virus logs soon after. I will be as prompt as possible coz I need to get this fixed as soon as possible so as to continue working on it. Thank you for all the help and support!!!!!
     
  2. Broni

    Broni Malware Annihilator Posts: 52,897   +344

    Waiting for logs...

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
     
  3. Carnarvaro

    Carnarvaro TS Rookie Topic Starter Posts: 31

    I managed to get the first log, but for the DDS logs , it seems to lag and take long to finish when it reaches please wait...
     
  4. Carnarvaro

    Carnarvaro TS Rookie Topic Starter Posts: 31

    Malwarebytes Anti-Malware (Trial) 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.04.04.07

    Windows XP Service Pack 2 x86 NTFS
    Internet Explorer 6.0.2900.2180
    Mugisha :: USER-25144EC0F8 [administrator]

    Protection: Enabled

    4/27/2013 1:26:00 PM
    mbam-log-2013-04-27 (13-26-00).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 188065
    Time elapsed: 9 minute(s), 45 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 2
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|servieca.vbe (Trojan.Banker) -> Data: "C:\DOCUME~1\Mugisha\LOCALS~1\Temp\servieca.vbe" -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|servieca.vbe (Trojan.Banker) -> Data: "C:\DOCUME~1\Mugisha\LOCALS~1\Temp\servieca.vbe" -> Quarantined and deleted successfully.

    Registry Data Items Detected: 3
    HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
    HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
    HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 1
    C:\Documents and Settings\Mugisha\Local Settings\Temp\servieca.vbe (Trojan.Banker) -> Delete on reboot.

    (end)
     
  5. Carnarvaro

    Carnarvaro TS Rookie Topic Starter Posts: 31

    I will keep trying to make sure I get the DSS logs. Thank you very much
     
  6. Broni

    Broni Malware Annihilator Posts: 52,897   +344

    Let me know...
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...