Other > Viruses and worms
Win32:Vuku [Trj]
Cat38:
Malwarebytes' Anti-Malware 1.36
Database version: 2103
Windows 5.1.2600 Service Pack 3
5/10/2009 9:15:03 AM
mbam-log-2009-05-10 (09-14-53).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 263533
Time elapsed: 3 hour(s), 56 minute(s), 5 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 9
Registry Values Infected: 5
Registry Data Items Infected: 0
Folders Infected: 21
Files Infected: 63
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7e5b1ac4-0f43-4818-a1fb-bad7e3dfc541} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7e5b1ac4-0f43-4818-a1fb-bad7e3dfc541} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{549b5ca7-4a86-11d7-a4df-000874180bb3} (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{549b5ca7-4a86-11d7-a4df-000874180bb3} (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm5f26fe4f (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\5c15cdd3 (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\litopahuno (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.BHO) -> No action taken.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\BraveSentry (Rogue.Brave.Sentry) -> No action taken.
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\24.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\SrchAstt\27.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWay (Adware.MyWay) -> No action taken.
C:\Program Files\MyWay\myBar (Adware.MyWay) -> No action taken.
C:\Program Files\MyWay\myBar\1.bin (Adware.MyWay) -> No action taken.
C:\WINDOWS\inet20026 (Trojan.Agent) -> No action taken.
C:\WINDOWS\inet20026\4 (Trojan.Agent) -> No action taken.
Cat38:
Files Infected:
C:\Program Files\MSN Messenger\riched20.dll (Adware.MyWeb.FunWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\24.bin\MWSOEMON.EXE (Adware.MyWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\24.bin\MWSOESTB.DLL (Adware.MyWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\F3RESTUB.DLL (Adware.MyWeb.FunWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\F3SCHMON.EXE (Adware.MyWeb.FunWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\M3HTML.DLL (Adware.MyWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\M3OUTLCN.DLL (Adware.MyWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\M3PLUGIN.DLL (Adware.MyWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\MWSBAR.DLL (Adware.MyWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\MWSOEMON.EXE (Adware.MyWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\MWSOEPLG.DLL (Adware.MyWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\MWSOESTB.DLL (Adware.MyWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\NPMYWEBS.DLL (Adware.MyWeb) -> No action taken.
C:\Program Files\MyWebSearch\SrchAstt\27.bin\MWSSRCAS.DLL (Adware.MyWeb) -> No action taken.
C:\Program Files\BraveSentry\BraveSentry.exe (Rogue.Brave.Sentry) -> No action taken.
C:\Program Files\BraveSentry\BraveSentry.lic (Rogue.Brave.Sentry) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\F3REPROX.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\F3SPACER.WMV (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\27.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\00009F6C (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\00011DC4 (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\00018C3D (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\00AC42D0.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\00AC43DA.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\00AC44D4.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\00AC459F.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\00CC72AF.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\00CC7464.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\00CC74F1.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\00CC758D.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\History\search (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings\prevcfg.htm (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings\settings.htm (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn.html (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> No action taken.
C:\WINDOWS\inet20026\1.txt (Trojan.Agent) -> No action taken.
C:\WINDOWS\inet20026\mm.pid (Trojan.Agent) -> No action taken.
C:\WINDOWS\inet20026\tmp.req (Trojan.Agent) -> No action taken.
C:\WINDOWS\b.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Owner\xrt_temp1.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\Unist1.htm (Malware.Trace) -> No action taken.
C:\WINDOWS\Uninst2.htm (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\darususi.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\sinebewa.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ritupeja.dll (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\LocalService\Desktop\Click to Find and Fix Errors.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\Default User\Local Settings\Temp\vx5.game (Heuristics.Malware) -> No action taken.
Is it safe to remove all the infected?
YoKenny:
Let MBAM remove them and it will move the infection into the Quarantine.
Schedule a boot scan then have some sleep and let the system do that while you sleep.
Cat38:
I don't know if I'll be getting any sleep today. It's morning and there's outside work to be done. *sigh*
More scanning to do!
YoKenny:
I live on the 10th floor in an appartment so no lawn to cut and leaves to rake and I have had my second cup of coffee so now I need to think about what to make for breakfast or maybe I'll just wait until noon and I'll have a beer while making Brunch.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version