Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Unknown infection. Music

Started by Cazgas , Sep 29 2009 12:56 AM

  • This topic is locked This topic is locked
1 reply to this topic

#1 Cazgas

Cazgas

    New Member

  • New Member
  • Pip
  • 1 posts

Posted 29 September 2009 - 12:56 AM

Hi Have carried out ATF Scan and malwarebytes scan as requested. This is the report: Malwarebytes' Anti-Malware 1.41 Database version: 2870 Windows 5.1.2600 Service Pack 3 29/09/2009 07:45:21 mbam-log-2009-09-29 (07-45-21).txt Scan type: Quick Scan Objects scanned: 91888 Time elapsed: 3 minute(s), 47 second(s) Memory Processes Infected: 0 Memory Modules Infected: 1 Registry Keys Infected: 9 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: C:\WINDOWS\system32\xwr68703.dll (Trojan.BHO) -> Delete on reboot. Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3fe8340-085c-30d4-a336-080349cd0681} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c3fe8340-085c-30d4-a336-080349cd0681} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{2e014f7a-a3a8-3723-b8be-25751e965dd0} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{32816814-a512-3fd0-b25f-0d55ed5a7012} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\{c3fe8340-085c-30d4-a336-080349cd0681} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c3fe8340-085c-30d4-a336-080349cd0681} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\D (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\D.1 (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe (Security.Hijack) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\xwr68703.dll (Trojan.Vundo.H) -> Delete on reboot. Any help appreciated. Caz

    Advertisements

Register to Remove

#2 Noviciate

Noviciate

    Retired WTT Teacher

  • Visiting Fellow
  • PipPipPipPipPip
  • 2,907 posts

Posted 01 October 2009 - 02:22 PM

Take a read through this and then start a fresh thread in this forum and post accordingly. Please don't forget to include a brief description of your problem, and somebody will be along as soon as.
Helpers look for posts with zero replies which is why you need to start afresh and why i'll lock this one.
Death to the salad eaters!

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·