Jump to content

Recommended Posts

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 912012203

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

1/22/2012 7:00:44 PM

mbam-log-2012-01-22 (19-00-44).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|)

Objects scanned: 1062164

Time elapsed: 7 hour(s), 16 minute(s), 30 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 16

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 18

Files Infected: 72

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ComputerZ_x64 (Trojan.Agent) -> Not selected for removal.

HKEY_CLASSES_ROOT\AppID\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (Adware.Funshion) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (Adware.Funshion) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{3F5A62E2-51F2-11D3-A075-CC7364CAE42A} (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{91878E42-FC03-4785-B513-1F9E613D1027} (Adware.Funshion) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ASBarBroker.BDBroker.1 (Adware.Funshion) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ASBarBroker.BDBroker (Adware.Funshion) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{E8CFC029-8420-4EAE-ADEF-915BDC77E1DC} (Spyware.AdaEbook) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\步步学...从盘口中看主力意图..解析市场主力操盘手法 (MACD.CN图文精解1~9).MyNSHandler (Spyware.AdaEbook) -> Not selected for removal.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{DB38E21A-0133-419d-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\thunder (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Sohu R&D (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

c:\program files (x86)\funshion online (Adware.Funshion) -> Quarantined and deleted successfully.

c:\program files (x86)\funshion online\Funshion (Adware.Funshion) -> Quarantined and deleted successfully.

c:\program files (x86)\shoppingreport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

c:\program files (x86)\shoppingreport2\Bin (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

c:\program files (x86)\shoppingreport2\Bin\2.7.34 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\baiduflash (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\baiduflash\subflash (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\cacheflash (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\flash (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\flashNew (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\flashstamp (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\control (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\historytorrent (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\ini (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\Seed (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\update (Adware.Funshion) -> Quarantined and deleted successfully.

Files Infected:

c:\program files (x86)\LuDaShi\computerz_x64.sys (Trojan.Agent) -> Not selected for removal.

c:\program files (x86)\LuDaShi\computerz7.dll (Trojan.BHO) -> Not selected for removal.

c:\downloads\funshioninstall_c1024.exe (Adware.Funshion) -> Quarantined and deleted successfully.

c:\htmdoc\computer\dvd region killer v2.7.0.2.exe (Adware.CommonName) -> Quarantined and deleted successfully.

c:\htmdoc\novel\唐山警世录-七. 二八大地震漏报始末.exe (Spyware.AdaEbook) -> Not selected for removal.

c:\program files (x86)\dzh\internet\WHB.exe (Trojan.Backdoor) -> Not selected for removal.

c:\program files (x86)\LuDaShi\computerz.sys (Trojan.Agent) -> Not selected for removal.

c:\program files (x86)\LuDaShi\computerz0.dll (Trojan.Agent) -> Not selected for removal.

c:\program files (x86)\LuDaShi\computerz1.dll (Trojan.Agent) -> Not selected for removal.

c:\program files (x86)\LuDaShi\computerz2.dll (Trojan.Agent) -> Not selected for removal.

c:\program files (x86)\LuDaShi\computerz4.dll (Trojan.Agent) -> Not selected for removal.

c:\program files (x86)\LuDaShi\computerz4_x64.dll (Trojan.Agent) -> Not selected for removal.

c:\program files (x86)\LuDaShi\computerz5.dll (Trojan.Agent) -> Not selected for removal.

c:\program files (x86)\LuDaShi\computerzservice.exe (Trojan.Agent) -> Not selected for removal.

c:\program files (x86)\LuDaShi\computerz_driverdll.dll (Trojan.Agent) -> Not selected for removal.

c:\program files (x86)\LuDaShi\computerz_hardwaredll.dll (Trojan.Agent) -> Not selected for removal.

c:\program files (x86)\LuDaShi\computerz_powersavedll.dll (Trojan.Agent) -> Not selected for removal.

c:\program files (x86)\LuDaShi\display3d.exe (Trojan.Agent) -> Not selected for removal.

c:\program files (x86)\LuDaShi\powersavez.sys (Trojan.Agent) -> Not selected for removal.

c:\program files (x86)\LuDaShi\powersavez_x64.sys (Trojan.Agent) -> Not selected for removal.

c:\program files (x86)\LuDaShi\Update.exe (Trojan.Agent) -> Not selected for removal.

c:\program files (x86)\ProduKey\ProduKey.exe (PUP.PSWTool.ProductKey) -> Not selected for removal.

c:\Windows\System32\drivers\computerz.sys (Trojan.Agent) -> Not selected for removal.

c:\Windows\System32\drivers\computerz_x64.sys (Trojan.Agent) -> Not selected for removal.

c:\Windows\System32\drivers\powersavez.sys (Trojan.Agent) -> Not selected for removal.

c:\Windows\System32\drivers\powersavez_x64.sys (Trojan.Agent) -> Not selected for removal.

c:\Windows\SysWOW64\drivers\computerz.sys (Trojan.Agent) -> Not selected for removal.

c:\Windows\SysWOW64\drivers\computerz_x64.sys (Trojan.Agent) -> Not selected for removal.

c:\Windows\SysWOW64\drivers\powersavez.sys (Trojan.Agent) -> Not selected for removal.

c:\Windows\SysWOW64\drivers\powersavez_x64.sys (Trojan.Agent) -> Not selected for removal.

d:\e book\品三国\易中天品三国.exe (Spyware.AdaEbook) -> Not selected for removal.

d:\W21CODE\WINSTYLE\homenet\DICT\TEXT\muzhimei\muzimei-yiqingshu\muzimei-yiqingshu.exe (Spyware.AdaEbook) -> Not selected for removal.

e:\bakcdeharddrive\e book\品三国\易中天品三国.exe (Spyware.AdaEbook) -> Not selected for removal.

e:\bakcdeharddrive\W21CODE\WINSTYLE\homenet\DICT\TEXT\muzhimei\muzimei-yiqingshu\muzimei-yiqingshu.exe (Spyware.AdaEbook) -> Not selected for removal.

e:\htmdoc\Manual\pioneer dvd\dvd region killer v2.7.0.2.exe (Adware.CommonName) -> Not selected for removal.

c:\Users\Xuesheng\favorites\114网站导航www.114.com.cn.url (Trojan.StartPage) -> Quarantined and deleted successfully.

c:\program files (x86)\data_layer.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.

c:\program files (x86)\fsc_pack.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.

c:\program files (x86)\HSHOOK.DLL (Spyware.OnlineGames) -> Quarantined and deleted successfully.

c:\program files (x86)\sqlite3.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.

c:\program files (x86)\tzyj_commd.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.

c:\Windows\System32\funshion.ini (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Windows\SysWOW64\funshion.ini (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion.ini (Adware.Funshion) -> Quarantined and deleted successfully.

c:\program files (x86)\funshion online\Funshion\funshion.ini (Adware.Funshion) -> Quarantined and deleted successfully.

c:\program files (x86)\funshion online\Funshion\funshiongame2.ico (Adware.Funshion) -> Quarantined and deleted successfully.

c:\program files (x86)\funshion online\Funshion\funshionservice.diagnose (Adware.Funshion) -> Quarantined and deleted successfully.

c:\program files (x86)\funshion online\Funshion\Funshop2.ico (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\cacheflash\blankFs.swf (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\cacheflash\donghuanew_18.swf (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\flash\980ef71b_c41b_511c_2591_1c44d72c2cec.swf (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\flashNew\3a01a6f4_0455_7864_1bea_9b95b009cafc.swf (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\flashNew\41115a3d_d213_d708_a303_f17a1866ccd0.swf (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\flashNew\541703ac_caf7_3c9e_088a_b3e70f6fd9bb.swf (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\flashNew\5bdc158f_fe9a_e029_b921_bdb1a98acfc7.swf (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\flashNew\6b50fd00_d1d6_2a0b_3437_50bdacc42f39.swf (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\flashNew\7eb0061f_3b09_97ad_7285_e9c60f0ecd22.swf (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\flashNew\82bc9e42_70a3_375e_b0aa_53dcb8646517.swf (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\flashNew\9b944d2b_34c7_8145_4130_3e6219938d37.swf (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\flashNew\bc5e8f83_e9b2_58c7_9b0d_5bdc24731773.swf (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\flashNew\c05a8b26_7d11_5c69_a829_828b83aba460.swf (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\cache\flashNew\ccf0d0c6_b865_ea8b_af79_59d503c09ff3.swf (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\ini\httpfile.ini (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\ini\temp_config.ini (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\update\adlinkparamfile.fax (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\update\ad_define.fai (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\update\ad_define.fai.bak (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\update\ad_material.fax (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\update\flashparam.txt (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\update\flashparam.txt.bak (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\update\热门游戏.lnk (Adware.Funshion) -> Quarantined and deleted successfully.

c:\Users\Xuesheng\funshion\update\购物

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.