Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Something infected my PC

  • Please log in to reply
No replies to this topic

#1 razikain


  • Members
  • 7 posts
  • Local time:04:03 PM

Posted 18 February 2010 - 09:55 PM

I was suspecting that my computer was infected because of some problems I'm having with my internet connection (General reduced speed, I can't connect to MSN Messenger, can't connect to IRC), so I updated my Malwarebytes Anti-Malware and ran a scan, but the program froze. So I tried to download Combofix to my desktop, and everytime the download finishes an error appears and Combofix isn't there. And even if there is no error, Combofix doesn't appear at the desktop. That made me sure something is wrong here. Please help me.


I ran MBAM in safe mode and found some things. The log is as follows. Also, I found out that the folder "D:\System Volume Information" is out of reach, I can't access it.
UPDATE: I found a way to access it. The files detected by MBAM weren't there anymore.

Also, Desktop became a read-only folder and I can't modify it, even deleting Thumbs.db. I'm trying to download different kinds of files to the Desktop to make sure it only rejects Combofix.
UPDATE:It seems only Combofix is rejected. Only Combofix seems to be rejected not only by the Desktop, but by other folders too. Is there any problem with its download links?

---------------------------------MBAM LOG----------------------------------------------

Malwarebytes' Anti-Malware 1.44
Versão do banco de dados: 3759
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

19/2/2010 02:54:08
mbam-log-2010-02-19 (02-54-08).txt

Tipo de Verificação: Completa (C:\|D:\|)
Objetos verificados: 290925
Tempo decorrido: 1 hour(s), 6 minute(s), 38 second(s)

Processos da Memória infectados: 0
Módulos de Memória Infectados: 0
Chaves do Registro infectadas: 0
Valores do Registro infectados: 0
Ítens do Registro infectados: 0
Pastas infectadas: 0
Arquivos infectados: 3

Processos da Memória infectados:
(Nenhum ítem malicioso foi detectado)

Módulos de Memória Infectados:
(Nenhum ítem malicioso foi detectado)

Chaves do Registro infectadas:
(Nenhum ítem malicioso foi detectado)

Valores do Registro infectados:
(Nenhum ítem malicioso foi detectado)

Ítens do Registro infectados:
(Nenhum ítem malicioso foi detectado)

Pastas infectadas:
(Nenhum ítem malicioso foi detectado)

Arquivos infectados:
D:\System Volume Information\_restore{DB574FDE-409A-4E6E-8A20-8D0D54DA81B3}\RP30\A0005152.exe (Trojan.Banker.Gen) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{DB574FDE-409A-4E6E-8A20-8D0D54DA81B3}\RP30\A0005154.exe (Trojan.Banker.Gen) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{DB574FDE-409A-4E6E-8A20-8D0D54DA81B3}\RP30\A0005156.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.

----------------------------------------------END OF MBAM LOG-------------------------------------------------------

Edited by razikain, 19 February 2010 - 03:11 AM.

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users