Jump to content

Existing user? Sign In
Sign In

Remember me Not recommended on shared computers

Forgot your password?
Staff Sign In
Sign Up

Home

EyeQ

Members

View Profile See their activity

Posts
1
Joined
July 4, 2011
Last visited
July 10, 2011

Content Type

All Activity

Events

Profiles

Forums

Topics
Posts

Everything posted by EyeQ

Please help.

EyeQ posted a topic in Resolved Malware Removal Logs

Here is the log from my mbam scan: Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Database version: 7016 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 7/4/2011 3:18:26 AM mbam-log-2011-07-04 (03-18-26).txt Scan type: Quick scan Objects scanned: 167000 Time elapsed: 3 minute(s), 0 second(s) Memory Processes Infected: 3 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 3 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 4 Memory Processes Infected: c:\Users\Nhat\AppData\Local\Temp\0.8828415472678759.exe (Spyware.Passwords.XGen) -> 6904 -> Unloaded process successfully. c:\Users\Nhat\AppData\Roaming\dwm.exe (Trojan.Backdoor.Gen) -> 7592 -> Unloaded process successfully. c:\Users\Nhat\AppData\Local\Temp\csrss.exe (Trojan.Backdoor.Gen) -> 7372 -> Unloaded process successfully. Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\conhost (Spyware.Passwords.XGen) -> Value: conhost -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Value: Load -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell.Gen) -> Value: Shell -> Quarantined and deleted successfully. Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Backdoor.Gen) -> Bad: (C:\Users\Nhat\AppData\Local\Temp\csrss.exe) Good: () -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: c:\Users\Nhat\AppData\Local\Temp\0.8828415472678759.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully. c:\Users\Nhat\AppData\Roaming\dwm.exe (Trojan.Backdoor.Gen) -> Quarantined and deleted successfully. c:\Users\Nhat\AppData\Local\Temp\csrss.exe (Trojan.Backdoor.Gen) -> Quarantined and deleted successfully. c:\Users\Nhat\AppData\Roaming\microsoft\conhost.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
- July 4, 2011
- 2 replies

×

×

Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

IPS spam blocked by CleanTalk.