Home > General > TrojanDownloader(LMPPCSETUP.EXE)system32


D:\Documents and Settings\Vlad\Start Menu\Programs\Startup\ChkDisk.dll (Worm.Autorun) -> Quarantined and deleted successfully. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List When the scan is complete, make sure that all Threats are selected, and click Remove Selected. check over here

I can now browse to the pic from desktop properties and get the same result - that wasn't working earlier. alternate download link DO NOT use yet. D:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\ChkDisk.dll (Worm.Autorun) -> Quarantined and deleted successfully. Thread Status: Not open for further replies.

The computer's back up to normal speed, and I haven't had any weird popups or other issues. What do I do? Sign In Sign In Remember me Not recommended on shared computers Sign in anonymously Sign In Forgot your password?

These were my results Malwarebytes -Log Details- Scan Date: 3/5/17 Scan Time: 2:28 PM Logfile: Administrator: Yes -Software Information- Version: Components Version: 1.0.50 Update Package Version: Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dllO2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Back to top #3 Cran Cran Member Full Member 21 posts Posted 01 May 2009 - 02:58 PM Hi! Here are the asked-for logs. (Note: I cannot provide a Spybot log, as the program freezes ("not responding") about 1/4 of the way into the scan and I have to ctrl-alt-del.

Please try the request again. NOTE:Sometimes if ESET finds no infections it will not create a log. "Every atom in your body came from a star that exploded and the atoms in your left hand probably Back to top #2 jedi jedi aequam memento rebus in arduis servare mentem Retired Staff 15,830 posts Posted 01 May 2009 - 03:16 AM Hi,At least one of the infections on Google Chrome (my default browser) is VERY slow to load, and it takes a long time to get to a web page.

D:\Documents and Settings\Vlad\Start Menu\Programs\Startup\ChkDisk.lnk (Trojan.FakeAlert) -> Quarantined and deleted successfully. ouchh, May 1, 2009 #1 This thread has been Locked and is not open to further replies. scan completed successfullyhidden files: 0**************************************************************************.--------------------- DLLs Loaded Under Running Processes ---------------------- - - - - - - > 'explorer.exe'(1896)c:\windows\system32\WPDShServiceObj.dllc:\windows\system32\PortableDeviceTypes.dllc:\windows\system32\PortableDeviceApi.dll.------------------------ Other Running Processes ------------------------.c:\program files\SanDisk\Sansa Updater\SansaSvr.exec:\windows\system32\wscntfy.exe.**************************************************************************.Completion time: 2009-05-01 16:52 - machine was it said it could not delete 4 files (with names that ive seen before(virus related)) Back to top #13 Melonbutt Melonbutt Topic Starter Members 62 posts OFFLINE Local time:01:00 AM

Include the contents of this report in your next reply. Double-click mb3-setup-1878.1878- and follow the prompts to install the program. Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy Javascript is Thanks for the quick reply.

Using the site is easy and fun. http://songstersoftware.com/general/trojandownloader-agent.html With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. Back to top #6 jedi jedi aequam memento rebus in arduis servare mentem Retired Staff 15,830 posts Posted 04 May 2009 - 02:45 PM Hi again,OK, let's check for leftovers:Please do That will erase all restore points.

help? Indeed, Google Chrome is sharing Internet Properties settings (inetcpl.cpl, a Control Panel item that appears as Internet Options) with Internet Explorer.I.e. Pay close attention while installing and UNcheck offers of toolbars....especially Google. this content Back to top #7 Cran Cran Member Full Member 21 posts Posted 04 May 2009 - 08:14 PM Here you go -- looks like it found malware mostly (only?) in backups

Sign in to follow this Followers 1 Go To Topic Listing Resolved Malware Removal Logs Recently Browsing 0 members No registered users viewing this page. Check "Turn off System Restore" and reboot. for now), but I'm concerned about the 04 and the 020 in the HJT log and would appreciate some help in removing this infection for good.

Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? D:\WINDOWS\system32\sopiveri.dll (Trojan.Vundo.H) -> Delete on reboot. I also ran the latest version of Vundofix, but it found nothing.)Here was my initial HijackThis log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:22:47 PM, on 4/30/2009Platform: Windows XP SP3 D:\WINDOWS\system32\ak1.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.

Your cache administrator is webmaster. I changed my banking passwords as you said (will change the saved ones asap as well), and I ran ComboFix. Submit a sample to our Labs for analysis Submit Sample Give And Get Advice Give advice. have a peek at these guys Shut down your protection software now to avoid potential conflicts.

Consult your network administrator or Internet provider for assistance.How do I check to see if the trojan messed with my Internet settings? File System Changes Creates these files: %windir%\system32\CbEvtSvc.exe Process Changes Creates these processes: %windir%\system32\CbEvtSvc.exe Registry Modifications Sets these values: HKLM\System\CurrentControlSet\Services\CbEvtSvc Type = 00000010 Start = 00000002 ErrorControl = 00000001 ImagePath = %SystemRoot%\System32\CbEvtSvc.exe But this one I can't find any information on anywhere. Yes, my password is: Forgot your password?