Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

0034.DLL & BTKeyInd.dll & js3250.dll Malware/Virus removal help


  • Please log in to reply
1 reply to this topic

#1 electronics4u

electronics4u

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:27 PM

Posted 15 February 2010 - 11:08 AM

Hello,

I seemed to infected my pc through a peer to peer site. Specifically my web browsers close automatically right after opening. Updating Spyware programs has proved to be very difficult since I can't stay on the net. I went to firefox.com and through their support I ran a crash test which the results can be viewed here:
http://crash-stats.mozilla.com/report/inde...14-c2c442100215

(If you review the modules tab, you see the files I listed in the subject of this post.

I have read a few posts on your boards and am trying to get rid of some bugs on my PC. I ran the following:

Malwarebytes' Anti-Malware ( I could not connect to get the latest version freaking bug stopped my connection.) and the log is below....a note though...when I tried to let it complete the final steps to re-boot my pc...the thing shut down so I am not sure it completed its steps:

Malwarebytes' Anti-Malware 1.44
Database version: 3510
Windows 6.0.6000
Internet Explorer 7.0.6000.16982

2/15/2010 1:10:47 AM
mbam-log-2010-02-15 (01-10-47).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 284075
Time elapsed: 1 hour(s), 24 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 8

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cftmon (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eqavixiwuhuqerof (Trojan.Agent.U) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rfaraxeyuvasax (Trojan.Agent.U) -> Delete on reboot.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Users\electronics4u\AppData\Local\Temp\zZwYUIl8.exe.part (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Users\electronics4u\AppData\Local\Temp\AHdf2Apt.exe.part (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\gxvu.exe (Trojan.Agent) -> Delete on reboot.
C:\Windows\System32\spool\prtprocs\w32x86\00007484.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\electronics4u\AppData\Local\apavanoq.dll (Trojan.Agent.U) -> Delete on reboot.
C:\Users\electronics4u\AppData\Local\tspexrty.dll (Trojan.Agent.U) -> Delete on reboot.




I also ran Super AntiSpyware...cleaned out a bunch of tracking cookies....

Can you guys help me to clean this machine?

Thanks...

BC AdBot (Login to Remove)

 


#2 electronics4u

electronics4u
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:27 PM

Posted 15 February 2010 - 02:23 PM

OK, Update...I ran a restore point to beforethe point that I I believe was the culprit of the issue...below is the newest log of MBAM:

Malwarebytes' Anti-Malware 1.44
Database version: 3741
Windows 6.0.6000
Internet Explorer 7.0.6000.16982

2/15/2010 1:20:28 PM
mbam-log-2010-02-15 (13-20-28).txt

Scan type: Quick Scan
Objects scanned: 112418
Time elapsed: 5 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


I think that this means that I am clean...what do you think?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users