In the past 24hrs my computer has went nuts. I took it to my place of work, hooked it up, and it started having issues showing both monitor displays and having the dreaded "stuck at windows" problem, sitting there forever before it would load windows. Now, after I have it back home, all hell has broken loose. Currently, I cannot download anything, as I get the error message
"C:\Windows\system32\config\systemprofile\AppData\Local\Temp could not be saved, because you cannot change the contents of that folder".
I cant download malwarebytes, combofix, nothing. I have barely been able to get my PC to load windows, and I have completed a system restore, but the point to which it has been restored is just as helpless. I would really appreciate it if someone could step in and take a look at this.
0
-
This topic is locked
3 replies to this topic
#2
-
- Members
-
- 3 posts
New Member
Posted 17 May 2012 - 12:50 PM
I was able to download by using internet explorer, would not let me save it anywhere but i chose "run" instead and it worked. Found 11 objects, here is the report.
Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.17.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Miles :: MILES-PC [administrator]
Protection: Enabled
5/17/2012 12:28:51 PM
mbam-log-2012-05-17 (12-50-08).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 372578
Time elapsed: 20 minute(s), 33 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows Host Process (Trojan.Agent) -> Data: C:\Users\Miles\AppData\Roaming\svchost.exe -> No action taken.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 10
C:\Qoobox\Quarantine\C\ProgramData\ilkwozlc.exe.vir (Trojan.Dropper) -> No action taken.
C:\Qoobox\Quarantine\C\Users\Miles\AppData\Roaming\vuxrpu.exe.vir (Trojan.BitMiner) -> No action taken.
C:\Qoobox\Quarantine\C\Users\Miles\AppData\Roaming\2 2\rundll32.exe.vir (Trojan.Inject) -> No action taken.
C:\Qoobox\Quarantine\C\Users\Miles\AppData\Roaming\2 2\svchost.exe.vir (Trojan.BCMiner.H) -> No action taken.
C:\Qoobox\Quarantine\C\Users\Miles\AppData\Roaming\2 2\svchost2.exe.vir (PUP.BitMiner) -> No action taken.
C:\Qoobox\Quarantine\C\Users\Miles\AppData\Roaming\2 3\rundll32.exe.vir (Trojan.Inject) -> No action taken.
C:\Qoobox\Quarantine\C\Users\Miles\AppData\Roaming\2 3\svchost.exe.vir (Trojan.BCMiner.H) -> No action taken.
C:\Qoobox\Quarantine\C\Users\Miles\AppData\Roaming\2 3\svchost2.exe.vir (PUP.BitMiner) -> No action taken.
C:\Users\Miles\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7809e850-7d952ff7 (Trojan.Dropper) -> No action taken.
C:\Users\Miles\Downloads\DownloadSetup (27).exe (Affiliate.Downloader) -> No action taken.
(end)
Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.17.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Miles :: MILES-PC [administrator]
Protection: Enabled
5/17/2012 12:28:51 PM
mbam-log-2012-05-17 (12-50-08).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 372578
Time elapsed: 20 minute(s), 33 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows Host Process (Trojan.Agent) -> Data: C:\Users\Miles\AppData\Roaming\svchost.exe -> No action taken.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 10
C:\Qoobox\Quarantine\C\ProgramData\ilkwozlc.exe.vir (Trojan.Dropper) -> No action taken.
C:\Qoobox\Quarantine\C\Users\Miles\AppData\Roaming\vuxrpu.exe.vir (Trojan.BitMiner) -> No action taken.
C:\Qoobox\Quarantine\C\Users\Miles\AppData\Roaming\2 2\rundll32.exe.vir (Trojan.Inject) -> No action taken.
C:\Qoobox\Quarantine\C\Users\Miles\AppData\Roaming\2 2\svchost.exe.vir (Trojan.BCMiner.H) -> No action taken.
C:\Qoobox\Quarantine\C\Users\Miles\AppData\Roaming\2 2\svchost2.exe.vir (PUP.BitMiner) -> No action taken.
C:\Qoobox\Quarantine\C\Users\Miles\AppData\Roaming\2 3\rundll32.exe.vir (Trojan.Inject) -> No action taken.
C:\Qoobox\Quarantine\C\Users\Miles\AppData\Roaming\2 3\svchost.exe.vir (Trojan.BCMiner.H) -> No action taken.
C:\Qoobox\Quarantine\C\Users\Miles\AppData\Roaming\2 3\svchost2.exe.vir (PUP.BitMiner) -> No action taken.
C:\Users\Miles\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7809e850-7d952ff7 (Trojan.Dropper) -> No action taken.
C:\Users\Miles\Downloads\DownloadSetup (27).exe (Affiliate.Downloader) -> No action taken.
(end)
#3
-
- Experts
-
- 17,017 posts
Forum Deity
- Gender:Male
- Location:Bulgaria, EU
Posted 17 May 2012 - 04:10 PM
Hello skylightmd! My name is Maniac and I will be glad to help you solve your malware problem.
Please note:
Don't use ComboFix without supervision. Read this article:
http://www.bleepingc...opic273628.html
Uninstall your ComboFix:
http://www.bleepingc...bofix#uninstall
Then follow the instructions here:
http://forums.malwar...?showtopic=9573
Finally, post both log files in your next reply.
Please note:
- If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
- I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
- Make sure you read all of the instructions and fixes thoroughly before continuing with them.
- Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
- Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
Don't use ComboFix without supervision. Read this article:
http://www.bleepingc...opic273628.html
Uninstall your ComboFix:
http://www.bleepingc...bofix#uninstall
Then follow the instructions here:
http://forums.malwar...?showtopic=9573
Finally, post both log files in your next reply.
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here 
#4
-
- Moderators
-
- 13,173 posts
Eradicator de logiciels malveillants
- Gender:Male
- Location:USA
- Interests:Security, Windows, Windows Update, malware prevention
Posted 31 May 2012 - 12:59 PM
Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.
Other members who need assistance please start your own topic in a new thread. Thanks!
Other members who need assistance please start your own topic in a new thread. Thanks!
~Maurice Naggar
I close my threads if there is 5 days without a response.
I close my threads if there is 5 days without a response.
2 user(s) are reading this topic
0 members, 2 guests, 0 anonymous users
