| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 105409 | 2009-12-01 02:20:00 | Computer acting funny | bpc575 (9791) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 835476 | 2009-12-03 23:35:00 | This is the log it saved if this helps you because its basically jibberish to me.. Malwarebytes' Anti-Malware 1.41 Database version: 3264 Windows 5.1.2600 Service Pack 3 (Safe Mode) 12/3/2009 4:25:01 PM mbam-log-2009-12-03 (16-25-01).txt Scan type: Full Scan (C:\|F:\|G:\|) Objects scanned: 276012 Time elapsed: 46 minute(s), 24 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 4 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 8 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\i cf (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\icf (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\f ci (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\fci (Rootkit.ADS) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Documents and Settings\brandon\Local Settings\Temporary Internet Files\Content.IE5\6ZUIWW57\n4551[1].exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\brandon\Local Settings\Temporary Internet Files\Content.IE5\IHQJTQXK\d138e56c84b07fbc52df356 e3809368a[1].exe (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Documents and Settings\brandon\Local Settings\Temporary Internet Files\Content.IE5\IHQJTQXK\m3223[1].exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP426\A0024974.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\bridhkwe.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\str.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\svchost.exe:exe.exe (Rootkit.ADS) -> Quarantined and deleted successfully. C:\WINDOWS\system32\svchost.exe:ext.exe (Rootkit.ADS) -> Quarantined and deleted successfully. |
bpc575 (9791) | ||
| 1 2 | |||||