Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Infection (non spy-,mal-ware)


  • Please log in to reply
3 replies to this topic

#1 v13rr0

v13rr0

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:23 PM

Posted 28 June 2012 - 09:10 AM

I think my unit has been infected. I am currently running on Windows XP.

The problem started about 5-6 days ago. I first noticed something strange when my iTunes acted highly laggy, crashed when attempted to minimise or "show in windows explorer" option on songs. Then, DotA crashed when loading maps or loading save game.
From then, I had run updated Spybot S&D and Malwarebytes scans with nothing showing up and also "repairing" windows twice using the XP disc that came with my laptop before doing a full reformatting of drive C: (where my Windows is) and a complete reinstallation of Windows.

From all 3 attempts at purging whatever is haunting my laptop, there has been a rather steady pattern to how things roll out after.
Everything will seem normal and well initially. iTunes doesn't do anything weird anymore but after about 2-3 hours of usage, internet connectivity will fail (i.e. it says that it's connected but webpages refuse to load when at the same time other devices within the vicinity of the laptop can access and utilise the same connection(wireless) ). Also, on and off, Warcraft III(when opened) will pop up with an error message saying that the sound system isn't working and sound has been disabled.

Lastly, at the low point I would attempt to shut down or restart the laptop (I find that once restarted, things will seem fine but it's actually just the same cycle mentioned above) it refuses to do anything until I do a force shut down. The last few times, when I decided to wait it out, it pops up with a message to say it cannot end the Dell Touchpad program properly and asks if I want to end it now. It doesn't make a difference either way.

Please advice.
Thank you.

BC AdBot (Login to Remove)

 


#2 ElFasso

ElFasso

  • Members
  • 229 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:07:23 AM

Posted 28 June 2012 - 10:13 AM

Can you provide the last MBAM (Malwarebytes' Anti-Malware) scan log?

Note: Spybot S&D is no longer recommended for spyware/malware. (Because of low detection ratio < 50%)

#3 v13rr0

v13rr0
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:23 PM

Posted 29 June 2012 - 02:27 AM

The previous logs are from before re-formattting. So I re-scanned and these are the logs. 1st one detected something (I think maybe the last MBAM I used was outdated). I removed it and the laptop seemed to do much better. Then after about half a day or so it deteriorated again.

BEFORE
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.28.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Ai.Paul :: CNIX-535F7841C3 [administrator]

29/06/2012 2:36:49 AM
mbam-log-2012-06-29 (04-00-11).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 262006
Time elapsed: 1 hour(s), 16 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

AFTER
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.28.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Ai.Paul :: CNIX-535F7841C3 [administrator]

29/06/2012 8:24:14 AM
mbam-log-2012-06-29 (08-24-14).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 320222
Time elapsed: 1 hour(s), 46 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

I hope I did it right.

#4 ElFasso

ElFasso

  • Members
  • 229 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:07:23 AM

Posted 29 June 2012 - 05:12 AM

Run Eset online scanner;

Note: You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin
Go to the Eset web page to run an online scanner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options
  • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • Click on copy to clipboard or copy and paste the results here in this topic





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users