Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

api-ms-win-core-memory-l1-1-032 Virus/Trojan


  • Please log in to reply
4 replies to this topic

#1 ChibiStar

ChibiStar

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 21 August 2011 - 12:23 PM

This is funny.. this is the EXACT problem I am having right now and the whole reason I registered with the website since I am about to format the damned thing but am afraid that if I backup the files I do have that somehow the root cause will come with it and repeat the whole process. Have run Malwarebytes and combofix in regular mode and safe mode. Tried to killbox the files etc. Each time tells me they are removed and then that is it but as soon as I restart the computer they come back. I have gone through my computer with a fine toothed comb and everything comes back fine.

I have noticed a bit of lag with it and occasional drops in connectivity. Any help is appreciated since I really don't want to go with a reinstall and I am sure the OP could use the help too!

BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:53 PM

Posted 21 August 2011 - 04:53 PM

ChibiStar, I have split your post out and made it it's own topic. This is to avoid confusion.

Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them. Also post your Combofix log.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 ChibiStar

ChibiStar
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 21 August 2011 - 05:03 PM

Thanks :) Will post the info as soon as I get out of safe mode.. Giving it a try with Sophos and manually going through the registry. Seemed to find a few things referencing the particular files so we'll see if this works. If not will post the info in a few minutes here.

#4 ChibiStar

ChibiStar
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 21 August 2011 - 05:32 PM

Well that did it! Problem thankfully is fixed. After everything would just detect a few files here and there in the end it would miss some of the core viral files and then of course there were several registry entries that slipped past everything~ System running perfectly now! Thanks for the help anyways :)

#5 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:53 PM

Posted 21 August 2011 - 05:55 PM

:thumbup2:
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users