Jump to content

Malwarebytes

Will not remove on Reboot

- - - - -
Started by Data, Oct 28 2009 09:29 AM

1 reply to this topic

#1
Data
Posted 28 October 2009 - 09:29 AM

    New Member

  • Members
  • Pip
  • 13 posts
Need help removing false security alert-
Here is the list of things that have transpired:
Malware had disabled my internet connection, anit-virus software, and Malwarebytes software.
I continue to receive a false "Windows Security Center" pop-up.
The computer will boot in safe mode but only in the "Restore" mode.
I managed to reload Malwarebytes from my laptop- (had to rename the .exe file)-
Malwarebytes finds 5 to 8 issues and indicates that they will be removed on reboot- (Does not happen)-

Here is the following log file:

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3

10/27/2009 5:48:26 PM
mbam-log-2009-10-27 (17-48-26).txt

Scan type: Quick Scan
Objects scanned: 99373
Time elapsed: 4 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\WINID (Malware.Trace) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Computer User\Local Settings\Temp\nsrbgxod.bak (Trojan.Agent) -> Delete on reboot.


Thank you for any help that can be given-
Robert-

#2
Data
Posted 30 October 2009 - 08:46 PM

    New Member

  • Members
  • Pip
  • 13 posts
I would like to thank all of those who posted here for their time and energy-
The problem has been solved and this topic can now be closed-
Back to Resolved HijackThis Logs · Next Unread Topic →


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Malwarebytes Forum
  2. Computer Help
  3. Malware Removal - HijackThis Logs
  4. Resolved HijackThis Logs

Products

About

Partners

Follow Us