Jump to content

Build Theme!
  • Infected?


Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92780 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


My PC got infected with Koobface

  • This topic is locked This topic is locked
1 reply to this topic

#1 Ribica


    New Member

  • Authentic Member
  • Pip
  • 7 posts

Posted 19 September 2009 - 05:56 PM

Ok, a few days ago my PC got infected with Koombface. My Symantec anti-virus alerted me right away and I ran a scan. Here is the log: Date,Filename,Virus Name,Original Location,Status 16.9.2009 18:35:00,ld14.exe,Downloader,C:\WINDOWS\,Infected 16.9.2009 18:32:01,freddy64.exe,Downloader,C:\WINDOWS\,Infected 16.9.2009 18:16:56,fb.64[1].exe,Downloader,C:\Documents and Settings\Jelena\Local Settings\Temporary Internet Files\Content.IE5\Y2OM6ZU7\,Infected 16.9.2009 18:16:00,setup[2].exe,Downloader,C:\Documents and Settings\Jelena\Local Settings\Temporary Internet Files\Content.IE5\ALPIUSVZ\,Infected After that I ran Malwarebytes, just to be sure, so here's the log: Malwarebytes' Anti-Malware 1.41 Database version: 2791 Windows 5.1.2600 Service Pack 3 16.9.2009 20:54:37 mbam-log-2009-09-16 (20-54-37).txt Scan type: Full Scan (C:\|) Objects scanned: 136724 Time elapsed: 30 minute(s), 55 second(s) Memory Processes Infected: 1 Memory Modules Infected: 1 Registry Keys Infected: 0 Registry Values Infected: 3 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 4 Memory Processes Infected: C:\WINDOWS\vkl_1253116496.exe (Trojan.DNSChanger) -> Unloaded process successfully. Memory Modules Infected: C:\Program Files\captcha.dll (Spyware.OnlineGames) -> Delete on reboot. Registry Keys Infected: (No malicious items detected) Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\captcha7 (Spyware.OnlineGames) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysfbtray (Worm.KoobFace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysldtray (Backdoor.Bot) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Program Files\captcha.dll (Spyware.OnlineGames) -> Delete on reboot. C:\WINDOWS\vkl_1253116496.exe (Trojan.DNSChanger) -> Delete on reboot. C:\WINDOWS\010112010146116101.xe (KoobFace.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\0101120101465254.xe (KoobFace.Trace) -> Quarantined and deleted successfully. Only after I ran those scans, I bumped into this forum and I read that even after the fixes, Koobface is not completely removed. So I just wanted to make sure my PC is virus free. Right now my PC is acting normal. Could you please let me know if I should do something else about it. Thank you.


Register to Remove

#2 Noviciate


    Retired WTT Teacher

  • Visiting Fellow
  • PipPipPipPipPip
  • 2,907 posts

Posted 20 September 2009 - 02:22 PM

Take a read through this and then start a fresh thread in this forum and post accordingly. Please don't forget to include a brief description of your problem, and somebody will be along as soon as.
Helpers look for posts with zero replies which is why you need to start afresh and why i'll lock this one.
Death to the salad eaters!

Related Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users