Sign In
Create Account
So i have a trojan which norton 360 identifies as "trojan.metajuan" I followed the steps norton gives me for the remove and in the registry it asks me to delete two folders which I do not have, so I called them and there answer was come pay $99 and talk to our premium support staff. I declined and downloaded malwarebytes. It would not open with the mbam.exe, so I changed it to mabm.exe, it opens and finds the trojan and askes me to reboot. At which step do I change the name back to mbam.exe, because it doesn't remove the trojan after the restart?
0
Malwarebyets Won't Run Until I Change Name, problem changing name back
Started by scrace89, Aug 06 2009 01:04 PM
Back to top
#2
Posted 06 August 2009 - 01:09 PM
-
- Members
-
- 6 posts
New Member
here is the notepad log.
Malwarebytes' Anti-Malware 1.40
Database version: 2568
Windows 5.1.2600 Service Pack 2
8/6/2009 9:08:28 AM
mbam-log-2009-08-06 (09-08-28).txt
Scan type: Quick Scan
Objects scanned: 95592
Time elapsed: 2 minute(s), 59 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Delete on reboot.
Malwarebytes' Anti-Malware 1.40
Database version: 2568
Windows 5.1.2600 Service Pack 2
8/6/2009 9:08:28 AM
mbam-log-2009-08-06 (09-08-28).txt
Scan type: Quick Scan
Objects scanned: 95592
Time elapsed: 2 minute(s), 59 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Delete on reboot.
#3
Posted 06 August 2009 - 01:19 PM
-
- Members
-
- 6 posts
New Member
So after renaming the file from mabm.exe back to mbam.exe, after i select which sure to log onto this message comes up before the task bar and everything else will load.
#4
Posted 06 August 2009 - 02:59 PM
-
- Members
-
- 6 posts
New Member
so I was able to remove 1 of the 2. here is the log from the one that i cant remove.
Malwarebytes' Anti-Malware 1.40
Database version: 2568
Windows 5.1.2600 Service Pack 2
8/6/2009 10:56:05 AM
mbam-log-2009-08-06 (10-56-05).txt
Scan type: Full Scan (C:\|D:\|F:\|)
Objects scanned: 159359
Time elapsed: 21 minute(s), 0 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Delete on reboot.
Malwarebytes' Anti-Malware 1.40
Database version: 2568
Windows 5.1.2600 Service Pack 2
8/6/2009 10:56:05 AM
mbam-log-2009-08-06 (10-56-05).txt
Scan type: Full Scan (C:\|D:\|F:\|)
Objects scanned: 159359
Time elapsed: 21 minute(s), 0 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Delete on reboot.
#7
Posted 11 August 2009 - 06:19 PM
-
- Experts
-
- 546 posts
Elite Member
- Gender:Male
- Location:The TARDIS
Patience is a virtue, someone will be with you soon.
#8
Posted 21 August 2009 - 10:27 PM
-
- Members
-
- 3 posts
New Member
scrace89, on Aug 7 2009, 12:53 PM, said:
bump still no help?
were you ever able to fix your pc? after reading your posts, I'm pretty sure I have the same exact virus as you
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
