Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware Removal And Computer Started To Act Weird!


  • Please log in to reply
3 replies to this topic

#1 chow2rich

chow2rich

  • Members
  • 218 posts
  • OFFLINE
  •  
  • Local time:06:43 PM

Posted 08 July 2008 - 01:08 AM

Several days after Malware Removal, my computer started to become very slow. My computer is using Windows Vista Business. Please read the entire information below. Here is the Malware removal log:

Malwarebytes' Anti-Malware 1.19
Database version: 909
Windows 6.0.6001 Service Pack 1

3:13:39 PM 6/30/2008
mbam-log-6-30-2008 (15-13-39).txt

Scan type: Quick Scan
Objects scanned: 39322
Time elapsed: 6 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\battle.net (Trojan.FakeAlert) -> Quarantined and deleted successfully.
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\diablo (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Weather Services (Adware.Hotbar) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Users\Richard Chow\AppData\Roaming\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Users\Richard Chow\AppData\Roaming\RegistrySmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Users\Richard Chow\AppData\Roaming\RegistrySmart\Registry Backups (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

Files Infected:
C:\Windows\System32\drivers\winlogon.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Windows\bnetunin.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Windows\diabunin.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Richard Chow\AppData\Roaming\RegistrySmart\Log\2008 Mar 09 - 02_53_08 PM_553.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Users\Richard Chow\AppData\Roaming\RegistrySmart\Log\2008 Mar 09 - 02_53_15 PM_281.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Users\Richard Chow\AppData\Roaming\RegistrySmart\Registry Backups\2008-03-09_14-54-20.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

Edited by Orange Blossom, 08 July 2008 - 05:32 PM.
Move to more appropriate forum. ~ OB


BC AdBot (Login to Remove)

 


#2 chow2rich

chow2rich
  • Topic Starter

  • Members
  • 218 posts
  • OFFLINE
  •  
  • Local time:06:43 PM

Posted 13 July 2008 - 12:33 PM

Now it's not slow anymore, I used Spyware Doctor to remove Application.Tracking Cookies or something like that. But anyway it's back to normal now.

#3 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:06:43 PM

Posted 13 July 2008 - 02:23 PM

Please rerun MBAM after rebooting and make sure it comes up clean
Chewy

No. Try not. Do... or do not. There is no try.

#4 chow2rich

chow2rich
  • Topic Starter

  • Members
  • 218 posts
  • OFFLINE
  •  
  • Local time:06:43 PM

Posted 17 July 2008 - 10:58 PM

Sorry to reply so late, very busy with work. I restarted my computer and scanned and found the followings and also now my computer is slow again. I don't understand why. I used Regcure and PC Doc Pro 3.5 to repair my registry and others. Can anyone tell me why my computer is so slow? And my Internet Connection keeps going bad. I think it has something to do with the malware. Here is the scan log of MBAM:

Malwarebytes' Anti-Malware 1.19
Database version: 909
Windows 6.0.6001 Service Pack 1

3:08:27 AM 18/07/2008
mbam-log-7-18-2008 (03-08-27).txt

Scan type: Full Scan (C:\|D:\|E:\|)
Objects scanned: 200430
Time elapsed: 3 hour(s), 19 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Windows\java\java.log\svchost.exe (Adware.Agent) -> Quarantined and deleted successfully.

Edited by chow2rich, 18 July 2008 - 06:26 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users