Tech Support Forum banner
Status
Not open for further replies.
1 - 2 of 2 Posts

·
Registered
Joined
·
4 Posts
Discussion Starter · #1 ·
I'm having the same computer difficulties for my firewall/ security centre it is off and I cannot turn it bak on. I use Malwarebytes Anti-Malware and i scanned it in safe mode heres the log. I use Windows vista home premium service pack 1

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org
Database version: v2012.01.09.03
Windows Vista Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.19088
Janelle :: PC2 [administrator]
9/01/2012 5:01:20 PM
mbam-log-2012-01-09 (17-01-20).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 199572
Time elapsed: 7 minute(s), 21 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smad (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Values Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|{6DDC387E-DEAD-25F8-D0F5-037D9AC24602} (Trojan.Ransom.BP) -> Data: C:\Users\Janelle\AppData\Roaming\Buuw\suemoh.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Smad (Trojan.Agent) -> Data: "C:\Users\Janelle\AppData\Local\SanctionedMedia\Smad\Smad.exe" -> Quarantined and deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Privacy Protection (Rogue.PrvacyProtect) -> Data: C:\Users\Janelle\AppData\Roaming\privacy.exe -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 12
C:\Users\Janelle\AppData\Roaming\Buuw\suemoh.exe (Trojan.Ransom.BP) -> Quarantined and deleted successfully.
C:\Users\Janelle\AppData\Local\SanctionedMedia\Smad\Smad.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\5RS86Qw.com (Trojan.Krypt) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\5RS86Qw.com (Trojan.Krypt) -> Quarantined and deleted successfully.
C:\Windows\Temp\mercoaxwsn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\nmxarscwoe.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\xcsnraoemw.exe (Spyware.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\xnacmowesr.exe (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Temp\vhhbnk\setup.exe (Trojan.Krypt) -> Quarantined and deleted successfully.
C:\Users\Janelle\Local Settings\kcd.exe (Spyware.Agent) -> Quarantined and deleted successfully.
C:\Users\Janelle\Local Settings\Application Data\kcd.exe (Spyware.Agent) -> Quarantined and deleted successfully.
C:\Users\Janelle\Local Settings\Application Data\SanctionedMedia\Smad\Smad.exe (Trojan.Agent) -> Quarantined and deleted successfully.
(end)

I restarted the computer when the anit virus asked me to but my security centre is still off and can't turn it bak on. The Anti virus shows tat my registry is affected but I'm not sure if i should touch the registry in case it ruins my comuter
 

·
Registered
Joined
·
14,581 Posts
Hi and welcome to TSF

Since have posted in our Virus/Trojan/Spyware Help forum, I will close this post now.

Yes, leave the registry alone.

BG
 
1 - 2 of 2 Posts
Status
Not open for further replies.
Top