Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spyware/Malware causing not to go online using Firefox or IE - also task manager has been locked(somehow)


  • This topic is locked This topic is locked
1 reply to this topic

#1 Faria_85

Faria_85

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:50 PM

Posted 07 January 2009 - 08:59 PM

Hello,
Couple of days ago my laptop (Windows XP 2000)got affected by bad spy/malwares. Here are the symptoms:
1. Getting Task manager has been disabled by administrator error message when typing cntrl+alt+del or right clicking on the task bar
2. My wireless connestion is fine, but I can't go online using firefox or IE. Note: I have an application called "Free Call" which uses internet to make calls and this works fine, thus I believe that my internet connection is fine.
3. I was frustrated with not being able to go to the internet(!!!!!), so I ran Malwarebytes' Anti-Malware 1.28 and Super AntiSypware (hope it was allright to run these).
4. I was not able to update them before running the scan as it would not allow to do so. So I ran with whatever version I already had on my laptop. After the Super AntiSypware scan was done, I was not able to do a clean reboot as asked so had to do a hard shut down.

Is my laptop totally doomed? :thumbsup:
Thanks a lot!

Here are the log files:

==============
Malwarebytes' Anti-Malware 1.28
Database version: 1139
Windows 5.1.2600 Service Pack 2

1/7/2009 3:39:12 AM
mbam-log-2009-01-07 (03-39-12).txt

Scan type: Quick Scan
Objects scanned: 61739
Time elapsed: 8 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\userinit.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\userinit.exe -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

================
SuperAntiSpyware Scan Log
Generated 01/07/2009 at 5:21 AM

Application Version : 4.21.1004

Core Rules Database Version : 3696
Trace Rules Database Version : 1672

Scan Type: Quick Scan
Total Scan Time : 00:45:58

Adware.Vundo. Variant/Rel
HKLM\SOFTWARE\MICROSOFT\ MS JUAN
HKLM\SOFTWARE\MICROSOFT\ MS JUAN#RID
HKLM\SOFTWARE\MICROSOFT\ MS Track System
HKLM\SOFTWARE\MICROSOFT\ MS Track System#Uid

Rogue.Component/Trace
HKU\S-1-5-21-796845957-1897051121-725345543-1003\software\Microsoft\FIAS4018

BC AdBot (Login to Remove)

 


#2 Faria_85

Faria_85
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:50 PM

Posted 14 January 2009 - 04:48 AM

Please close this topic - decided to do a fresh XP install. Thanks.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users