n19ndw
-
Posts
1 -
Joined
-
Last visited
This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.
Another Malware doctor Problem
in Resolved Malware Removal Logs
Posted
Hi
have logged on here as a last resort as I'm unable to get rid of Malware doctor like some of the other people on the forum. My PC became infected last week and I cant get rid - the best I cab do is about 30 minutes.
I have posted my reporMalwarebytes' Anti-Malware 1.28
Database version: 1137
Windows 5.1.2600 Service Pack 3
11/09/2008 23:07:47
mbam-log-2008-09-11 (23-07-47).txt
Scan type: Quick Scan
Objects scanned: 53317
Time elapsed: 5 minute(s), 41 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 3
Registry Keys Infected: 9
Registry Values Infected: 0
Registry Data Items Infected: 8
Folders Infected: 0
Files Infected: 11
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\WINDOWS\system32\brfecw.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\xvetir.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\ckfeym.dll (Trojan.Vundo) -> Delete on reboot.
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{27c0eecf-4448-4269-af7b-a297fdcc9b83} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5cc1669c-7b7b-41b1-83d8-fb3775a05d3b} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ddc24d70-0d6d-48c8-bbfb-a203910dd046} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\fqbewlna.bqms (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\fqbewlna.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId (Trojan.FakeAlert) -> Bad: (VIRUS ALERT!) Good: (76487-OEM-0011903-00100) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\International\sTimeFormat (Trojan.FakeAlert) -> Bad: (HH:mm: VIRUS ALERT!) Good: (HH:mm:ss) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\dnqfkutk.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ktukfqnd.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\brfecw.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\xvetir.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\ckfeym.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\esab.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\mqgldfvo.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fmhgrdxh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sugxxyye.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\x (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successful
any help would be appreciated
thanks