Jump to content

mrbunrs

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. i am experiencing the same problem as another member posted earlier. i've run malware and updated, and rerun malware but each time the log shows the Rootkit.Ads is still there; even after it has been quarantined and highlighted and removed. Help please. Malwarebytes' Anti-Malware 1.31 Database version: 1497 Windows 5.1.2600 Service Pack 2 13/12/2008 5:22:44 PM mbam-log-2008-12-13 (17-22-44).txt Scan type: Quick Scan Objects scanned: 55249 Time elapsed: 7 minute(s), 28 second(s) Memory Processes Infected: 0 Memory Modules Infected: 1 Registry Keys Infected: 11 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 13 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: C:\WINDOWS\system32\dkauhf.dll (Trojan.FakeAlert) -> Delete on reboot. Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dkauhf (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ati3wbxx (Rootkit.Agent) -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ati3wbxx (Rootkit.Agent) -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ati3wbxx (Rootkit.Agent) -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\restore (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fci (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fci (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\fci (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\icf (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\icf (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\icf (Rootkit.ADS) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\dkauhf.dll (Trojan.FakeAlert) -> Delete on reboot. C:\WINDOWS\system32\dkauhf32.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\ati3wbxx.sys (Rootkit.Agent) -> Delete on reboot. C:\WINDOWS\Temp\BN1EF.tmp (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN1F1.tmp (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN1F3.tmp (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN1F7.tmp (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN2.tmp (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN4.tmp (Rootkit.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\HIH6HAON\mss32[1].exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QAAMOU3C\mss32[1].exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QAAMOU3C\mss32[2].exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\svchost.exe:ext.exe (Rootkit.ADS) -> Quarantined and deleted successfully.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.