Hi there,
Seem to be infected again. Sympotoms include re-directs, IE crashes, Firefox wont load and Avira hangs.
also cant get onto the websites required to download .exe fles to run the five steps so have ported them over from another machine using a USB
drive.
Malware bytes and gmer logs below, DDS keeps crashing on me prior to producing a report.
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8094
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
06/11/2011 21:54:30
mbam-log-2011-11-06 (21-54-30).txt
Scan type: Quick scan
Objects scanned: 193641
Time elapsed: 3 minute(s), 44 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MICORSOFT_WINDOWS_SERVICE (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Micorsoft Windows Service (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-11-06 22:55:42
Windows 6.0.6001 Service Pack 1
Running: fcrmpnvc.exe; Driver: C:\Users\Anna\AppData\Local\Temp\agloapod.sys
---- Files - GMER 1.0.15 ----
File C:\Users\Anna\AppData\Local\lkmddrbr\tqepnuhi.exe 113807 bytes executable
File C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tqepnuhi.exe 113807 bytes executable
---- EOF - GMER 1.0.15 ----
Seem to be infected again. Sympotoms include re-directs, IE crashes, Firefox wont load and Avira hangs.
also cant get onto the websites required to download .exe fles to run the five steps so have ported them over from another machine using a USB
drive.
Malware bytes and gmer logs below, DDS keeps crashing on me prior to producing a report.
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8094
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
06/11/2011 21:54:30
mbam-log-2011-11-06 (21-54-30).txt
Scan type: Quick scan
Objects scanned: 193641
Time elapsed: 3 minute(s), 44 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MICORSOFT_WINDOWS_SERVICE (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Micorsoft Windows Service (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-11-06 22:55:42
Windows 6.0.6001 Service Pack 1
Running: fcrmpnvc.exe; Driver: C:\Users\Anna\AppData\Local\Temp\agloapod.sys
---- Files - GMER 1.0.15 ----
File C:\Users\Anna\AppData\Local\lkmddrbr\tqepnuhi.exe 113807 bytes executable
File C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tqepnuhi.exe 113807 bytes executable
---- EOF - GMER 1.0.15 ----