Can anyone help me with this? I am currently running ESET NOD32 AV4. I already did MBAM and got this report:
Malwarebytes' Anti-Malware 1.41
Database version: 2991
Windows 5.1.2600 Service Pack 3
10/20/2009 6:39:10 AM
mbam-log-2009-10-20 (06-39-10).txt
Scan type: Full Scan (C:\|)
Objects scanned: 210482
Time elapsed: 31 minute(s), 18 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 4
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\Explore.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system\services.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
C:\WINDOWS\winlogon.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\System.exe (Trojan.Agent) -> Quarantined and deleted successfully.
I still got the problem after MBAM. But I think I narrowed down the problem a bit.
I cant see a thing when I browse through Device Manager, is this a bad sign? Plus at the System Restore tab, it says that C: is offline or something. I am currently scanning SAS though, I still have a problem trying to get the sounds back up again. The computer now beeps when it comes to notifications and such after scanning. sad.gif
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 10/20/2009 at 09:12 AM
Application Version : 4.29.1004
Core Rules Database Version : 3904
Trace Rules Database Version: 1849
Scan type : Complete Scan
Total Scan Time : 00:52:09
Memory items scanned : 361
Memory threats detected : 0
Registry items scanned : 5560
Registry threats detected : 5
File items scanned : 97696
File threats detected : 3
Adware.Tracking Cookie
C:\Documents and Settings\Janseen\Cookies\janseen@richmedia.yahoo[1].txt
Browser Hijacker.Deskbar
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid32
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib#Version
Adware.Vundo/Variant-MSFake
C:\WINDOWS\SYSTEM32\SPOILER.EXE
C:\WINDOWS\Prefetch\SPOILER.EXE-08BB9978.pf
EDIT: Added other post
Edited by garmanma, 21 October 2009 - 08:00 PM.