Malaware detects infections repeatedly

Dell Inspiron laptop with intel pentium...
November 11, 2010 at 02:39:36
Specs: Windows XP
My system recently got infected with fake anti-malware virus. I was able to kill and remove with malaware bytes. Then it had me reboot the computer and then it seemed to be working fine until the wireless internet connection just dropped (even though in the system tray it says it is still connected to internet but when I open it there are no wireless networks detected). So I ran malaware bytes again and it found additional infections, which I removed and rebooted the computer and the cycle keeps repeating itself...

I have backed up all important files away...any help would be much appreciated

latest mbam log

Database version: 5054

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

11/11/2010 11:29:54 AM
mbam-log-2010-11-11 (11-29-54).txt

Scan type: Quick scan
Objects scanned: 146879
Time elapsed: 16 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 4
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 11

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\Documents and Settings\All Users\Application Data\Adobe\sp.DLL (TrojanProxy.Agent) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\sp (TrojanProxy.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\spservice (TrojanProxy.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{96afbe69-c3b0-4b00-8578-d933d2896ee2} (TrojanProxy.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\sp (TrojanProxy.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{96afbe69-c3b0-4b00-8578-d933d2896ee2} (TrojanProxy.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvc (TrojanProxy.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\All Users\Application Data\Adobe\sp.DLL (TrojanProxy.Agent) -> Delete on reboot.
C:\WINDOWS\Temp\0.09726501116373287.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\0.15262958655323267.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\0.28933108113869754.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\0.2412518645887487.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\0.2645339402620813.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\0.4447837965919269.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\0.4995824691663473.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\0.5042303375374403.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\0.7001699122741545.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\0.358036380757641.exe (Trojan.Dropper) -> Quarantined and deleted successfully.


thanks,


See More: Malaware detects infections repeatedly

Report •


#1
November 11, 2010 at 03:05:21
Sorry one more thing....

each time before the internet loses connection... I get an error Generic Host Processes for win32 crashed. I tried to run malware bytes right away and I get the blue screen of death something like driver ipthood.exe crashed.

thanks


Report •
Related Solutions


Ask Question