Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.
1 - 2 of 2 Posts

·
Registered
Joined
·
2 Posts
Discussion Starter · #1 ·
I picked up an annoying little bugger of a Trojan about two weeks ago. m-bammed it but it was still hanging on. The worst of it was gone though and my computer wasnt crashing anymore so I decided to wait it out until I had the time to sit down and do any serious diagnostics. The only remnants of this trojan were that firefox would randomly open up a new tab to some attack site, google links would be redirected etc etc. Pretty common stuff. Windows host processes would also stop working within 10 minutes of my computer being booted up. Sometime this week though, I managed to pick up another trojan. Or the same one came back from the grave. I was at first unable to boot into safe mode, the IE "Deleting browsing history" window would come up randomly and delete the browsing history. Weird. I killed that one as well for the most part with AVG and M-bam. ALthough, now with all the previous symptoms listed I have a few new ones. I get an error saying "Error loading C:\users\NAME~1\AppData\Local\Temp\Rpcqt.dll is not a valid Win32 application. AVG is also reporting M-bam as a trojan now...Attached is my most recent M-bam log.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975

22/12/2010 9:12:51 PM
mbam-log-2010-12-22 (21-12-51).txt

Scan type: Quick scan
Objects scanned: 132675
Time elapsed: 7 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Users\Howard Saphers\AppData\Local\Temp\spscom.exe (Trojan.Agent) -> No action taken.
 

·
Registered
Joined
·
2 Posts
Discussion Starter · #2 ·
Ok...out of no where new trojan. Or so it seems. Fake AV, windows defender or some such thing. Cant start m-bam, cant start task manager, safe mode boots into a blank black screen with windows build number. I am able to open up tskmngr in safe mode, but cannot browse under new task to start m-bam. Anything I can do now without just bringing it to a shop?
 
1 - 2 of 2 Posts
Status
Not open for further replies.
Top