system
April 29, 2011, 10:18pm
1
Hello,
In the last little bit, my computer has been “rebooting” over night. I tried to run “whocrashed” thinking it was a problem from the past with my video card driver causing the computer to crash and then reboot, but nothing was logged.
Another odd thing that’s been happening is I get this error that comes up, from trying to run “dropper.exe” and that it’s missing a DLL. So it seems like it might be a virus but it just doesn’t have the dll to run it…? I’m not sure, running avast doesn’t seem to come up with anything, even a boot scan.
Pondus
April 29, 2011, 10:32pm
2
Check for malware with this
Malwarebytes Anti-Malware 1.50.1 http://filehippo.com/download_malwarebytes_anti_malware/
always update so you have the latest signatures before you scan
click on the remove selected button to quarantine anything found
post the scan log here
system
April 30, 2011, 2:46am
3
Thanks a bunch! It seems to have found it. I’ll give it a shot to remove it and hope all works out.
This is the log:
Malwarebytes’ Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6476
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
29/04/2011 10:45:26 PM
mbam-log-2011-04-29 (22-45-19).txt
Scan type: Quick scan
Objects scanned: 167639
Time elapsed: 4 minute(s), 9 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\services64.exe (Trojan.MSIL.Gen) → Value: services64.exe → No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vnet (Trojan.Agent) → Value: vnet → No action taken.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\Davor\AppData\Local\Temp\services64.exe (Trojan.MSIL.Gen) → No action taken.
c:\Users\Davor\AppData\Roaming\dropped.exe (Trojan.Agent) → No action taken.