Jump to content

Build Theme!
  • Infected?


Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92816 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Unknown infection. Music

  • This topic is locked This topic is locked
1 reply to this topic

#1 Cazgas


    New Member

  • New Member
  • Pip
  • 1 posts

Posted 29 September 2009 - 12:56 AM

Hi Have carried out ATF Scan and malwarebytes scan as requested. This is the report: Malwarebytes' Anti-Malware 1.41 Database version: 2870 Windows 5.1.2600 Service Pack 3 29/09/2009 07:45:21 mbam-log-2009-09-29 (07-45-21).txt Scan type: Quick Scan Objects scanned: 91888 Time elapsed: 3 minute(s), 47 second(s) Memory Processes Infected: 0 Memory Modules Infected: 1 Registry Keys Infected: 9 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: C:\WINDOWS\system32\xwr68703.dll (Trojan.BHO) -> Delete on reboot. Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3fe8340-085c-30d4-a336-080349cd0681} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c3fe8340-085c-30d4-a336-080349cd0681} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{2e014f7a-a3a8-3723-b8be-25751e965dd0} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{32816814-a512-3fd0-b25f-0d55ed5a7012} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\{c3fe8340-085c-30d4-a336-080349cd0681} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c3fe8340-085c-30d4-a336-080349cd0681} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\D (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\D.1 (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe (Security.Hijack) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\xwr68703.dll (Trojan.Vundo.H) -> Delete on reboot. Any help appreciated. Caz


Register to Remove

#2 Noviciate


    Retired WTT Teacher

  • Visiting Fellow
  • PipPipPipPipPip
  • 2,907 posts

Posted 01 October 2009 - 02:22 PM

Take a read through this and then start a fresh thread in this forum and post accordingly. Please don't forget to include a brief description of your problem, and somebody will be along as soon as.
Helpers look for posts with zero replies which is why you need to start afresh and why i'll lock this one.
Death to the salad eaters!

Related Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users